May 29, 2024 at 04:42PM BforeAI unveiled the PreCrime Guarantee, a breach protection pledge in collaboration with a global cyber insurance provider. The initiative offers customers reimbursement up to ten times the service contract value if impacted by a cyberattack due to a failure in BforeAI’s predictive solution. The platform’s reliability was validated in a … Read more
May 28, 2024 at 08:51AM Hg, a UK-based private equity company, has acquired AuditBoard for over $3 billion and invested $111 million in it. AuditBoard offers a platform for streamlining audits, compliance, risk detection, and ESG monitoring, with a claimed annual recurring revenue exceeding $200 million and over 2,000 customers. The acquisition reflects a long-term … Read more
May 28, 2024 at 07:45AM The text discusses the importance of focusing on business-critical assets in cybersecurity governance, highlighting the risks to these assets and the challenges in prioritizing efforts. It recommends a framework for continuous threat exposure management and outlines steps for protecting business-critical assets, emphasizing the need for alignment with business objectives. The … Read more
May 24, 2024 at 10:06AM In the cybersecurity realm, the challenge for CISOs is advocating for comprehensive defense strategies amid budget constraints and organizational resistance. The reliance on “good enough” is risky, as advanced capabilities are essential to thwart evolving threats. Persistent advocacy and strategic risk management are crucial, and alignment with cybersecurity priorities may … Read more
May 21, 2024 at 08:16AM CISOs must form strong relationships with C-suite executives and boards to advocate for cybersecurity efforts and navigate new SEC rules. They now focus on storytelling and business context in addition to technical expertise to engage and communicate effectively with different audiences. Direct access to board members and elevated positions within … Read more
May 15, 2024 at 08:12AM The new Common Vulnerability Scoring System (CVSS) v4.0 aims to enhance vulnerability assessment by introducing additional metrics and emphasizing the consideration of environmental and threat factors. It is used to evaluate the risk associated with vulnerabilities, especially in network products, and is considered an internationally recognized standard. Integration with security … Read more
May 14, 2024 at 05:44AM Chris Cheyne, SOC Director at SecurityHQ, compares defending against cyber threats to protecting a medieval castle. Identifying weaknesses in defenses and understanding the potential impact on business assets is crucial. He emphasizes the importance of quantifying cyber risks, understanding the adversary, and adopting a data-driven strategy to address cybersecurity challenges … Read more
May 10, 2024 at 02:36PM Enterprises are realizing that CISO’s skills in developing risk-based cyber programs can be applied to other C-suite roles. This suggests a growing appreciation for the transferability of CISO’s expertise across leadership positions. Based on the meeting notes, it seems that enterprises are realizing that the skills and experience of a … Read more
May 10, 2024 at 02:28PM At the 2024 RSA Conference, tech giants like Microsoft, Amazon Web Service, IBM, and Fortinet have voluntarily agreed to meet a set of seven cyber security objectives outlined by the US’s cyber authority, CISA. The initiative lacks legal enforcement but aims to foster good security practices and investments across industries, … Read more
May 3, 2024 at 05:33AM The White House issued a new national security memorandum focused on protecting critical infrastructure from cyber and physical threats. Replacing a decade-old policy, the memorandum addresses malicious cyber activities, strategic competition, and advancements in AI. It involves refining government roles, promoting a risk-based approach, leveraging federal agreements, and designating CISA … Read more