June 24, 2024 at 07:30AM Cybersixgill’s threat experts highlight critical threats and the challenges faced by cybersecurity professionals in managing increasing workloads amidst limited budgets, inadequate staffing, and growing attack surfaces. The shortage of skilled professionals and the time-consuming nature of producing reports are major obstacles. Cybersixgill’s IQ Report Generator offers a solution, providing rapid, … Read more
May 7, 2024 at 04:39PM The CISO role is changing, with many aspiring to become CIOs or CTOs. Renee Guttmann-Stark mentors such transitions, though she herself prefers focusing on cybersecurity. Some CISOs, like Jamil Farschi of Equifax, are moving into CTO roles. Challenges persist, including job vacancies and handling relentless cyber attacks. The rise of … Read more
May 7, 2024 at 04:24PM Renee Guttmann-Stark, a former CISO, acknowledges the trend of CISOs transitioning to CTO roles, citing examples like Jamil Farschi’s promotion. Challenges facing CISOs include job vacancies, insurance issues, and tool procurement. Guttmann-Stark advocates for AI deployment in automating tasks. She also emphasizes the importance of CISOs gaining proficiency in AI … Read more
March 11, 2024 at 04:36PM Compliance is crucial for security professionals, with many standards evolving to resemble security best practices. PCI DSS 4.0, applicable to all businesses accepting credit card payments, introduces new requirements such as preventing malicious scripts, enhancing network security controls, securing systems and software, and ensuring robust logging and monitoring. These updates … Read more
January 11, 2024 at 09:19AM Capture the Flag (CTF) events offer an engaging and educational platform for cybersecurity professionals to enhance their hacking skills and gain practical knowledge. CTF design requires careful consideration of technical challenges, operational complexity, and the need for engaging storytelling. Lessons learned include the importance of software development approaches, operational rigor, … Read more
December 20, 2023 at 04:59PM Black Hat Europe 2023, held in London from December 4 to 7, saw over 3,600 attendees from 118 countries. The event showcased the latest in information security through 40 Briefings, four days of technical Trainings, 50 Sponsored Sessions, and 54 in-person tool demos. Top sponsors included Axonius, Bionic, KnowBe4, and … Read more
November 22, 2023 at 07:12AM Risk assessment can be subjective and biased due to human emotions, which can lead to an inaccurate representation of reality and a weaker security posture. To remove subjectivity, security professionals should follow seven steps: identify critical resources and data, understand potential financial impact, enumerate relevant threats, map risks to resources, … Read more
November 16, 2023 at 08:39AM The discipline of cyber threat intelligence is centered around sharing information to strengthen security defenses. However, a recent poll revealed that only a small percentage of security professionals in the financial services industry are confident in their organization’s level of cyber threat intelligence sharing. Regulatory compliance requirements and the concept … Read more
October 24, 2023 at 05:10PM Tines, a leader in secure workflows, released the 2023 Voice of the SOC report which highlights job satisfaction and workloads among security operation center teams. The report reveals that 63% of surveyed security professionals are experiencing burnout due to cyberattacks and limited resources. Automation is seen as a solution, with … Read more
October 13, 2023 at 03:48PM The European Union (EU) is considering a rule that would require software publishers to disclose unpatched vulnerabilities to government agencies within 24 hours of exploitation. However, many IT security professionals are concerned about the potential abuse of this rule. They argue that the 24-hour window is too short and could … Read more