Threats, Attacks, and Vulnerabilities: Your guide to building a security strategy for cloud apps
In this special edition webinar you’ll hear from Ami Dave, CISO of Fanatics about how Datadog enables Fanatics to scale securely.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
New IDC InfoBrief + downloadable CISO checklists
Tl;dr: This blog discusses IDC’s 2024 study, “The Future of Access Management: Identity Security Requirements for a Modern Application Access Approach.” The study identifies the biggest challenges facing security leaders today, especially those exacerbated by hybrid work. Below are IDC’s findings as well as downloadable checklists that security practitioners can use to address the security gaps in their organizations.
The Problem with CISOs and Risk Management | Razorthorn Security
Jack Jones points out that many CISOs know security but not risk. Learn why a lack of understanding of true risks versus security control issues leads to ineffective GRC implementations.
What is a virtual CISO (vCISO) and should you have one on your team?
Most people know what a chief information security officer (CISO) is and how they’re essential to improving an organization’s security posture. The problem is that many organizations have limited hiring resources and it makes little sense to appoint an in-house CISO without tangible ROI. A virtual CISO or vCISO becomes an excellent solution for organizations that need to enhance their security framework within resource constraints.
CyberRisk Alliance: JFrog Field CISO Paul Davis on Securing Software in Today's Threat Landscape
In this executive interview with CyberRisk Alliance, JFrog’s Field CISO, Paul Davis, discusses the growing challenges of securing development workflows and the evolving role of the CISO. With an increasing focus on information security, Paul shares insights on balancing development speed with the need for robust security in today’s software environments.
Why the CISO & CIO Must Partner for Cyber Resilience
In today’s interconnected world, where the digital landscape is constantly evolving, the threats to an organization’s cybersecurity posture are more sophisticated and pervasive than ever before. Relying on traditional, largely prevention-focused cybersecurity tools and approaches is not enough. Cyber attacks are inevitable.
What CISOs Need to Know about ThreatQ's Support for the NIS2 Directive
An important deadline is just around the corner for businesses that operate in the European Union (EU): By October 17, 2024, EU Member States must implement the NIS2 Directive into their national laws. Failure by critical infrastructure organizations to comply with additional cybersecurity obligations can result in consequences including financial penalties and reputational damage.
A CISO'S View on Building an API Security Program in 2024
Building a robust API and application security program is essential for security leaders across all industries. However, creating and maintaining an effective security strategy for your APIs and web applications requires: Identifying the right components to build a program that aligns with your business objectives.
Virtual CISO Services: A Smart Solution for Modern Businesses
In today's dynamic cybersecurity landscape, businesses of all sizes face significant challenges in safeguarding their data and systems from cyber threats. As the need for robust cybersecurity measures grows, many organizations are turning to Virtual CISO (vCISO) services as a cost-effective and flexible solution to enhance their security posture. A Virtual CISO is an outsourced cybersecurity professional or team that provides the expertise and guidance of a Chief Information Security Officer (CISO) on a part-time or contract basis.
Enhancing CISO-Board communication: Three key questions for the CISO to answer
A challenging dynamic exists between the CISO and the Board of Directors. While both stakeholders focus on risk management, their approaches to risk and the language they use are notably different. Though regulations like the NIS2 directive and SEC cybersecurity disclosure rules have given CISOs a bigger seat at the table, the legal requirements and operational prioritization to meet them have exposed a difference in perspective and understanding between the two roles.