November 14, 2024 at 09:01PM The TSA has proposed new cybersecurity rules for pipeline, railroad, bus, and public transportation systems, enhancing existing frameworks. Affected operators must implement cyber risk management programs, report incidents, and maintain security measures. This initiative aims to boost cybersecurity resilience, with public comments accepted until February 2, 2025. ### Meeting Takeaways … Read more
November 14, 2024 at 11:32AM Cyber risk management firm Bitsight has announced its acquisition of threat intelligence provider Cybersixgill for $115 million. This deal will enhance Bitsight’s capabilities in risk management and threat detection, providing organizations with comprehensive insights into their attack surfaces and bolstering their cybersecurity measures with real-time, AI-driven data. ### Meeting Takeaways: … Read more
October 30, 2024 at 12:59PM Recent studies reveal that many cybersecurity executives prioritize software security training only for select employees, often neglecting company-wide awareness. Factors like customer satisfaction and financial costs drive their decisions, leading to ineffective training strategies. Effective, tailored training for all employees is essential to mitigate risks and enhance organizational resilience against … Read more
September 24, 2024 at 10:03AM Summary: Business risks encompass various categories, all affected by cyber-risks. Market research shows strong cybersecurity correlates with higher shareholder return. Chief information security officers are adopting artificial intelligence to counter evolving cyber threats, but express mixed feelings about AI risks. Elevating cyber-risk management to essential protocol and recognizing cyber-risks as … Read more
August 23, 2024 at 10:07AM The rise in cybersecurity threats impacts businesses of all sizes, necessitating proactive defenses and collective effort. An ExtraHop report highlights insufficient C-suite involvement in managing cyber-risk, leading to organizational overconfidence and frequent ransomware incidents. Improved internal alignment, leadership involvement, and investment in cyber-risk tools are essential. Successful integration of cybersecurity … Read more
August 8, 2024 at 07:45AM The article discusses the importance of Automated Security Validation (ASV) in cybersecurity strategies. It highlights ASV’s capabilities to provide a comprehensive view, prioritize vulnerabilities, scale across organizations, and align with regulatory frameworks. Additionally, it emphasizes the need to integrate ASV with the Continuous Threat Exposure Management (CTEM) framework to maximize … Read more
August 2, 2024 at 03:20PM The Cybersecurity Compass, initially designed for CISOs, has evolved to benefit various cybersecurity professionals and stakeholders, offering strategic guidance and direction. It employs a metaphorical framework, aiming to fortify organizations against cyber threats and assist in incident response. The shift to a more inclusive approach reflects a broader applicability within … Read more
July 8, 2024 at 07:21AM The cybersecurity landscape continues to evolve, with businesses facing increasing threats. Effective communication between CISOs and the board is crucial for managing cyber risks. CISOs must justify their cybersecurity budget, master risk reporting, celebrate security achievements, collaborate with other teams, and focus on critical security risks to bridge the communication … Read more
June 27, 2024 at 06:47PM Beazley Security, a newly launched cyber-risk management company resulting from a merger between Beazley’s cyber services and Lodestone, will integrate risk management services with technical cybersecurity services. Led by CEO Alton Kizziah and reporting to Beazley’s head of cyber risks, the company will provide integrated cyber preparedness and response capabilities, … Read more
June 24, 2024 at 04:38AM The IT world’s diverse issues converge on the importance of software and services supply chain integrity. Despite its critical role, end-of-life database software receives inadequate attention, contrasting with the prominent AI and cybercrime coverage. Parallels are drawn with the food standards regulatory system, advocating for a similar approach to software … Read more