April 26, 2024 at 03:50PM CISO Corner is Dark Reading’s weekly digest for security leaders. This issue covers topics like Cloud Security truths, MITRE ATT&CK’s breach, OWASP’s LLM Top 10, SBOMs’ vulnerability census, cybersecurity pros’ licensure laws, J&J spin-off CISO’s security program, and suggestions for post-SolarWinds SEC disclosures. The articles provide insight and advice for … Read more
April 22, 2024 at 08:00AM A 2024 survey by Pentera revealed staggering results: 51% of organizations experienced a cyberattack in the past two years, despite investing in an average of 53 security solutions. Breaches led to significant damage, prompting heightened board involvement. The survey also highlighted the need for more frequent and continuous security testing … Read more
April 19, 2024 at 01:39PM Venture capital investors are backing BreachRx with a $6.5 million seed-stage financing. The San Francisco company plans to use the funding to expand its technology, which aims to streamline incident response reporting for corporations and shield cybersecurity executives from personal liability during data breaches. The company is also partnering with … Read more
April 9, 2024 at 01:52PM Software supply chain attacks are a growing concern for CISOs due to their ease of execution and high payoff for attackers, posing significant risks to organizations. These attacks, whether widely known or obscure, create considerable risk and require comprehensive security strategies. Experts recommend managing vendor risk, implementing security frameworks, software … Read more
April 4, 2024 at 10:20AM CISOs must go beyond checklist approach for cybersecurity. It’s crucial to gain board support, improve communication, and provide awareness training to combat social engineering. This proactive approach fosters companywide engagement in protecting against digital threats. Based on the meeting notes, the key action points are: 1. CISOs need to secure … Read more
March 28, 2024 at 08:22AM CISOs often find “materiality” ambiguous but must navigate discussions about it and risk with their boards. After reviewing the meeting notes, the key takeaways are: – Many CISOs find “materiality” to be an ambiguous term. – Despite the ambiguity, CISOs still need to be able to effectively discuss materiality and … Read more
March 19, 2024 at 05:02PM Forrester analysts advise CISOs on how to enhance business security and increase their strategic influence within the organization, cautioning about potential pitfalls. After reviewing the meeting notes, the key takeaway would be that CISOs have the potential to enhance the security of business operations and contribute significantly to the organization’s … Read more
February 15, 2024 at 08:29AM Due to increased SEC regulations, companies are under pressure to enhance transparency and speed up breach disclosure in cybersecurity reporting. Boards are demanding more rigorous tracking of KPIs and KRIs, operational metrics, and asset and security performance indicators. The book, “The Cyber Savvy Boardroom,” co-authored by Homaira Akbari and Shamla … Read more
January 24, 2024 at 11:18AM Israeli company Prompt Security has secured $5 million in seed funding led by Hetz Ventures and backed by Four Rivers and notable CISOs. It aims to prevent sensitive data exposure in generative-AI apps, offering a product to secure AI deployments and prevent exposure of sensitive data, along with governance over … Read more
January 19, 2024 at 05:24PM In 2024, CISOs are facing increased personal and legal responsibility for data breaches, particularly due to new SEC regulations. To protect themselves, they should create a system record, define “materiality,” speak to the board in financial terms, participate in cyber insurance negotiations, and monitor emerging privacy threats. Managing third-party risks … Read more