Category: CISO

Nothing is better than meeting with customers and prospects who can articulate their issues as a business and security organization, from boardroom and regulatory pressures to deploying resources, including people and the tools that enable them. 

Whether meeting with a large bank CISO or a security leader from a global communications company, each shares their unique focus and different challenges, but when discussing data security challenges, there are often several commonalities. For example, they usually share pressure from the top, be that the C-Suite, the Board, regulators, or all the above. And the strategies they choose all involve trade-offs. They don’t have unlimited budgets to do and try everything. They typically discuss a mash of homegrown solutions, vendor products, and outsourced managed security services. 

Most enterprise security strategies protect networks, endpoints, and identities. Data security is a priority, but it is often not at the heart of security plans. With the aggressive introduction of GenAI into the enterprise, security leaders are re-evaluating their approach to data security, starting with the internal use of GenAI. There is a near-universal focus on Microsoft CoPilot and productivity applications like Slack, which can be difficult to govern when multiple instances are used within the environment. 

After listening to CISOs from various industries, here are five data security challenges that even the most seasoned security leaders face as they construct plans to better protect their data. 

  1. Understanding what data exists in their environment – This is an interesting one. Regarding their on-premises environments, most believe they have a good idea about their data footprint. But, when it comes to SaaS and public clouds, they really struggle. The data security tools they relied on for their data center locations are weak at helping discover and classify data outside their corporate perimeter. With data being so democratized in today’s workplace, they feel they would face significant exposure if data were moved to SaaS or public cloud. 
  2. Knowing the sensitivity of their data – Many acknowledge not all of their data is equal, but they have no easy way to determine what data is most critical to their security operations. Their on-premises solutions use classification engines built solely on regular expressions and pattern matching, leading to false positives and requiring manual intervention for classification. They cannot accurately classify down to the file or object level. This is increasingly important in the age of mandatory breach disclosure rules. 
  3. The infrastructure distribution of data – Many large enterprises have data in all three major public cloud providers (AWS, Azure and Google), SaaS (primarily a Microsoft shop), and on-premises. Most have no clear visibility into how much data exists within those environments and if there are data duplicates within their environment. These insights would unlock the ability to make strategic decisions around their infrastructure and potentially introduce additional data hygiene to remove certain data or migrate to cheaper infrastructure, thereby reducing the attack surface and data storage costs. 
  4. The relationship between identity and data – It’s no surprise that humans, groups of humans, and non-human identities (devices) require access to business data. Many security leaders are concerned about data access. This concern is beginning to extend the discussion about zero trust in the context of secure access, endpoint security, and the identity provider space to data at rest. Zero Trust Data Access is on the horizon.
  5. Privacy Data Incident Response – The ability to detect data anomalies (users randomly accessing PII data), maintain PII compliance, and minimize the impact of a data incident are top-of-mind and clear challenges for security executives. The need to align breach response to relevant regulations is a must. So, too, is the ability to easily determine what PII data is impacted as part of a data incident. The Change Healthcare incident is proof of this necessity. Not knowing what PII data part of their ransomware attack has prevented the company from promptly notifying customers whose PII data was impacted. This was an eye-opening revelation for all security leaders. 

Addressing these challenges requires a comprehensive and adaptive data security strategy. That strategy has to start with what is seemingly the most obvious of all: you have to know where all your data is at all times, and you need to know the risk it represents so the proper controls can be applied. Without this solid foundation, nothing else matters. 

We are still in the early days of the cybersecurity industry, let alone the era of Generative AI. Data governance is now an issue of immense importance to businesses, regulators, and consumers. Much has to change in terms of how we have been protecting data. Security leaders must continue to share insights and collaborate to develop effective solutions for safeguarding their organization’s data in an ever-evolving threat landscape.

 

The post Five Data Security Challenges CISOs Face Today appeared first on Cybersecurity Insiders.

[By: Nazar Tymosyk, CEO, UnderDefense Cybersecurity]

The digital landscape is crawling with hidden cyber threats, demanding capable cybersecurity leadership more than ever. While technical expertise forms the foundation, career advancement for aspiring Chief Information Security Officers (CISOs) hinges on exceeding mere technical prowess. Managed Detection and Response (MDR) steps in as a transformative force, not just a cybersecurity tool, but a springboard propelling individuals towards CISO aspirations.

Beyond the Firewall: The Limits of Pure Technical Expertise

Security engineers, while indispensable, can often find themselves stuck in the world of alert management, inadvertently hindering their career paths. Ask them about the financial repercussions of a single day’s business disruption, and you might be met with bewildered silence. This critical gap – the inability to translate technical intricacies into clear, business-centric language – acts as a barrier to upward aspirations. Organizations seek tangible outcomes, not technical jargon. In cybersecurity, that translates to robust risk mitigation, expressed in terms relevant to the bottom line.

MDR: Your Ally in the Cyber Trenches

The cyber battlefield doesn’t have to be a solitary struggle. 

In a continuously changing environment (especially Cloud) you often find repetitive tasks like system reconfigurations and alert reviews that can take up precious time that could be focused on more value-driven and strategic tasks – and this is where MDR vendors can step in. By reducing the noise of alert management and taking these and other routine tasks off your plate, your internal team can hone their skills through Red Teaming, threat simulations, and  other more impactful – and frankly exciting – tasks. 

Taking it a step further, sophisticated MDR platforms such as UnderDefense MAXI go the extra mile by transforming a sea of alerts into insightful reports, crafted to resonate with business leaders in their native tongue – dollars and cents. These data-driven narratives are game-changers, because how can one lead without the ability to quantify risk and articulate the value proposition of cybersecurity?

The CISO Transformation: From Technician to Strategic Leader

The true mark of a CISO lies not just in technical aptitude, but in their ability to weave cybersecurity into the fabric of business strategy. MDR liberates practitioners from the constant barrage of alerts, diving into the logs, complicated investigations with false positives, verifications with users – allowing them to shift their focus to the bigger picture – understanding and mitigating risks. By offering deep visibility into attack patterns, vulnerabilities, and risk vectors, MDR fosters not just technical solutions, but a holistic security posture.

Penetration testing (Pentesting) then serves as the ultimate test, gauging both MDR effectiveness and internal team preparedness. This showcase of vigilance and proactive defense is your golden ticket to the boardroom.

From Guardian to Leader: The Power of the Strategic Narrative

MDR equips cybersecurity professionals with a powerful new language – the language of strategic impact. It’s more than a tool; it’s a transformative ally, empowering individuals to transcend the role of gatekeeper and ascend to the position of legion commander. As you navigate the journey from alert fatigue to strategic leadership, remember:

  • Embrace the Business Acumen: Hone your ability to translate technical complexities into clear, concise business terms. Quantify the impact of security risks and investments, speak the language of the boardroom.

  • Seek the Right Partner: Choose an MDR provider that aligns with your organization’s needs and offers insightful reporting that resonates with business leaders.

  • Invest in Continuous Learning: Never stop learning and evolving. Participate in industry events, pursue relevant certifications, and stay abreast of emerging threats and trends.

 

By embracing MDR as a strategic solution and actively cultivating your business acumen, you transform yourself from a skilled technician into a visionary leader, ready to take the reins of cybersecurity within your organization. Remember, the path to the C-suite is paved not just with technical prowess, but with the strategic vision and communication skills to guide your organization through the ever-evolving cyber landscape.

The post From Alert Fatigue to Leadership Acumen: How MDR Empowers CISO Aspirations appeared first on Cybersecurity Insiders.

[By Shai Gabay, CEO, Trustmi]

As if the list of things keeping CISOs up at night wasn’t long enough, cyberattacks on finance teams and business payment processes are now a priority because they are in the bullseye of bad actors.

According to a 2023 webcast poll from Deloitte Center for Controllership™, more than 48 percent of C-suite and other executives expect the number and size of cyber events targeting their organizations’ accounting and financial data to increase in the year ahead. This puts CISOs on notice.

One reason for the growth of cyberattacks is that finance departments and their B2B payment processes are highly manual and, therefore, vulnerable. Additionally, finance teams continue to rely on disparate systems with siloed information, creating a lack of visibility across the entire payment workflow. That lethal combination results in growing blind spots and human errors. This challenge is compounded by understaffed finance teams that are stretched thin and overwhelmed by the sheer number of invoices and payments that teams must process regularly.

Add it all up, and identifying potential signs of business payment fraud is like looking for a needle in a haystack. Some top sources of struggle for CISOs include Business Email Compromise (BEC), vendor supply chain attacks, and cyber attackers’ who are cranking up their use of AI.

 

Here’s a look into each of these areas: 

 

Business Email Compromise (BEC): BEC attacks have existed for some time. The FBI began tracking BEC more than a decade ago. But today, the focus of these attacks is not just ransomware and data theft. They are targeting finance teams by impersonating legitimate vendors and sending fake invoices to companies. The goal of these efforts is to illicit financial gain. The 2022 FBI Internet Crime Report found the following:

  • The FBI found attackers are spoofing legitimate business phone numbers to confirm fraudulent banking details.

  • According to research from the FBI Internet Crime Complaint Center, $50B was lost on business email compromise between 2013-2022.

AI: Arguably, the most significant security challenge facing CISOs and the finance department stems from AI. In what seems like the blink of an eye, cybercriminals are using AI to create written, voice, and video communications so convincing that many human experts cannot separate the real from the fraudulent. This includes anything from a phishing campaign to chatbot conversations and video conference calls. 

In what may be the most recent high-profile example, earlier this year in Hong Kong, attackers used a deepfake of a CFO in a video conference to trick a finance employee into making a fraudulent $25 million wire transfer. More recently, an employee of the TV network owned by the Boston Red Sox was convicted of creating fraudulent invoices from a legitimate vendor. He was able to steal $500,000.  

Supply chain problems: Supply chain attacks have been around for some time with the most high-profile victim being SolarWinds. However, not all supply chain attacks are the same. Today, some attackers are exploiting a company’s vendor supply chain rather than attacking the software supply chain and installing malware. Vendor supply chains are extremely vulnerable  because third-party vendors lack the same levels of security as larger enterprises, making them easy to exploit. 

 

Once the vendor is integrated with the larger business, the fraudster acts by, for example, impersonating a vendor and changing their payment details to shift the payment to themselves. This is a threat that all companies must be wary of. According to research from the Cyentia Institute, the average organization has approximately ten third-party relationships, and 98% had at least one third-party partner who had suffered a breach. For larger businesses, the number of vendors can be in the hundreds of thousands, which means there’s an even larger risk that these enterprise organizations are working with third-party partners at risk of a security breach.

 

Securing Finance with AI

If any of these threats have not impacted your business, it’s likely only a matter of time.  The best tool to have in your CISO tool belt is AI. More specifically, an AI system that can analyze vast amounts of data in real time and, in the process, continually improve fraud detection capabilities. Today, AI-based analysis systems can monitor and analyze all aspects of the process, from vendor interaction to payment. From there, these systems can provide real-time risk and trust scores, identify discrepancies or anomalies, send alerts for potentially fraudulent activities, and work seamlessly within the current process to ensure easy implementation.

 

Regarding the supply chain, AI can replace wildly outdated manual processes by efficiently managing and securing every vendor, whether you have 1 or 100,000.  And this includes fourth-party vendors as well. 

 

Look for solutions that can identify all vendors, provide complete visibility into their management, monitor vendor activities, track and control their permissions and access to internal systems, and enforce security practices. In addition to managing vendor profiles and changes to their payment information, it’s vital that your AI system can secure the entire supply chain lifecycle, including the initial onboarding process. This is necessary to provide full supply chain protection.

 

For today’s CISO, the threats never stop. As attackers expand their list of targets, security teams must be prepared to identify and mitigate each, whether a BEC, vendor supply chain attack, or AI-fueled deepfake swindle. The good news is that CISOs can fight fire with fire by tapping into AI to identify suspicious activity and stop it in its tracks, no matter which department is being targeted. 

 

Shai Gabay Bio

A visionary entrepreneur, Shai Gabay has always held a deep passion for cybersecurity and fintech, and over the course of his career, he has developed his expertise in both areas. Currently, Shai is a co-founder and the CEO of Trustmi, a leading end-to-end payment security platform founded in Israel in 2021. Prior to Trustmi, he was General Manager at Opera, VP of Product and Services at Cynet, CIO at Cyberbit and the CISO at Discount Bank.

 

Shai holds a Bachelor’s Degree from Shenkar College in software engineering, and also a Master’s degree in Business Administration and Management from Tel Aviv University.  Additionally, Shai was selected for the prestigious 1-year full scholarship executive excellence program at the Hoffman Kofman Foundation, a program tailored to outstanding alumni of IDF’s Elite Units. Through this program, he had the opportunity to study with prominent co-founders and leaders at renowned global tech companies and professors at elite universities.

 

The post The Latest Threat CISOs Cannot Afford to Ignore—Business Payment Fraud appeared first on Cybersecurity Insiders.

As 2023 draws to a close, many Chief Information Security Officers (CISOs) find themselves at the crossroads of salary negotiations or have already secured their updated compensation packages. However, research conducted by IANS Research in collaboration with Artico Search suggests that the salary increments for these technology leaders were often modest, and bonus expectations fell short of initial projections.

Several factors contribute to these relatively subdued pay raises and bonuses. These considerations largely hinge on a company’s annual budget for the year and the firm’s profit margins in both the preceding and current years.

The pivotal question arises: Are CISOs content with their current or impending salary hikes and bonuses for the year? The issue of salary remains a complex and sensitive matter for individuals across various demographics, regardless of gender, educational background, experience, or industry.

The research report reveals that a substantial 75% or more of CISOs are contemplating a job change within the next 6-8 months, with some already in the process of transitioning to new opportunities, commencing as early as January 2024. Some are even willing to relinquish their current roles to explore new sectors or embark on entrepreneurial ventures.

In today’s landscape, evolving regulations governing data collection, processing, and analysis have significantly increased the liability borne by Chief Information Security Officers (CISOs). This heightened responsibility has instilled a sense of apprehension regarding potential cybersecurity incidents.

In order to evade potential legal complications and liabilities, many individuals may be inclined to distance themselves from these positions, despite some commanding annual salaries ranging from $300,000 to $600,000.

Furthermore, concerns surrounding the possibility of an economic slowdown have prompted business leaders to curtail operational expenses, including salary hikes and bonuses, in an effort to bolster profit margins.

So, is now an opportune moment for CISOs to seek new career opportunities? With the right qualifications and relevant experience, companies, particularly startups and emerging ventures, are actively seeking top talent who can navigate technological challenges from day one. In data-driven enterprises where information is the lifeblood, roles such as Chief Technology Officer (CTO), CISO, and Chief Security Officer (CSO) hold significant strategic importance.

The post CISOs witness meagre salary rise and bonuses in 2023 appeared first on Cybersecurity Insiders.

In today’s interconnected world, where cyber threats loom large, organizations must prioritize information security. One crucial step towards achieving robust cybersecurity is hiring a competent Chief Information Security Officer (CISO). The CISO plays a pivotal role in safeguarding an organization’s digital assets and ensuring data privacy. This article highlights the key considerations that organizations should keep in mind when seeking to hire a CISO.

Expertise and Experience: When hiring a CISO, it is vital to assess their expertise and experience in the field of information security. Look for candidates who possess a deep understanding of cybersecurity technologies, risk management frameworks, and regulatory compliance. Experience in managing security incidents, implementing security controls, and developing effective security strategies is also crucial.

Leadership and Communication Skills: A successful CISO not only possesses technical knowledge but also exhibits strong leadership and communication skills. The CISO must effectively communicate security risks and strategies to both technical and non-technical stakeholders. They should have the ability to inspire and motivate a team, drive security initiatives, and collaborate across departments to foster a culture of security within the organization.

Business Acumen: A CISO must understand the business landscape in which the organization operates. They should align security objectives with overall business goals and demonstrate a keen understanding of the organization’s risk appetite. A CISO with business acumen can effectively prioritize security investments, articulate the value of security measures to executive management, and build a security program that supports the organization’s strategic objectives.

Up-to-date Knowledge: The field of cybersecurity is ever-evolving, with new threats emerging regularly. It is crucial for a CISO to stay up-to-date with the latest trends, technologies, and best practices in information security. Look for candidates who demonstrate a commitment to continuous learning, involvement in industry forums, and participation in relevant certifications and conferences.

Collaboration and Relationship Building: A CISO cannot work in isolation. They need to collaborate with various stakeholders, including IT teams, executive management, legal and compliance departments, and external partners. A successful CISO should possess strong relationship-building skills, fostering partnerships that facilitate effective information sharing, incident response, and the implementation of security measures throughout the organization’s ecosystem.

Regulatory and Compliance Knowledge: Data privacy regulations, such as GDPR and CCPA, have placed additional responsibilities on organizations to protect customer data. A CISO should have a comprehensive understanding of relevant regulatory requirements and compliance frameworks. They should be able to ensure that the organization remains compliant with applicable laws and regulations, and that appropriate security controls are implemented to protect sensitive information.

Proactive Approach to Threats: Cyber threats are constantly evolving, and organizations need a CISO who takes a proactive stance against potential attacks. Look for candidates who have a track record of developing and implementing effective threat intelligence programs, conducting risk assessments, and establishing incident response plans. A proactive CISO will be vigilant in identifying vulnerabilities, implementing preventive measures, and continually improving the organization’s security posture.

Conclusion:

Hiring a capable Chief Information Security Officer is a critical step towards establishing a robust cybersecurity posture for any organization. By considering factors such as expertise, leadership skills, business acumen, up-to-date knowledge, collaboration abilities, regulatory compliance knowledge, and a proactive mindset, organizations can ensure they select the right CISO to protect their valuable digital assets. Remember, a competent CISO not only defends against current threats but also remains adaptable to future challenges in the ever-evolving landscape of cybersecurity.

The post Key Considerations When Hiring a Chief Information Security Officer appeared first on Cybersecurity Insiders.

Kelly Bissell, the Vice President of Microsoft Security disclosed his mind at the SiberX CISO Forum Canada and stated that the thinking of Chief Information Security Officer (CISOs) is leaving organizations vulnerable to sophistication filled cyber-attacks.

And the only way to deal with the situation is to change the state of mind and follow basic security measures that not only help the company in avoiding a cyber embarrassment in the business field, but will also shield it from financial crisis.

“90% of attacks are elementary and can be avoided by patching the systems deploying 2-factor authentication in logins and having no password vulnerabilities,” felt Kelly.

He also suggested training employees about the current situation prevailing in the cyber landscape and added to keep them on toes for following basic cyber hygiene tips.

Good news is that law enforcement agencies are also adapting themselves to the present cyber landscape and are employing the best tactics to curb the flow of the attacks.

Now to all those Chief Information Security Officers who want some enlightenment, here are some advising tips

·       Get intelligence tips from time to time

·       Auditing the cyber security posture on a quarterly note will help weed out susceptibilities that can otherwise be exploited

·       Moving workloads to cloud is also wise

·       Maintaining data and application workloads in hybrid environments is vital

·       Threat analysis and response can be automated with the use of AI solutions

·       Having a well-designed Active Director defense is also essential

·       Optimize and simplify the information technology infra makes complete sense

·       Replacing obsolete hardware and software with the latest also makes complete sense, provided budget is never an issue.

 

The post CISOs laxity towards cybersecurity is leading to more Cyber Attacks appeared first on Cybersecurity Insiders.

With business and technology becoming increasingly intertwined, organizations are being forced to rethink how they look at digital security. Once overlooked or viewed as a mere afterthought, today it has become a business-critical necessity. As a result, organizations across industry lines are racing to improve their security postures. Chief Information Security Officers (CISOs) are at […]… Read More

The post The ClubCISO report reveals a fundamental shift in security culture appeared first on The State of Security.

What are the most important areas for a CISO to focus on?  When speaking to Aman Sood, it becomes clear that the job of a CISO encompasses every aspect of a business.  Aman is the Head of Cyber Security with Jimdo, a website building platform that helps small businesses start, grow, and ultimately thrive online.  […]… Read More

The post CISO Interview Series: The thinking of a CISO at the front end of the cyber threat landscape. appeared first on The State of Security.

“Data: We have never had so much of it, and it has never been so challenging to protect.” These are some of the opening words in the new survey published by ISMG and HelpSystems in the ‘Data Security Survey 2022’. The survey explores how COVID19 has permanently changed how CISOs approach Data Security. It is […]… Read More

The post Cyber Threats – The New Norm in Data Security appeared first on The State of Security.

In the two years proceeding from the beginning of the COVID-19 pandemic, the business world has been transformed on a grand scale. Organizations have created more data than ever before, data is now spread across a wider attack surface, putting it at a heightened risk of becoming a compromised risk. The manner and location of […]… Read More

The post The State of Data Security in 2022: The CISOs Perspective appeared first on The State of Security.