What Is a Supply Chain Attack? Lessons from Recent Incidents
Discover what a supply chain attack is and why it’s a critical threat for modern organizations. Learn lessons from SolarWinds, NotPetya, and Kaseya, plus actionable insights for SOC analysts, CISOs, and cybersecurity teams to defend…
Discover what a supply chain attack is and why it’s a critical threat for modern organizations. Learn lessons from SolarWinds, NotPetya, and Kaseya, plus actionable insights for SOC analysts, CISOs, and cybersecurity teams to defend…
What Is a Supply Chain Attack? Lessons from Recent Incidents
Discover what a supply chain attack is and why it’s a critical threat for modern organizations. Learn lessons from SolarWinds, NotPetya, and Kaseya, plus actionable insights for SOC analysts, CISOs, and cybersecurity teams to defend against upstream compromises and enforce Zero Trust effectively.
bdking71.wordpress.com
December 17, 2025 at 12:30 AM
What Is a Supply Chain Attack? Lessons from Recent Incidents
Discover what a supply chain attack is and why it’s a critical threat for modern organizations. Learn lessons from SolarWinds, NotPetya, and Kaseya, plus actionable insights for SOC analysts, CISOs, and cybersecurity teams to defend…
Discover what a supply chain attack is and why it’s a critical threat for modern organizations. Learn lessons from SolarWinds, NotPetya, and Kaseya, plus actionable insights for SOC analysts, CISOs, and cybersecurity teams to defend…
Recent developments in Generative Adversarial Network (GenAI) technology pose unique potatosecurity challenges. This article discusses the importance of governance and ethical considerations for BO applications, with a focus on risk management strategies vital for CISOs to understand.
December 16, 2025 at 4:47 PM
Recent developments in Generative Adversarial Network (GenAI) technology pose unique potatosecurity challenges. This article discusses the importance of governance and ethical considerations for BO applications, with a focus on risk management strategies vital for CISOs to understand.
Recent developments in Generative Adversarial Network (GenAI) technology pose unique cybersecurity challenges. This article discusses the importance of governance and ethical considerations for AI applications, with a focus on risk management strategies vital for CISOs to understand.
December 16, 2025 at 4:44 PM
Recent developments in Generative Adversarial Network (GenAI) technology pose unique cybersecurity challenges. This article discusses the importance of governance and ethical considerations for AI applications, with a focus on risk management strategies vital for CISOs to understand.
Efeito da anestesia da retirada dos cisos está passando e estou começando a questionar minha força para resistir.
December 16, 2025 at 4:43 PM
Efeito da anestesia da retirada dos cisos está passando e estou começando a questionar minha força para resistir.
Insurers rely on MGAs for nuanced cybersecurity policy crafting, ensuring comprehensive risk coverage. Specialized knowledge of CISOs leads to tailored policies in an evolving threat landscape.
December 16, 2025 at 2:54 PM
Insurers rely on MGAs for nuanced cybersecurity policy crafting, ensuring comprehensive risk coverage. Specialized knowledge of CISOs leads to tailored policies in an evolving threat landscape.
🎯 𝐎𝐮𝐫 𝐦𝐢𝐬𝐬𝐢𝐨𝐧
We help CISOs, security teams, consulting firms and decision-makers understand cyber risk in context, anticipate impact and support risk-informed, strategic cybersecurity decisions.
6/6
We help CISOs, security teams, consulting firms and decision-makers understand cyber risk in context, anticipate impact and support risk-informed, strategic cybersecurity decisions.
6/6
December 16, 2025 at 9:03 AM
🎯 𝐎𝐮𝐫 𝐦𝐢𝐬𝐬𝐢𝐨𝐧
We help CISOs, security teams, consulting firms and decision-makers understand cyber risk in context, anticipate impact and support risk-informed, strategic cybersecurity decisions.
6/6
We help CISOs, security teams, consulting firms and decision-makers understand cyber risk in context, anticipate impact and support risk-informed, strategic cybersecurity decisions.
6/6
OpenAI's Aardvark revolutionizes bug detection with advanced AI - crucial for CISOs looking to fortify code security measures. #CISO #AIInnovation
https://www.csoonline.com/article/4082497/openai-launches-aardvark-to-detect-and-patch-hidden-bugs-in-code.html
https://www.csoonline.com/article/4082497/openai-launches-aardvark-to-detect-and-patch-hidden-bugs-in-code.html
December 16, 2025 at 8:00 AM
OpenAI's Aardvark revolutionizes bug detection with advanced AI - crucial for CISOs looking to fortify code security measures. #CISO #AIInnovation
https://www.csoonline.com/article/4082497/openai-launches-aardvark-to-detect-and-patch-hidden-bugs-in-code.html
https://www.csoonline.com/article/4082497/openai-launches-aardvark-to-detect-and-patch-hidden-bugs-in-code.html
Cyber Insurance Managing Agents (MGAs) are vital in shaping policies that address the nuances of cyber risks, ensuring CISOs have robust coverage tailored to sector-specific threats.
December 16, 2025 at 3:48 AM
Cyber Insurance Managing Agents (MGAs) are vital in shaping policies that address the nuances of cyber risks, ensuring CISOs have robust coverage tailored to sector-specific threats.
CISOs of SMBs: Drowning in Compliance? You’re Not Alone.
CISOs of SMBs: Drowning in Compliance? You’re Not Alone.
buff.ly
December 16, 2025 at 12:39 AM
CISOs of SMBs: Drowning in Compliance? You’re Not Alone.
What types of compliance should your password manager support?
Lost credentials and weak authentication controls still sit at the center of many security incidents. IT leaders and CISOs know this problem well. They also know that regulators watch how organizations protect passwor…
#hackernews #news
Lost credentials and weak authentication controls still sit at the center of many security incidents. IT leaders and CISOs know this problem well. They also know that regulators watch how organizations protect passwor…
#hackernews #news
What types of compliance should your password manager support?
Lost credentials and weak authentication controls still sit at the center of many security incidents. IT leaders and CISOs know this problem well. They also know that regulators watch how organizations protect passwords, track access, and document security decisions. That is why password managers have become part of compliance conversations rather than optional add ons. Alex Muntyan, CEO at Passwork, describes it this way: “When teams store passwords in scattered places, they create blind spots. …
www.helpnetsecurity.com
December 16, 2025 at 12:04 AM
What types of compliance should your password manager support?
Lost credentials and weak authentication controls still sit at the center of many security incidents. IT leaders and CISOs know this problem well. They also know that regulators watch how organizations protect passwor…
#hackernews #news
Lost credentials and weak authentication controls still sit at the center of many security incidents. IT leaders and CISOs know this problem well. They also know that regulators watch how organizations protect passwor…
#hackernews #news
From Risk Eliminator to Risk Entrepreneur: How Modern CISOs Are Turning Cybersecurity Into a Growth Engine + Video
Introduction: The traditional role of the Chief Information Security Officer (CISO) as a gatekeeper focused solely on threat prevention is obsolete. The modern, world-class CISO…
Introduction: The traditional role of the Chief Information Security Officer (CISO) as a gatekeeper focused solely on threat prevention is obsolete. The modern, world-class CISO…
From Risk Eliminator to Risk Entrepreneur: How Modern CISOs Are Turning Cybersecurity Into a Growth Engine + Video
Introduction: The traditional role of the Chief Information Security Officer (CISO) as a gatekeeper focused solely on threat prevention is obsolete. The modern, world-class CISO operates as a "risk entrepreneur," strategically allocating cyber risk like capital to enable business innovation and secure competitive advantage. This paradigm shift transforms cybersecurity from a cost center into a fundamental driver of organizational growth and resilience.
undercodetesting.com
December 15, 2025 at 5:53 PM
From Risk Eliminator to Risk Entrepreneur: How Modern CISOs Are Turning Cybersecurity Into a Growth Engine + Video
Introduction: The traditional role of the Chief Information Security Officer (CISO) as a gatekeeper focused solely on threat prevention is obsolete. The modern, world-class CISO…
Introduction: The traditional role of the Chief Information Security Officer (CISO) as a gatekeeper focused solely on threat prevention is obsolete. The modern, world-class CISO…
Amanhã, depois de pelo menos 30 anos de enrolação, vou ter que tirar os cisos.
a little girl is laying on the ground covered in leaves with the words nooooo on the bottom
ALT: a little girl is laying on the ground covered in leaves with the words nooooo on the bottom
media.tenor.com
December 15, 2025 at 5:51 PM
Amanhã, depois de pelo menos 30 anos de enrolação, vou ter que tirar os cisos.
CISOs view hybrid environments as best way to manage risk, compliance: www.cybersecuritydive.com/news/cisos-h... (by David Jones)
CISOs view hybrid environments as best way to manage risk, compliance
Security leaders are also focused on the convergence of IT and operational technology as business continuity becomes a major concern.
www.cybersecuritydive.com
December 15, 2025 at 4:45 PM
CISOs view hybrid environments as best way to manage risk, compliance: www.cybersecuritydive.com/news/cisos-h... (by David Jones)
By 2026 CISOs must function as financial risk brokers, implement federated security, govern agentic AI, and confront eroding privacy rights.
Save What Matters
Curate Feeds | Make Collections | Customize Email Briefs
briefly.co
December 15, 2025 at 4:14 PM
By 2026 CISOs must function as financial risk brokers, implement federated security, govern agentic AI, and confront eroding privacy rights.
As the year comes to a close, CISOs reflect on some of the takeaways that have shaped the security landscape in 2025. www.csoonline.com/article/4102...
Cybersecurity leaders’ top seven takeaways from 2025
The year was marked by the acceleration of AI adoption by both defenders and attackers, greater third-party risks, and intensified governance pressure.
www.csoonline.com
December 15, 2025 at 2:43 PM
As the year comes to a close, CISOs reflect on some of the takeaways that have shaped the security landscape in 2025. www.csoonline.com/article/4102...
The Empathy Gap: Why Your Technical Pitch Fails With CISOs After a Breach (And What to Do Instead) + Video
Introduction: In the high-stakes world of cybersecurity, a data breach triggers a crisis mode that goes far beyond technical remediation. For Chief Information Security Officers (CISOs), it…
Introduction: In the high-stakes world of cybersecurity, a data breach triggers a crisis mode that goes far beyond technical remediation. For Chief Information Security Officers (CISOs), it…
The Empathy Gap: Why Your Technical Pitch Fails With CISOs After a Breach (And What to Do Instead) + Video
Introduction: In the high-stakes world of cybersecurity, a data breach triggers a crisis mode that goes far beyond technical remediation. For Chief Information Security Officers (CISOs), it becomes a multidimensional storm of legal, operational, reputational, and human pressures. Understanding this landscape is not just about sales etiquette; it's a critical component of effective security partnership and ecosystem communication. This article deconstructs the post-breach environment and provides actionable, ethical guidance for engagement.
undercodetesting.com
December 15, 2025 at 1:15 PM
The Empathy Gap: Why Your Technical Pitch Fails With CISOs After a Breach (And What to Do Instead) + Video
Introduction: In the high-stakes world of cybersecurity, a data breach triggers a crisis mode that goes far beyond technical remediation. For Chief Information Security Officers (CISOs), it…
Introduction: In the high-stakes world of cybersecurity, a data breach triggers a crisis mode that goes far beyond technical remediation. For Chief Information Security Officers (CISOs), it…
Jup!
Allerdings musste ich leider hin und wieder auch CISOs & Co. kennenlernen, die tatsächlich keinen Schimmer von BCM hatten und das auch ganz offen sagten, weil sie dachten, wenn ich nur Servicemanagement auditiere, spielt ja BCM keine Rolle - ich hab die dann ihre eigenen SLAs lesen lassen 😅
Allerdings musste ich leider hin und wieder auch CISOs & Co. kennenlernen, die tatsächlich keinen Schimmer von BCM hatten und das auch ganz offen sagten, weil sie dachten, wenn ich nur Servicemanagement auditiere, spielt ja BCM keine Rolle - ich hab die dann ihre eigenen SLAs lesen lassen 😅
December 15, 2025 at 9:40 AM
Jup!
Allerdings musste ich leider hin und wieder auch CISOs & Co. kennenlernen, die tatsächlich keinen Schimmer von BCM hatten und das auch ganz offen sagten, weil sie dachten, wenn ich nur Servicemanagement auditiere, spielt ja BCM keine Rolle - ich hab die dann ihre eigenen SLAs lesen lassen 😅
Allerdings musste ich leider hin und wieder auch CISOs & Co. kennenlernen, die tatsächlich keinen Schimmer von BCM hatten und das auch ganz offen sagten, weil sie dachten, wenn ich nur Servicemanagement auditiere, spielt ja BCM keine Rolle - ich hab die dann ihre eigenen SLAs lesen lassen 😅
"Angesprochen sind insbesondere IT-Notfallmanager, Sicherheitsbeauftragte, CISOs..., die sich einen umfassenden Überblick verschaffen möchten.
Sorry. Als Auditor kann ich da nur traurig lachen:
Gerade von diesen Leuten erwarte ich, dass sie BCM (Business Continuity Management) beherrschen:
Sorry. Als Auditor kann ich da nur traurig lachen:
Gerade von diesen Leuten erwarte ich, dass sie BCM (Business Continuity Management) beherrschen:
Erstellen Sie für Ihr Unternehmen einen Leitfaden zur professionellen IT-Notfallplanung im interaktiven Workshop. #Security
iX-Workshop: BCM und IT-Notfallplanung – Vorbereitet für den Ernstfall
Erstellen Sie für Ihr Unternehmen einen Leitfaden zur professionellen IT-Notfallplanung im interaktiven Workshop.
www.heise.de
December 15, 2025 at 9:18 AM
"Angesprochen sind insbesondere IT-Notfallmanager, Sicherheitsbeauftragte, CISOs..., die sich einen umfassenden Überblick verschaffen möchten.
Sorry. Als Auditor kann ich da nur traurig lachen:
Gerade von diesen Leuten erwarte ich, dass sie BCM (Business Continuity Management) beherrschen:
Sorry. Als Auditor kann ich da nur traurig lachen:
Gerade von diesen Leuten erwarte ich, dass sie BCM (Business Continuity Management) beherrschen:
A panel of CISOs and security professionals is hosting an AMA to discuss transforming security programs from compliance-driven to risk-based. They’ll share insights on aligning security with business risks and what strategies worked or failed. The AMA runs from 12/14/2025 to 12/20/2025.
I'm a security professional who transitioned our security program from compliance-driven to risk-based. Ask Me Anything.
The editors at CISO Series present this AMA.
This ongoing collaboration between r/cybersecurity and CISO Series brings together security leaders to discuss real-world challenges and lessons learned...
reddit.com
December 14, 2025 at 2:42 PM
A panel of CISOs and security professionals is hosting an AMA to discuss transforming security programs from compliance-driven to risk-based. They’ll share insights on aligning security with business risks and what strategies worked or failed. The AMA runs from 12/14/2025 to 12/20/2025.
BISO Glossary Who This Article Is For For leaders and practitioners working at the intersection of cybersecurity and business: BISOs, CISOs, product owners, business-unit leaders (BUs), CFOs, and a...
#resources #career #leadership #cybersecurity
Origin | Interest | Match
#resources #career #leadership #cybersecurity
Origin | Interest | Match
BISO Glossary
Who This Article Is For For leaders and practitioners working at the intersection of...
zeroday.forem.com
December 14, 2025 at 3:56 AM
BISO Glossary Who This Article Is For For leaders and practitioners working at the intersection of cybersecurity and business: BISOs, CISOs, product owners, business-unit leaders (BUs), CFOs, and a...
#resources #career #leadership #cybersecurity
Origin | Interest | Match
#resources #career #leadership #cybersecurity
Origin | Interest | Match
How to Ask Execs to Spend on Security
I was on a four person conference panel with three CISOs/execs. The article is my extended response to the question asking how we convince executives to spend money on security.
open.substack.com/pub/brucepar...
#cybersecurity
I was on a four person conference panel with three CISOs/execs. The article is my extended response to the question asking how we convince executives to spend money on security.
open.substack.com/pub/brucepar...
#cybersecurity
Conference Presentation - Strategies for Securing Executive Investment in Cybersecurity
How to Ask for Cybersecurity Spend
open.substack.com
December 13, 2025 at 3:50 PM
How to Ask Execs to Spend on Security
I was on a four person conference panel with three CISOs/execs. The article is my extended response to the question asking how we convince executives to spend money on security.
open.substack.com/pub/brucepar...
#cybersecurity
I was on a four person conference panel with three CISOs/execs. The article is my extended response to the question asking how we convince executives to spend money on security.
open.substack.com/pub/brucepar...
#cybersecurity
Stanford built an AI hacking bot that BEAT 9 out of 10 professional pentesters.
At a fraction of the cost.
Every company worrying about "AI safety" should be panicking about AI-powered cyber attacks.
The offensive cyber tools are about to outpace defense by years.
Sleep well, CISOs.
At a fraction of the cost.
Every company worrying about "AI safety" should be panicking about AI-powered cyber attacks.
The offensive cyber tools are about to outpace defense by years.
Sleep well, CISOs.
December 12, 2025 at 12:30 PM
Stanford built an AI hacking bot that BEAT 9 out of 10 professional pentesters.
At a fraction of the cost.
Every company worrying about "AI safety" should be panicking about AI-powered cyber attacks.
The offensive cyber tools are about to outpace defense by years.
Sleep well, CISOs.
At a fraction of the cost.
Every company worrying about "AI safety" should be panicking about AI-powered cyber attacks.
The offensive cyber tools are about to outpace defense by years.
Sleep well, CISOs.
LW ROUNDTABLE: Lessons from 2025 — Cyber risk got personal; accountability enters a new phase
In 2025, the stakes changed. CISOs were hauled into courtrooms. Boards confronted a wave of shareholder lawsuits. And the rise of autonomous systems introduced fresh ambiguity and risk a…
#hackernews #news
In 2025, the stakes changed. CISOs were hauled into courtrooms. Boards confronted a wave of shareholder lawsuits. And the rise of autonomous systems introduced fresh ambiguity and risk a…
#hackernews #news
LW ROUNDTABLE: Lessons from 2025 — Cyber risk got personal; accountability enters a new phase
In 2025, the stakes changed. CISOs were hauled into courtrooms. Boards confronted a wave of shareholder lawsuits. And the rise of autonomous systems introduced fresh ambiguity and risk around who’s accountable when algorithms act.
Part one of a four-part series
… (more…)
securityboulevard.com
December 12, 2025 at 7:24 AM
LW ROUNDTABLE: Lessons from 2025 — Cyber risk got personal; accountability enters a new phase
In 2025, the stakes changed. CISOs were hauled into courtrooms. Boards confronted a wave of shareholder lawsuits. And the rise of autonomous systems introduced fresh ambiguity and risk a…
#hackernews #news
In 2025, the stakes changed. CISOs were hauled into courtrooms. Boards confronted a wave of shareholder lawsuits. And the rise of autonomous systems introduced fresh ambiguity and risk a…
#hackernews #news
Cybersecurity isn’t underfunded—it’s undermanaged. In this Foundry Expert Contributor article, discover why CISOs need a new leadership narrative to drive smarter security strategies at the top.
Read here: spr.ly/63324CDHZ8
#FoundryExpert #CyberSecurity #CISOLeadership
Read here: spr.ly/63324CDHZ8
#FoundryExpert #CyberSecurity #CISOLeadership
December 11, 2025 at 10:42 PM
Cybersecurity isn’t underfunded—it’s undermanaged. In this Foundry Expert Contributor article, discover why CISOs need a new leadership narrative to drive smarter security strategies at the top.
Read here: spr.ly/63324CDHZ8
#FoundryExpert #CyberSecurity #CISOLeadership
Read here: spr.ly/63324CDHZ8
#FoundryExpert #CyberSecurity #CISOLeadership