With signs pointing to a global economic downturn, cybersecurity organizations are already thinking about managing budgets and doing more than less. Four CISOs share a wide range of belt-tightening tips, from putting the squeeze on your vendors and suppliers to training and hiring from within.
According to the World Economic Forum, geopolitical instability has helped to close the perception gap between business and cyber leaders' views on the importance of cyber risk management, and "91% of all respondents" believe that "a far-reaching, catastrophic cyber event" is on the horizon.
How effective are your cybersecurity awareness programs—and do your employees agree?
This central question was the cornerstone of this research project which assessed the efficacy of cybersecurity
awareness programs from both perspectives—the security professional
and the non-security employee.
As a veteran CISO who enjoys the startup culture and energy, Aleksandr Zhuk of crypto broker sFOX likens himself to the first family doctor coming to a growing village. He's addressing an important need that certainly existed prior, but was overlooked or maybe outsourced.
How does a CISO map his goals to the security investments made by a company long before he came onboard? How can you balance the short-term and long-terms goals at a new organization? Aditya Vardhan, CISO of Jindal Power & Steel, shares his insights on ensuring a smooth transition.
Nation-state attackers are not just looking for major vulnerabilities to gain control of the enterprise. They are exploiting minor flaws to gain access and increase the severity of their attacks, says Matanda Doss, executive director of cybersecurity and technology controls at JPMorgan Chase.
In the latest weekly update, ISMG editors discuss why being a CISO is like being the first family doctor in a small village, why you can't trust ransomware gangs such as LockBit, and why cloud security vendor Netskope took on $401 million in debt from Morgan Stanley to fuel its SASE offering.
Technology implementations should be paired with a thought process of prioritizing automation, innovation and continuous improvement. Eliminating passwords and implementing AI/ML at the front end can reduce risks from human carelessness, says Nikhil Chawla of Colgate Global Business Services.
In the latest update, four ISMG editors discuss important issues of 2022, including: CISO Marene Allison's unique career path; Ukrainian government cybersecurity official Victor Zhora on lessons learned from countering cyberattacks; and insights from CEO Nikesh Arora of Palo Alto Networks.
She has been a CISO almost longer than there has been cybersecurity. And now Marene Allison, CISO at Johnson & Johnson, eyes retirement and her next adventures. She reflects on her career, her accomplishments and what she wishes for her successor and the next generation of cybersecurity leaders.
A salute to the career of Johnson & Johnson CISO Marene Allison leads this week's Information Security Media Group Editors' Panel, which also reviews essentials for implementing a zero trust strategy and the use of banking standards to regulate blockchain-based digital assets.
"Disruptive" is the operative word, and Atefeh "Atti" Riazi uses it to describe the impact digital transformation has had on how we live, work, learn and conduct commerce. Newly hired as CIO of Hearst, she opens up on AI and the power of disruptive technologies to drive new business outcomes.
In October, former Uber CSO Joe Sullivan was convicted of covering up a 2016 data breach. The trial likely marked the first time a chief security officer had faced criminal charges over incident response. Attorney Jonathan Armstrong says, "This trend is going to be difficult to put back in the box."
As the lines between the roles of CIO and CISO blur with time, Keyur Desai of Essar is an example of how the two roles complement each other, resulting in a more efficient system. Desai discusses the overlap in roles, upskilling as a veteran executive and why people are the strongest link.