Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CISO

The State of Data Security in 2022: The CISOs Perspective

In the two years proceeding from the beginning of the COVID-19 pandemic, the business world has been transformed on a grand scale. Organizations have created more data than ever before, data is now spread across a wider attack surface, putting it at a heightened risk of becoming a compromised risk. The manner and location of data storage and correspondence has had to shift to meet the needs of remote and hybrid workers, with companies being forced to take a more rigorous approach to data security.

Where a CISO Should Sit Within an Organisation - Razorwire Podcast

Welcome to Razor Wire Podcast! In this episode, we’re joined by Claire Davies of Arriva and Keith Christie-Smith of Claroty to discuss where a CISO fits best within an organisation, a bit of the history behind it, where trends have been in recent years, and where we think it’ll going to be in future. The role of CISO has traditionally been a part of IT and they often report to the CIO. This trend has been steadily changing over recent years, but the question remains: where should the CISO sit within an organisation? With security events increasing in cost and complexity, is it time that the CISO should sit on the board? Claire, Keith and cyber security consultancy MD James Rees - your host - share their opinions on the subject from the perspective of a CISO currently in the role and with insights from an Accounts Director who deals with CISOs from multiple companies across a wide range of different sectors. The format of our show is a group of us sitting here talking like we are down the pub talking about what we do for a living. So I am inviting you to join us in this episode to learn about CISO. Listen to this episode on your favourite podcasting platform.

CISO Interview Series: The challenges of being the CISO for the University of Oxford.

The job of a CISO is one of constant change and unexpected challenges. One of the most energetic environments to govern is that of a university. Universities function not only as academic institutions, but also as research hubs, hosting both curious students, as well as notable scholars. This is an audience not known for slow-motion progress. They need results, and they expect them quickly. At a large university, the responsibility of a CISO is dizzying.

The Modern CISO Role Needs to Evolve. Here's Why.

The role of information security in modern enterprises is evolving like never before. Security will need to improve third-party oversight as organizations increasingly depend on outsourcing models for scale flexibility, efficiency, and cost savings. It will also need to do a better job of balancing security requirements (e.g., regulatory compliance, risk management) against business objectives (e.g., user experience, network performance, reducing costs).

CISO's Corner: Cyber Defense Lessons for OT and Supply Chain Infrastructure

2022 has been busy in the cyber world. While there were signals in 2021 with the increased in activity in threat actors targeting OT environments with ransomware, the conflict in Ukraine prompted many businesses to press harder in asking more questions about their own resilience with operational technologies (OT) and supply chain infrastructure.

What to look for in a vCISO as a service

“Approximately 64% of global CISOs were hired from another company” according to the 2021 MH Global CISO Research Report. The reasons are because of talent shortages, the role is still new to some companies, and companies have not created a succession plan to support internal promotions. To overcome these challenges, companies can look to Virtual Chief Information Security Officer (vCISO) or a vCISO as a service provider.

Next CISO headache: Vendor cyber insurance

Cyber insurance coverage? Through the roof these days. Also, coverage is not that easy to get. The many breaches and the dollar judgements handed down make cyber insurance another costly operating investment. A mid-sized client of mine, as an example, pays $1 million in annual cyber insurance costs just to do business with its commercial and government customers. The issue adds another twist to the topic of third-party risk.

A CISO's Guide for Measuring your Security

Measuring risk is key to business continuity. A growing attack surface will present many businesses with challenges of how to manage their enterprise assets and maintain a robust cyber security posture. An expanding remote workforce, increasing levels of data and the continuous rollout of evolutionary solutions can all present hackers with potential entry points to exploit if security measures are not in place.

'Hackad' hacker: CISOs have more to worry about than a zero day exploit

When I look at IT security I can clearly see how it has changed, being today much more mature now than it’s ever been. Governments are working on policies and legislation forcing companies to prioritize IT security. As a result, the entire bug bounty community has bloomed in a way that I could never imagine, security researchers are now working together with companies to identify and mitigate vulnerabilities in a way that we have never done before.