As organizations grapple with an increasingly complex digital landscape, CISOs and CIOs are faced with heightened executive liability. With the high-profile cases of CIO Carlos Abarca and CSO Joe Sullivan serving as stark examples, the message is clear - executives cannot afford to be complacent.
The use of artificial intelligence can profoundly improve operations and services across many industries, but the multifaceted relationship between AI and cybersecurity calls for new measures to address security, privacy and regulatory concerns through the right protocols and procedures.
It could be weeks or months before outsiders have a clear picture of the cyber dimension of the conflict between Hamas and Israel, a cyber expert said. "As some of these stories come out, as we will start to learn about what was actually targeted," said Rob T. Lee of the SANS Institute.
To truly be effective, CISOs must understand their organization's focus and culture. "In understanding the organization and its language, you understand what matters, and then by extension that will drive your security strategy and your security focus," said Helen Rabe, CISO at the BBC.
Regulators and prosecutors are signaling an increased interest in charging individuals such as CISOs with violating cybersecurity and privacy rules. Attorney Jonathan Armstrong of Cordery said the imperative for CISOs responding to security incidents is clear: Never go it alone.
In the latest weekly update, Ari Redbord, head of legal and government affairs at TRM Labs, joined ISMG editors to discuss: how Hamas is using crypto to finance operations, the latest illicit activities by North Korean actors, and how the trial of FTX's Sam Bankman-Fried could impact the industry.
As organizations face the constant threat of ransomware attacks, it's essential to understand the nature of this pervasive threat and how organizations can respond effectively, said Angus Clarke, vice president, BSO, Mastercard. The obvious answer is never pay a ransom - most of the time.
CISOs face significant stress on a regular basis in their critical roles to safeguard organizations against the evolving threat landscape. CISOs must build cybersecurity resilience across the enterprise to protect digital assets and operations, advised CISOs Milos Pesic and Don Gibson.
Pentera got through the attacks on Israel with no injuries among its 180 local employees, and now 20 workers have been called up to serve in infantry or intelligence units. The automated security validation firm's CEO now only wants to do business with people who support Israel's right to defend itself.
Recent coordinated attacks by Hamas have stunned the Israeli people and business community. Just days after the attacks, Xtra-Mile CEO Sharon Israel shared her firsthand account of the war's impact on people and business operations - and the need for unity, resilience and adaptation.
Just days after the unprecedented attack by Hamas on Israel, Zscaler CISO Sam Curry discusses the intertwined nature of cyber warfare and physical conflicts and how the conflict can quickly escalate to the global stage, harm globalized economies and devolve into digital chaos.
Firms using large language models that power gen AI-powered tools must consider security and privacy aspects such as data access, output monitoring and model security before jumping on the bandwagon, said Troy Leach of Cloud Security Alliance. "Everything is going to be AI as a service," Leach predicted.
Israeli intelligence is considered one of the best, yet it failed to anticipate a major attack launched by Hamas over the weekend. Harvard professor Chuck Freilich said this oversight has had a profound impact on the Israeli people, "shattering what was very deep faith in the intelligence agencies."
Being an independent firm under TPG's ownership will allow Forcepoint G2CI to invest in defense-grade cyber tools such as insider threats and content disarm and reconstruction. Separating Forcepoint's government security practice will allow it to focus on secure remote access to classified networks.
What kinds of training do security professionals need? The biggest skills gaps are soft skills - 55%, cloud computing - 47%, security controls - 35%, coding skills and software development - both at 30%, says ISACA's State of Cybersecurity 2023 survey of more than 2,000 security leaders globally.