Opinions
7 key data points on the cybersecurity skills shortage
The global cybersecurity skills shortage is as bad as it has ever been, and most organizations are feeling the pinch, new research finds. But cybersecurity professionals have many recommendations for addressing this situation.
Data sovereignty laws place new burdens on CISOs
More than 100 countries now require data on their citizens be stored or processed within their boundaries, presenting new data protection challenges.
Recent shadow IT related incidents present lessons to CISOs
Employee use of unauthorized applications and services have resulted in high-profile data losses and exposure. CISOs need to understand why shadow IT exists before they can address it.
![Tech Spotlight > Cloud [CSO] > Conceptual image of laptop users with cloud security overlay.](https://images.idgesg.net/images/article/2021/06/spot_cloud_3x2_03_cso_laptop_users_with_ccloud_security_overlay__by_metamorworks_gettyimages-1132912672_b-100891925-small.3x2.jpg?auto=webp&quality=85,70)
CISOs: Do you know what's in your company’s products?
CISOs need to take a more direct role in the operations side of the business to help build security in by design.
4 things you should know about cybersecurity pros
ESG/ISSA research report reveals that a strong cybersecurity culture really matters.
GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations
The US agency highlight four areas where cybersecurity gaps in federal agencies threaten national security. Cites OMB for not helping CIOs get available funds.
CISA: China successfully targeted US oil and natural gas infrastructure
CISA alert details past network compromises and exposes a lack of preparedness among ICS companies.
Move over XDR, it's time for security observability, prioritization, and validation (SOPV)
Independent tools and data repositories are coming together for better threat management, impacting organizations, security professionals, and the industry. We need to take the same approach to security hygiene and posture management....
US and UK issue rare joint guidance in response to Russian GRU brute force campaign
CISOs should leverage this guidance to help get the resources they need to make these and other cyberattacks too costly for nation-state threat actors and criminals.
What is the dark web? How to access it and what you'll find
The dark web is part of the internet that isn't visible to search engines and requires the use of an anonymizing browser called Tor to be accessed.
IT asset disposal is a security risk CISOs need to take seriously
Sensitive company and personal data often leaves organizations on disposed devices. An auditable chain of custody that shows data destruction is essential for any ITAD program.
Security firm COO indicted for allegedly aiding hospital's attackers: What CSOs should know
A grand jury has indicted Securolytics COO Vikas Singla for allegedly helping attackers access Gwinnett Medical Center's phone system and printers. This breach of trust presents a dilemma for CISOs.
GAO calls out US government agencies: Get your supply chain security act together
The US Government Accounting Office tells Congress that federal agencies have largely ignored its supply chain risk management guidance for nearly ten years.
Colonial Pipeline take-away for CISOs: Embrace the mandates
The DarkSide attack on Colonial is yet another wake-up call for companies to harden their systems against ransomware. History suggests that might not happen despite new government guidance.
Defining linchpins: An industry perspective on remediating Sunburst
The concept of linchpin software can be useful in assessing risk and focusing security efforts, but it comes with challenges.
5 things CISOs want to hear about SASE at the RSA Conference
Organizations are planning for secure access service edge (SASE) but have questions on how to get from their current state to converged, cloud-delivered networking and security. They’ll be looking for answers at RSA.
Microsoft Azure Blob leak a lesson to CISOs about cloud security responsibility
Microsoft's apparent misconfiguration of its own cloud bucket exposed third-party intellectual property. Here are the takeaways for CISOs.
5 things CISOs want to hear about zero trust at the RSA Conference
Security executives are interested in how ZT vendors will integrate with existing technologies, supplement ongoing projects, and support business processes.
To better defend digital assets, follow physical security's playbook
It’s high time that the owners and managers of corporate networks take the same approach and sense of urgency to protecting corporate digital assets that their physical security counterparts have taken with building security.
8 things CISOs want to hear from XDR vendors
Beyond industry rhetoric, vendors must use their time at the RSA Conference to provide clarity around what XDR is, where it fits, and how it complements existing security technologies.
-
White Paper
-
White Paper
-
Video/Webcast
Sponsored -
Video/Webcast
Sponsored -
White Paper
Most Popular
BrandPosts
Learn more-
Sponsored by Sophos
-
Sponsored by Cisco
-
Sponsored by Fortinet