Security Conversations videoCybersecurity Insights for Tech Leaders: Addressing Dynamic Threats and AI Risks with ResilienceTech leaders face mounting uncertainties in cybersecurity and Generative AI. This panel session offers vital insights for tech leaders to protect their organizational data. Drawing upon real-world experiences and industry expertise, our panelists will underscore the imperative for adaptability and proactivity in the face of dynamic threats. With tech and cyber talent shortages exacerbating vulnerabilities, the stakes have never been higher. Panelists will discuss warning signs, stressing adaptability and proactivity against evolving threats. Join us for actionable guidance on cybersecurity infrastructure and resilience in a digital era. 10 Jul 2024 24 minsCSO and CISO LockBit feud with law enforcement feels like a TV drama 05 Mar 2024 56 minsRansomwareArtificial Intelligence Reaping the Benefits of Security Metrics 21 Dec 2023 21 minsCSO and CISO Don’t Lose Your Focus: It’s Not About the AI; It’s About the Data 20 Dec 2023 29 minsCSO and CISO See all videos Expert insights 5 best practices for running a successful threat-informed defense in cybersecurityBy Jon Oltsik29 Aug 20246 minsCSO and CISOThreat and Vulnerability ManagementEndpoint Protection Bug bounty programs take root in Russia — with possible far-reaching implicationsBy Sarah Wiedemar27 Aug 20247 minsTechnology IndustryApplication Security Who writes the code in your security software? You need to knowBy Susan Bradley19 Aug 20247 minsCSO and CISOWindows SecuritySecurity Software Cybersecurity should return to reality and ditch the hypeBy Tyler Farrar14 Aug 20246 minsCSO and CISOSecurity PracticesIT Leadership How cyber insurance shapes risk: Ascension and the limits of lessons learned By Christopher Whyte 07 Aug 202410 minsInsurance IndustryRansomwareHealthcare IndustryYou’re not doing enough to educate insiders about data protectionBy Christopher Burgess 07 Aug 20246 minsCSO and CISOThreat and Vulnerability ManagementIT Training 5 recommendations for acing the SEC cybersecurity rulesBy Steve Durbin 01 Aug 20245 minsCSO and CISORegulationFinancial Services IndustryCrowdStrike crisis gives CISOs opportunity to rethink key strategiesBy Cynthia Brumfield 30 Jul 20247 minsCSO and CISOIncident ResponseIT Skills opinionWhy OT cybersecurity should be every CISO's concernRe-assessing the importance of operational technology outside of critical infrastructureBy Steven Sim 12 Aug 2024 5 minsCSO and CISOSecurityopinionCrowdStrike debacle underscores importance of having a planWith so many software agents in today’s IT ecosystems, epic fails like CrowdStrike’s are an inevitability. Make sure your teams are prepared by investing in preparation and rethinking dependencies.By Christopher Burgess 29 Jul 2024 6 minsIncident ResponseTechnology IndustryopinionWhat CISOs can do to bridge their cyber talent gapEfforts to fix the 4 million global cyber pro shortfall may someday pay off. Until then, CISOs have practical solutions at their disposal. By David Gee 26 Jul 2024 7 minsIT SkillsIT Training opinionProject 2025 could escalate US cybersecurity risks, endanger more AmericansThe conservative think tank blueprint for how Donald Trump should govern the US if he wins in November calls for dismantling CISA, among many cyber-related measures. Experts say this would increase cybersecurity risks, undermine critical infrastructure, and put more Americans in danger.By Cynthia Brumfield 25 Jul 2024 10 minsGovernment ITGovernmentIT Governance FrameworksopinionCrowdStrike meltdown highlights IT’s weakest link: Too much administrationCrowdStrike, Windows domain administration, SolarWinds — our implicit trust in admin software is a recipe for repeated disasters.By Andy Ellis 24 Jul 2024 5 minsZero TrustTechnology IndustryIT StrategyopinionEarly IT takeaways from the CrowdStrike outageAs the IT world recovers from the massive outage triggered by CrowdStrike’s Falcon update, CISOs and CIOs would be wise to keep a running ledger of lessons learned. Here are some initial considerations.By Susan Bradley 23 Jul 2024 8 minsIncident ResponseIT StrategyopinionBeware the tools that can bring risk to a Windows networkVigilance and regular reviews of network assets and policies can help avoid attacks that take advantage of access points created by legacy software and moves into the cloud. By Susan Bradley 18 Jul 2024 8 minsNetwork AdministratorWindows SecurityCloud SecurityopinionSometimes the cybersecurity tech industry is its own worst enemyA lack of cooperation and industry standards impacts everyone’s digital safety, making product integration ridiculously difficult in an era of increasingly sophisticated attacks.By Jon Oltsik 17 Jul 2024 6 minsThreat and Vulnerability ManagementSecurity PracticesSecurity SoftwareopinionAT&T’s massive breach of metadata is a criminal treasure trove — as spy agencies knowThere is plenty of intelligence that can be gathered from call data records if you know where to look. Spy agencies have been doing it effectively for years.By Christopher Burgess 15 Jul 2024 8 minsData BreachData and Information SecurityRisk ManagementopinionLegacy systems are the Achilles’ heel of critical infrastructure cybersecurityChina and other nation-state bad actors are probing the defenses of critical infrastructure worldwide and legacy or outdated systems are prime targets. The time to mitigate that risk is now.By Christopher Burgess 08 Jul 2024 8 minsThreat and Vulnerability ManagementCritical InfrastructureSecurity PracticesopinionReduce security risk with 3 edge-securing stepsNot sure where you should start to approach risk reduction in your network? If you aren’t aware of any and all risks to your edge access, you’re not reducing risk. By Susan Bradley 01 Jul 2024 6 minsIdentity and Access ManagementRisk ManagementopinionContinuous red-teaming is your only AI risk defenseThe sheer volume of new and unknown threats coming our way — as well as the lack of fully formed risk frameworks for AI — means that red-team continuous monitoring is not only essential but perhaps your only path to security.By David Gee 26 Jun 2024 7 minsPenetration TestingData and Information SecurityRisk Management Show more Show less Upcoming Events14/Nov awardsCSO30 Awards ASEAN14 Nov 2024Singapore CSO and CISO View all events