CISO News, Articles and Updates

InfoSec problems? Listen to your CISO, put more emphasis on recovery

For those businesses that want to reduce the brand risk of cyber-attack, Marc Lueck says more emphasis on recovery is the easiest place to start. It will also go a long way to future proofing organisations against upcoming threats.

Risk management to strategic resilience: The evolution of cyber-security

CISOs do indeed need to articulate cyber risk to the board in a business context, but equally, the board need to get a better grasp of cyber and prioritise criticality of security integrity vs continuity of service vs profitability.

CISO salaries may soon hit £1 million - but few qualified for top roles

New research has shown the staggering needs and rewards for qualified CISOs, reflected in their ever spiralling salaries....

Some of my best CISOs are women: Interview Tammy Moskites, Venafi

Many leading CISOs, with really interesting expertise and advice to offer, just happen to be women, yet a lack of role models is one factor often cited as contributing to the under-representation of women in this industry. So on International Women's day the CISO we happen to be interviewing is Tammy Moskites, CIO and CISO at Venafi, appointed as a Distinguished Fellow by the Ponemon Institute in 2014 and former CISO for Time Warner Cable and The Home Depot, as she shares her views on the changing role of the CISO and the industry.

SC 2017 salary survey: analyst, pen tester, bank CISO, £25k to £500k

SC has interviewed some of the leading recruitment firms in the sector for its IT security salary survey which sheds light on the state of play in terms of hiring and remuneration. Read on to see if you are getting your dues.

Analysis: CISOs are showing up to a knife fight with a chessboard

A new paper from Trend Micro has shown that outdated technologies are still being used in security-critical areas. Is this a step back for security in the places that its need most?

SC Roundtable: The Threat Landscape

A host of security professionals joined SC yesterday for a frank discussion on the looming threat landscape

Swift details measures to increase security of global banking payments network

Swift is rolling out a series of new security measures to prevent another Bangladesh bank heist

Black Hat Las Vegas: MasterCard workers go "phishing" for malware

At Black Hat, MasterCard CSO Ron Green touted his company's latest effort to fight malware.

US government CIOs repeatedly covered up breaches

A US Congress committee has condemned the Federal Deposit Insurance Corporation for covering up a number of breaches

Business urged to take the offensive against cyber-crime

Ruthless organised crime is targeting business and its operations need to be disrupted, not just defended against, says a new research report from BT/KPMG which reports that 97 percent of companies have been hit.

The changing role of the CISO

Demand is high, supply is low and requirements are changing. Tony Morbin asks - so where are we now with the role of the CISO?

Over ¼ UK CIOs 'not concerned' about breaches

A report by the relaunched Carbon Black has shown that 28 percent of UK CIOs are unconcerned with being breached.

Does the UK need a chief information security officer?

While most of the media understandably covers the search for a new President of the United States, we couldn't help but notice another job going begging at the White House: CISO. Which got us to thinking...

CISO salaries and demand for cyber-skills skyrockets, surprising no-one

Two new reports from recruitment company BeecherMadden have shown demand for cyber-skills to be rising massively with few able to meet that demand while CISO salaries are also going up.

Last Word: A CISO checklist

Understanding how a breach impacts your business is crucial to deciding how to respond explains Andrew Nanson, CTO cyber at CORVID

How to prepare for the inevitable: SC Roundtable sponsored by FireEye Mandiant

No one wants to plan for a breach, but its what you ought to do if you want to minimise the costs, data losses and reputational damage when the inevitable happens, hence the avid pre-planning at last week's SC roundtable.

Translating cyber-threats into business risks to tackle threats effectively

By learning to translate their concerns into the language of business risk, cyber-security professionals will find that their messages are heard - and heeded - more readily, says Piers Wilson.

Cloud security for the 'everywhere enterprise'

As mobility introduces changes in workplace dynamics, Charles Milton looks at how to shift power in favour of the CISO while securing the borderless enterprise.

With our data under threat, it's time to set security in for the long-term

Responsibility for securing data is now increasingly shifting towards the board leading to a change in role for the IT department, says Terry Greer-King.

Your IT security team is flying blind on malware. Here's why

A new report from The Ponemon Institute reveals that security staff spend a significant portion of their time chasing up 'false positive' malware alerts, with faulty cyber-intelligence to blame.

Supply chain and breach response troubles haunt UK CISOs

UK Chief Information Security Officers (CISOs) are winning some battles and losing others when it comes to improving their firm's information security practices, according to a new report.

IT enablers: How CIOs can make the move from gatekeepers

Cloud computing is no longer in the sole charge of the IT team as organisations vie to take advantage of new cloud services, says Ian Finlay.

ICYMI: Tea-loving hackers, Venom flaw and overworked CISOs

This week's ICYMI column looks at a tea shop data breach, analysis on the Venom flaw and concerns over 'burnt-out' security professionals.

'Burnt-out' security pros hide breaches, demand bigger budgets

A new report into the ethics of security professionals reveals some eye-opening findings on hidden data breaches, and how incidents are being used to push for bigger budgets.

Ignore cyber fears and get the basics right, say infosec experts

For all the talk of cyber-warfare and black-hat hackers, most information security experts still get the basics wrong, said speakers at today's 44CON conference in London.

ICYMI: Facebook hijack, Rowhammer bug and Star Trek CISOs

This week's ICYMI column looks at the top five stories on SC this week, including a Facebook log-in hijacking tool, the Rowhammer flaw and the future of the CISO.

The future CISO: The next Captain Kirk?

Future Chief Information Security Officers (CISOs) will be multi-skilled business-enablers, the 21st century equivalent of Captain Kirk from Stark Trek.

Hundreds attend SC Congress in London

Around 400 cyber-security professionals, including more than 300 delegates as well as speakers, sponsors and press, packed out the SC Congress conference in London on Tuesday to see more than a dozen industry experts raise issues including the future of the CISO, APT and Internet of Things attacks.