October 7, 2024 at 03:43PM Cybersecurity professionals serving as CISOs are experiencing modest pay increase, averaging $403,000 annually, but it lags behind their evolving responsibilities. Business operations are increasingly under attack, with CISOs facing resource constraints and budget pressures. Demand for CISOs has stabilized, and stress persists, especially in government and education sectors. AI risk … Read more
September 24, 2024 at 11:54AM Microsoft’s Secure Future Initiative (SFI) is materializing with the establishment of a Cybersecurity Governance Council steered by CISO Igor Tsyganskiy. This council, overseeing a vast cybersecurity engineering effort, appoints Deputy CISOs for specific domains. SFI aims to embed security as a core priority for all Microsoft employees, paired with senior … Read more
September 23, 2024 at 04:16PM Mastercard’s $2.65 billion acquisition of Recorded Future has highlighted the growing importance of cyber threat intelligence (CTI) in enterprise security strategies. The deal is expected to close in Q1 of 2025 and demonstrates the business criticality of CTI. Analysts anticipate significant growth in demand for CTI services in the coming … Read more
August 23, 2024 at 02:33PM FBI Director Christopher Wray discussed the significant increase in security threats facing the country, including terrorism, espionage, election interference, and violence against law enforcement. He emphasized the importance of partnerships to address these challenges. Wray also highlighted the FBI’s efforts to strengthen collaborations with various sectors, such as business and … Read more
August 23, 2024 at 07:30AM Exposure management goes beyond attack surface management by including data assets, user identities, and cloud account configurations. It ensures continuous evaluation of digital assets’ visibility, accessibility, and vulnerability. Unlike traditional vulnerability management, exposure management considers all threat vectors, including misconfigurations and unpatched vulnerabilities, allowing prioritization and strategic focus on critical … Read more
August 20, 2024 at 05:14PM Microsoft addressed a critical privilege escalation vulnerability in its Azure Kubernetes Service (AKS). Attackers could gain access to credentials and perform malicious actions in affected AKS clusters. The vulnerability, which did not require special privileges, led to unauthorized access to cluster contents. Security teams should audit AKS configurations and take … Read more
June 28, 2024 at 05:22PM Ballistic Ventures, a cybersecurity-focused venture capital firm, has named co-founder Kevin Mandia as General Partner. Mandia, a cybersecurity expert with an impressive track record, has held leadership roles at prominent firms and has been appointed to prestigious advisory committees. His transition to General Partner follows the firm’s successful fundraising and … Read more
June 4, 2024 at 10:05AM SUMMARY Successful sports coaching relies on a playbook, and the same applies to cybersecurity. A proactive security playbook should include an incident response plan, an effective measurement strategy, and assessments of team strengths and weaknesses. This proactive approach is critical for maintaining data confidentiality and combating evolving threats. Cyber-insurance engagement … Read more
May 17, 2024 at 10:03AM In today’s data-driven cybersecurity landscape, it’s clear that securing log data is vital. Legacy systems struggle in the cloud era, driving up costs and technical demands. Cybercrime impacts not just businesses but also society. The industry’s projected growth indicates the urgency for standardized log data management and collaboration to enhance … Read more
May 7, 2024 at 04:54PM The Known Exploited Vulnerabilities (KEV) list, introduced by the Cybersecurity and Infrastructure Security Agency in 2021, aims to accelerate remediation times for high-risk threats. Congressman Jim Langevin’s legislation created the list to prioritize vulnerabilities for remediation. Data shows an increase in remediation timelines, but ransomware vulnerabilities receive the highest priority. … Read more