CISO Archives - Cyber Security Minute

Top 5 Mistakes Businesses Make When Implementing Zero Trust

Issued by: Dark Reading

As organizations continue to fortify their cybersecurity strategies in response to an ever-evolving threat landscape, many are turning to Zero Trust architectures to safeguard their data. However, implementing Zero Trust is not without its challenges. According to a new strategy guide from the SANS Institute, “Navigating the Path to a State of Zero Trust in…

Software Security

CISOs Grapple With IBM's Unexpected Cybersecurity Software Exit

Issued by: Dark Reading

IBM’s surprise departure from cybersecurity software this week didn’t just rearrange the competitive landscape — it also reshuffled the procurement plans and vendor relationships for many CISOs rebuilding their SOCs. IBM has agreed to sell the QRadar SaaS portfolio to Palo Alto Networks for an undisclosed sum. After years of development, IBM started rolling out…

Network Security

How ‘Radical Transparency’ Can Bolster Cybersecurity

Issued by: DataBreach Today

The concept of “responsible radical transparency” plays a critical role in efforts to improve the state of cybersecurity, said Suzanne Spaulding, former undersecretary, Department of Homeland Security, and Jim Richberg, head of global policy and field CISO as security firm Fortinet. “The shelf life of secrets is vanishingly short,” Spaulding said. “There are tremendous costs…

Network Security

Making Cyber Insurance Available for Small Biz, Contractors

Issued by: Dark Reading

The soaring costs of recovering from a security incident or data breach is driving interest in cyber insurance. While cyber insurance is typically viewed as a product mainly for large organizations seeking coverage and protection against state-sponsored attackers, criminals, and politically motivated hackers, it is also valuable to small and midsized companies and independent contractors….

Malware & Threats

SEC Charges SolarWinds and Its CISO With Fraud and Cybersecurity Failures

Issued by: SecurityWeek

The charges stem from alleged fraud and internal control failures related to known cybersecurity weaknesses that took place between the company’s October 2018 initial public offering (IPO) and its December 2020 revelation of a sophisticated cyberattack dubbed “SUNBURST.” The software supply chain cyberattack involved Russia-linked threat actors breaching SolarWinds systems in 2019, or possibly even…

Network Security

How to Get Your Board on Board With Cybersecurity

Issued by: Dark Reading

Nearly three-quarters (73%) of cybersecurity industry leaders have experienced burnout in the last 12 months — and who can blame them? The shift to remote and hybrid work models has increased organizations’ reliance on cloud services, limiting security teams’ visibility into employee network and endpoint environments. But reduced visibility places company data at greater risk…

Network Security

Rail Cybersecurity Is a Complex Environment

Issued by: Dark Reading

Rail remains one of the most popular modes of transportation. In a typical year, US freight railroads move around 1.6 billion tons across nearly 140,000 miles of track. US citizens traveled more than 12.5 billion kilometers by rail in 2021. Thousands of railways — from national and regional networks to intra-city light rails — have…

News

Why Haven’t Ransomware Groups Assisted Russia’s Invasion?

Issued by: DataBreach Today

When Russia launched its all-out war against Ukraine in February 2022, many cybersecurity watchers feared ransomware groups would serve as a proxy force. But Moscow doesn’t appear to have deputized cybercrime-driven crypto-locking malware brigades. So said participants in a panel held Friday by the Institute for Security and Technology on the ransomware implications of the…

News

How CISOs Can Craft Better Narratives for the Board

Issued by: Dark Reading

For at least a decade now, career-minded security leaders have well understood the importance of effective communication with the board and CEO. CISOs know they must gain the buy-in of these decision makers to successfully instill a security-minded culture at their organization — not to mention to greenlight enough funds for an effective cybersecurity budget….

Software Security

Tackling Software Supply Chain Issues With CNAPP

Issued by: Dark Reading

As more organizations shift to cloud-native application development to support new business features and digital transformation initiatives, software supply chain issues have become more visible. Because cloud-native development relies so heavily on open source software, organizations have to start thinking about the components that go into these applications. To build these cloud-native applications, developers have…