CISO News, Articles and Updates

InfoSec 2018: Rethinking security teams to address the skills shortage

A panel of CISOs came together at InfoSec 2018 to discuss the role of the CISO in trying to make companies safer and more secure.

Magnus Carling: Stena AB Interview:

Magnus Carling, the Chief Information Security Officer (CISO) of Stena AB, spoke with SC's Grace Johansson about cyber-security threats and the Scandinavian shipping line Stena.

The cyber-accountable Chief Information Officer (CIO) - a strategic role

Historically, IT Directors & CIOs were focused on operational activities: keeping the lights on, keeping risk low, keeping systems running. Today we are seeing a necessary transition of the role, from functional CIO to strategic CIO.

Lazy hackers employ gruntbots to quickly breach network defences

Researchers at Cybereason have been analysing a complex network honeypot operation, and the results should make every CISO pause for thought.

Security shortage forces CISOs to increase reliance on machine learning

With enterprises struggling with a massive shortage of experienced cyber-security professionals, today's CISOs are placing more faith in machine learning which they believe will be important to their IT security functions.

Cyber security is an enabler of innovation

Ojas Rege argues that CISOs and CEOs who broaden their cyber-security messages beyond the need for defence can create organisations that embrace innovation and drive performance.

Skygofree one of the most advanced mobile implants ever says Kaspersky

Described by its discoverers Kaspersky Lab as one of the most advanced mobile implants ever, an implant has been found that has been active since 2014 and is designed for targeted cyber-surveillance.

Why 2018 could be the year cyber-security finally comes of age

Change is afoot in the cyber-security industry - from the shift in reporting styles and measures of success, to the evolving role and responsibilities of the CISO. Here's how this development could transpire in the year ahead.

InfoSec problems? Listen to your CISO, put more emphasis on recovery

For those businesses that want to reduce the brand risk of cyber-attack, Marc Lueck says more emphasis on recovery is the easiest place to start. It will also go a long way to future proofing organisations against upcoming threats.

Risk management to strategic resilience: The evolution of cyber-security

CISOs do indeed need to articulate cyber risk to the board in a business context, but equally, the board need to get a better grasp of cyber and prioritise criticality of security integrity vs continuity of service vs profitability.

CISO salaries may soon hit £1 million - but few qualified for top roles

New research has shown the staggering needs and rewards for qualified CISOs, reflected in their ever spiralling salaries....

Some of my best CISOs are women: Interview Tammy Moskites, Venafi

Many leading CISOs, with really interesting expertise and advice to offer, just happen to be women, yet a lack of role models is one factor often cited as contributing to the under-representation of women in this industry. So on International Women's day the CISO we happen to be interviewing is Tammy Moskites, CIO and CISO at Venafi, appointed as a Distinguished Fellow by the Ponemon Institute in 2014 and former CISO for Time Warner Cable and The Home Depot, as she shares her views on the changing role of the CISO and the industry.

SC 2017 salary survey: analyst, pen tester, bank CISO, £25k to £500k

SC has interviewed some of the leading recruitment firms in the sector for its IT security salary survey which sheds light on the state of play in terms of hiring and remuneration. Read on to see if you are getting your dues.

Analysis: CISOs are showing up to a knife fight with a chessboard

A new paper from Trend Micro has shown that outdated technologies are still being used in security-critical areas. Is this a step back for security in the places that its need most?

SC Roundtable: The Threat Landscape

A host of security professionals joined SC yesterday for a frank discussion on the looming threat landscape

Swift details measures to increase security of global banking payments network

Swift is rolling out a series of new security measures to prevent another Bangladesh bank heist

Black Hat Las Vegas: MasterCard workers go "phishing" for malware

At Black Hat, MasterCard CSO Ron Green touted his company's latest effort to fight malware.

US government CIOs repeatedly covered up breaches

A US Congress committee has condemned the Federal Deposit Insurance Corporation for covering up a number of breaches

Business urged to take the offensive against cyber-crime

Ruthless organised crime is targeting business and its operations need to be disrupted, not just defended against, says a new research report from BT/KPMG which reports that 97 percent of companies have been hit.

The changing role of the CISO

Demand is high, supply is low and requirements are changing. Tony Morbin asks - so where are we now with the role of the CISO?

Over ¼ UK CIOs 'not concerned' about breaches

A report by the relaunched Carbon Black has shown that 28 percent of UK CIOs are unconcerned with being breached.

Does the UK need a chief information security officer?

While most of the media understandably covers the search for a new President of the United States, we couldn't help but notice another job going begging at the White House: CISO. Which got us to thinking...

CISO salaries and demand for cyber-skills skyrockets, surprising no-one

Two new reports from recruitment company BeecherMadden have shown demand for cyber-skills to be rising massively with few able to meet that demand while CISO salaries are also going up.

Last Word: A CISO checklist

Understanding how a breach impacts your business is crucial to deciding how to respond explains Andrew Nanson, CTO cyber at CORVID

How to prepare for the inevitable: SC Roundtable sponsored by FireEye Mandiant

No one wants to plan for a breach, but its what you ought to do if you want to minimise the costs, data losses and reputational damage when the inevitable happens, hence the avid pre-planning at last week's SC roundtable.

Translating cyber-threats into business risks to tackle threats effectively

By learning to translate their concerns into the language of business risk, cyber-security professionals will find that their messages are heard - and heeded - more readily, says Piers Wilson.

Cloud security for the 'everywhere enterprise'

As mobility introduces changes in workplace dynamics, Charles Milton looks at how to shift power in favour of the CISO while securing the borderless enterprise.

With our data under threat, it's time to set security in for the long-term

Responsibility for securing data is now increasingly shifting towards the board leading to a change in role for the IT department, says Terry Greer-King.

Your IT security team is flying blind on malware. Here's why

A new report from The Ponemon Institute reveals that security staff spend a significant portion of their time chasing up 'false positive' malware alerts, with faulty cyber-intelligence to blame.

Supply chain and breach response troubles haunt UK CISOs

UK Chief Information Security Officers (CISOs) are winning some battles and losing others when it comes to improving their firm's information security practices, according to a new report.