Security Conversations videoCybersecurity Insights for Tech Leaders: Addressing Dynamic Threats and AI Risks with ResilienceTech leaders face mounting uncertainties in cybersecurity and Generative AI. This panel session offers vital insights for tech leaders to protect their organizational data. Drawing upon real-world experiences and industry expertise, our panelists will underscore the imperative for adaptability and proactivity in the face of dynamic threats. With tech and cyber talent shortages exacerbating vulnerabilities, the stakes have never been higher. Panelists will discuss warning signs, stressing adaptability and proactivity against evolving threats. Join us for actionable guidance on cybersecurity infrastructure and resilience in a digital era. 10 Jul 2024 24 minsCSO and CISO What is the NIST Cybersecurity Framework? How risk management strategies can mitigate cyberattacks 21 Dec 2021 18 minsRisk ManagementSecurity Why VPNs aren’t the best security tool for working from home, and what to implement instead 23 Nov 2021 23 minsVPN HP turns to zero trust to defend against emerging threats 05 Nov 2021 25 minsZero TrustHPSecurity See all videos Expert insights 5 best practices for running a successful threat-informed defense in cybersecurityBy Jon Oltsik29 Aug 20246 minsCSO and CISOThreat and Vulnerability ManagementEndpoint Protection Bug bounty programs take root in Russia — with possible far-reaching implicationsBy Sarah Wiedemar27 Aug 20247 minsTechnology IndustryApplication Security Who writes the code in your security software? You need to knowBy Susan Bradley19 Aug 20247 minsCSO and CISOWindows SecuritySecurity Software Cybersecurity should return to reality and ditch the hypeBy Tyler Farrar14 Aug 20246 minsCSO and CISOSecurity PracticesIT Leadership How cyber insurance shapes risk: Ascension and the limits of lessons learned By Christopher Whyte 07 Aug 202410 minsInsurance IndustryRansomwareHealthcare IndustryYou’re not doing enough to educate insiders about data protectionBy Christopher Burgess 07 Aug 20246 minsCSO and CISOThreat and Vulnerability ManagementIT Training 5 recommendations for acing the SEC cybersecurity rulesBy Steve Durbin 01 Aug 20245 minsCSO and CISORegulationFinancial Services IndustryCrowdStrike crisis gives CISOs opportunity to rethink key strategiesBy Cynthia Brumfield 30 Jul 20247 minsCSO and CISOIncident ResponseIT Skills opinionCrowdStrike debacle underscores importance of having a planWith so many software agents in today’s IT ecosystems, epic fails like CrowdStrike’s are an inevitability. Make sure your teams are prepared by investing in preparation and rethinking dependencies.By Christopher Burgess 29 Jul 2024 6 minsIncident ResponseTechnology IndustryopinionWhat CISOs can do to bridge their cyber talent gapEfforts to fix the 4 million global cyber pro shortfall may someday pay off. Until then, CISOs have practical solutions at their disposal. By David Gee 26 Jul 2024 7 minsIT SkillsIT Training opinionCrowdStrike meltdown highlights IT’s weakest link: Too much administrationCrowdStrike, Windows domain administration, SolarWinds — our implicit trust in admin software is a recipe for repeated disasters.By Andy Ellis 24 Jul 2024 5 minsZero TrustTechnology IndustryIT StrategyopinionEarly IT takeaways from the CrowdStrike outageAs the IT world recovers from the massive outage triggered by CrowdStrike’s Falcon update, CISOs and CIOs would be wise to keep a running ledger of lessons learned. Here are some initial considerations.By Susan Bradley 23 Jul 2024 8 minsIncident ResponseIT StrategyopinionBeware the tools that can bring risk to a Windows networkVigilance and regular reviews of network assets and policies can help avoid attacks that take advantage of access points created by legacy software and moves into the cloud. By Susan Bradley 18 Jul 2024 8 minsNetwork AdministratorWindows SecurityCloud SecurityopinionSometimes the cybersecurity tech industry is its own worst enemyA lack of cooperation and industry standards impacts everyone’s digital safety, making product integration ridiculously difficult in an era of increasingly sophisticated attacks.By Jon Oltsik 17 Jul 2024 6 minsThreat and Vulnerability ManagementSecurity PracticesSecurity SoftwareopinionAT&T’s massive breach of metadata is a criminal treasure trove — as spy agencies knowThere is plenty of intelligence that can be gathered from call data records if you know where to look. Spy agencies have been doing it effectively for years.By Christopher Burgess 15 Jul 2024 8 minsData BreachData and Information SecurityRisk ManagementopinionLegacy systems are the Achilles’ heel of critical infrastructure cybersecurityChina and other nation-state bad actors are probing the defenses of critical infrastructure worldwide and legacy or outdated systems are prime targets. The time to mitigate that risk is now.By Christopher Burgess 08 Jul 2024 8 minsThreat and Vulnerability ManagementCritical InfrastructureSecurity PracticesopinionReduce security risk with 3 edge-securing stepsNot sure where you should start to approach risk reduction in your network? If you aren’t aware of any and all risks to your edge access, you’re not reducing risk. By Susan Bradley 01 Jul 2024 6 minsIdentity and Access ManagementRisk ManagementopinionContinuous red-teaming is your only AI risk defenseThe sheer volume of new and unknown threats coming our way — as well as the lack of fully formed risk frameworks for AI — means that red-team continuous monitoring is not only essential but perhaps your only path to security.By David Gee 26 Jun 2024 7 minsPenetration TestingData and Information SecurityRisk ManagementopinionEvaluating crisis experience in CISO hiring: What to look for and look out forHere’s what psychology tells us about having crisis experience, a critical and oft-overlooked variable that shapes the cybersecurity employee supply chain — and it’s not what you might expect.By Christopher Whyte 25 Jun 2024 8 minsCSO and CISOHuman ResourcesSecurity PracticesopinionBootstrapping: The best AI strategy is to avoid learning today’s AI techAvoiding overcommitment to new and developing technologies such as artificial intelligence and leaving room to adapt in the future is the core of an approach known as bootstrapping.By Christopher Whyte 17 Jun 2024 10 minsSecurity InfrastructureSecurity Practices Show more Show less Upcoming Events28/Nov conference The Official CSO Security Summit UK28 Nov 20249:00 am – 17:30Andaz London Liverpool Street CSO and CISO 28/Nov awards CSO 30 Awards UK28 Nov 202418:00 – 21:30Andaz London Liverpool Street CSO and CISO 28/Nov awards Next CSO Awards UK28 Nov 202418:30-21:30 GMTAndaz London Liverpool Street CSO and CISO View all events