Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CISO

CyberRisk Alliance: JFrog Field CISO Paul Davis on Securing Software in Today's Threat Landscape

In this executive interview with CyberRisk Alliance, JFrog’s Field CISO, Paul Davis, discusses the growing challenges of securing development workflows and the evolving role of the CISO. With an increasing focus on information security, Paul shares insights on balancing development speed with the need for robust security in today’s software environments.

Why the CISO & CIO Must Partner for Cyber Resilience

In today’s interconnected world, where the digital landscape is constantly evolving, the threats to an organization’s cybersecurity posture are more sophisticated and pervasive than ever before. Relying on traditional, largely prevention-focused cybersecurity tools and approaches is not enough. Cyber attacks are inevitable.

What CISOs Need to Know about ThreatQ's Support for the NIS2 Directive

An important deadline is just around the corner for businesses that operate in the European Union (EU): By October 17, 2024, EU Member States must implement the NIS2 Directive into their national laws. Failure by critical infrastructure organizations to comply with additional cybersecurity obligations can result in consequences including financial penalties and reputational damage.

A CISO'S View on Building an API Security Program in 2024

Building a robust API and application security program is essential for security leaders across all industries. However, creating and maintaining an effective security strategy for your APIs and web applications requires: Identifying the right components to build a program that aligns with your business objectives.

Virtual CISO Services: A Smart Solution for Modern Businesses

In today's dynamic cybersecurity landscape, businesses of all sizes face significant challenges in safeguarding their data and systems from cyber threats. As the need for robust cybersecurity measures grows, many organizations are turning to Virtual CISO (vCISO) services as a cost-effective and flexible solution to enhance their security posture. A Virtual CISO is an outsourced cybersecurity professional or team that provides the expertise and guidance of a Chief Information Security Officer (CISO) on a part-time or contract basis.

Enhancing CISO-Board communication: Three key questions for the CISO to answer

A challenging dynamic exists between the CISO and the Board of Directors. While both stakeholders focus on risk management, their approaches to risk and the language they use are notably different. Though regulations like the NIS2 directive and SEC cybersecurity disclosure rules have given CISOs a bigger seat at the table, the legal requirements and operational prioritization to meet them have exposed a difference in perspective and understanding between the two roles.

As Security Budgets Cool, CISO's Warm Up to New Ideas

Security spending is losing momentum with a third of CISOs reporting flat or reduced budgets this year. These numbers come from a recent annual survey of 755 cybersecurity decision-makers conducted by IANS Research. Decreased spending in the face of growing cyberattacks put pressure on security leaders to find better ways to optimize their processes. Fortunately, CISOs are discovering solutions for this problem by following the tried-and-true tactics of simplification, consolidation, and innovation.

A CISO's View on the State of API Security: Discussing the API ThreatStats Report, Q2 2024

API exploits represent one of the fastest growing threat vectors–a trend that will continue to accelerate as the increasingly AI-driven digital economy grows. Join veteran CISO and application security expert Mike Wilkes and Wallarm’s VP of Product, Tim Erlin, as they discuss the state of API security and where it is heading. Drawing upon their extensive industry experience as well as insights drawn from the Wallarm API ThreatStats Report Q2, 2024.

A CISO's Checklist For Securing APIs And Applications

Building a robust API and application security program is a key objective for security leaders in any market. But developing and maintaining an effective security program for your APIs and web applications requires: ‍- A deep understanding of the right approach to implementing API and application security.