The Great CISO Resignation

Rick Crandall | May 10, 2023 | 290 views | Read Time : 05:00 min

The Great CISO Resignation

CISOs Are Leaving in Droves

The Great Resignation has been front-page news since Covid lockdowns, with many employees looking for the work-life balance they enjoyed at the time. Now, the phenomenon has spread to the role of Chief Information Security Officer (CISO) and shows no signs of letting up. In fact, industry experts predict that it is likely to worsen.

A recent study from cybersecurity company BlackFog found that 32% of CISOs in the U.K. and U.S. have considered leaving and many planned to do so in just six months. The majority noted that the top reason for leaving was a lack of work-life balance. The CISO role is demanding, with firefighting and frequent changes in regulations and customer expectations taking up significant time both on and off the job.

In another recent study in which 581 CISOs were surveyed, the IANS Research and Artico Search explored CISO compensation and job satisfaction. Three-fourths of CISOs are satisfied with their job, which is 7% higher than in the 2021 sample and more than double that of the 2020 sample. The main drivers of satisfaction are compensation, budget, executive visibility, and organizational support. However, despite high satisfaction numbers, the study found that as many as 44% of respondents are considering a job change.

CISO Challenges

LIABILITY AND EXPOSURE OF THE CISO

There is a perception that CISOs face heightened liability for cyber intrusions and the response to cyber events. One extraordinary example is the recent conviction of Uber’s former security officer, which represents the first time a security executive has faced federal crime prosecution over a data security response. In this case the finding was that he obstructed justice by concealing information about a breach, destroying data, and covering up the incident.

CISOs are often in the hot seat when it comes to cyber-intrusions and how they are handled. The Board of Directors (possibly including named corporate officers) in most cases are protected by being diligent about the Business Judgement Rule (BJR). Heavily adopted in Delaware case law and since adopted in various forms in many states, this “rule” stipulates that proper oversight includes demonstrating the duty of loyalty (no conflicting interests) and duty of care (make informed decisions) to be protected from liability. There are few cases (although Enron being one) where liability was found but it was for illegalities and poor business judgment.

Since CISOs are not named corporate officers in most cases, BJR does not provide comfort. Similarly, liability insurance which covers legal defense fees and cash judgments often covers only directors and named corporate officers unless the CISO has been specifically included in the policy.

DUTY TO REPORT

Regulations at the state and federal level are increasing and expectations have changed about what and when cyber incidents need to be reported – to the public, the government, customers, partners, and suppliers. How organizations respond to cyber-attacks, especially in the timing and forthrightness of disclosure, has been all over the map, ranging from immediate and open disclosure to outright coverups. This can create a dilemma for the CISO who usually has front-line knowledge about an incident and what data, identities, customers, and other stakeholders are affected but who may be at cross-purposes with those above them.

Another dilemma the CISO faces is deciding what to do when critical issues are ill-communicated or not fully appreciated among higher-level executives and board members especially during times of tight budgets or budget cuts. Becoming a whistleblower is an option but doing so has its own set of ramifications.
 

Improving Board-CISO Transparency

There is a mechanism found in corporate governance best-practices for ensuring that the most senior people in an organization get direct, unfiltered input from a key executive, regardless of reporting structure. It is called the executive session. This is in common use by Boards of Directors who meet individually with the Chief Financial Officer, Controller, and other key executives, notably without other management in the room. Questions are intended to be penetrating and the respondent is expected to respond openly. Now that cybersecurity has risen to a top risk for the enterprise, the CISO position should be among those who appear individually in an executive session with the highest governing body of an enterprise at least annually. This addition to governance best-practices would give Board members and State governors unfiltered information on cybersecurity matters, thereby helping to fulfil their oversight responsibility.

Bob Zukis, founder and CEO of the Digital Directors Network, reports that a survey of its membership of more than 900 IT, cyber, and boardroom leaders shows nearly half of the respondents already have some form of this policy in practice. However, this is still a minority of the overall CISO population, signaling more transparency between the CISO and Board is needed.


CISOs in State Governments

Government organizations also face many of these issues. Evidence shows that CISOs in state governments are as vulnerable to other job offers as CISOs in the private sector. In the span of eight days in October 2022, there were several reports of state CISOs resigning, including Oklahoma, Georgia, Pennsylvania, and North Dakota. [1]

Legal liability is not an issue the government CISO needs to be worried about since governments and their employees are immune from legal suits. However, government CISOs are highly concerned about shouldering blame, especially in the press, for security intrusions or their coverup.

As with private industry, state governments should also institute this recommended practice. NCC recommends CISOs be called upon to appear in an executive session with agency heads and even the governor at least once a year.

The State of Texas, for example, already has a version of this policy implemented in a statute and in practice. Texas Administrative Code includes provisions for:

  • Reporting, at least annually, directly to the agency head the status and effectiveness of the security program and its controls.
  • Informing any relevant parties in the event of noncompliance with the state agency’s information security policies


Resolving the Great CISO Resignation

For organizations across the public and private sectors, cybersecurity has risen to one of the top risks and has increased the importance of the role of the CISO. Most are looking to improve their work-life balance and reduce some of the stressors of the job. While many CISOs are also concerned about trends in liability and becoming headline news for decisions made on the job, requiring CISOs to appear in executive sessions with board members or state governors can help to alleviate these concerns and improve CISO job satisfaction while at the same time improving how the most senior levels of organizations fulfil their responsibilities for oversight of top risks.

Spotlight

Reveald, Inc

Reveald is making Exposure Management a reality to solve the biggest challenges in cybersecurity with a trailblazing ‘offense to defense’ approach that gives the advantage back to the business. It is the only solution that combines risk hunting, full defensive response, and threat and exposure remediation services that deliver business-driven outcomes. Operationalizing cutting-edge technology for exposure management, Reveald uncovers every conceivable attack path and intelligently prioritizes them by business criticality and risk. Our Fusion Center team of elite security experts then systemically neutralizes those attack paths to make critical IT assets increasingly impervious to exploitation. The addition of ongoing monitoring and advisory services empowers users to adopt a formidable defensive posture while taking pressure off their in-house security resources. Above all, Reveald turns cyber risk into something measurable and manageable from the SOC to the C-Suite.

OTHER ARTICLES
Enterprise Security, Network Threat Detection

Transformative Cybersecurity Detection Reshapes the Battle Against Constantly Evolving Cyber Threats

Article | July 13, 2023

Embrace cybersecurity as transformative detection techniques to revolutionize the fight against ever-changing cyber threats. In an interconnected world, cybersecurity poses a growing threat to businesses, capable of wreaking havoc on their operations, reputations, and financial standings. Cyber threats have reached alarming levels, affecting every industry. Successful attacks can lead to data theft, financial losses, reputational damage, and business disruption. These sophisticated attacks exploit vulnerabilities in digital infrastructure. Yet, the challenge of cybersecurity extends beyond the mere presence of threats. It lies in the relentless evolution and adaptability of these malevolent forces. Traditional security measures, once considered sufficient, are now rendered ineffective against their cunning tactics. The landscape of cybercrime is a perpetually shifting entity, leaving organizations in a constant state of vulnerability. At the onset of the COVID-19 pandemic, organizations witnessed a significant surge in cyber threats or alerts, with 61% reporting a substantial increase of 25% or more. With users accessing cloud applications and corporate networks remotely, hackers actively sought to exploit potential security gaps. Protecting Businesses: The Importance of Cybersecurity Detection Early threat detection is a fundamental aspect of effective cybersecurity. By closely monitoring network traffic, system logs, and user behavior, businesses can swiftly detect suspicious activities that may signal an ongoing or imminent cyber-attack. Such proactive detection enables organizations to respond promptly, mitigating potential financial losses from data breaches, system downtime, regulatory fines, legal battles, and reputational damage. For businesses entrusted with sensitive customer data, cybersecurity detection plays a vital role in maintaining trust and complying with data protection regulations. By monitoring data access, identifying unauthorized activities, and promptly detecting breaches or data exfiltration attempts, organizations can safeguard customer information and avoid legal complications. Moreover, cybersecurity detection protects a company's intellectual property, ensuring the integrity of trade secrets, proprietary algorithms, and other confidential information. By effectively identifying and preventing unauthorized access or theft attempts, businesses can maintain their competitive advantage. Compliance with industry regulations is an essential consideration for businesses. Cybersecurity detection helps companies demonstrate proactive measures in detecting security incidents and potential data breaches, ensuring adherence to data security and privacy requirements and avoiding penalties, legal liabilities, and reputational damage associated with non-compliance. Furthermore, effective cybersecurity detection enhances reputational trust. Businesses that invest in robust detection measures are committed to safeguarding sensitive information, thus fostering trust among customers, partners, and stakeholders. Guard Against Cyber Threats with onShore Security’s Panoptic Cyberdefense Panoptic Cyberdefense by onShore Security is a Managed Cybersecurity Detection solution that recognizes security as an ongoing process, not just a mere product. For effective cybersecurity operations, round-the-clock monitoring is required using Security Operations Center (SOC) offered by onShore’s cyberdefence solution. To maximize visibility, businesses need to immediately respond to security threats while also requiring to identify non-threatening data. Leveraging Panoptic Cyberdefense helps streamline identifying, monitoring, and detecting cyber threats. During a conversation with Media 7, Stel Valavanis, CEO, onShore Security highlighted the impact of cyber threats and talked about cybersecurity detection solutions. We have developed our detection platform, the Panoptic Sensor and the Panoptic SIEM over many battle-hardened years. And the process is well-oiled, as you can imagine, involving tiers and workflow communication for alerting, analysis, tuning, and threat-hunting. As cyber threats evolve in complexity and frequency, businesses must remain vigilant in safeguarding their digital assets. onShore Security's Panoptic Cyberdefense offers a comprehensive suite of solutions, including Panoptic Sensor and the Panoptic SIEM, to help organizations mitigate risk, protect sensitive data, elevate their security team, and meet compliance requirements. Through Panoptic Sensor, organizations gain proactive threat intelligence, enabling the early detection and prevention of potential security breaches. Complementing this, the Panoptic SIEM provides powerful analytics and monitoring capabilities, empowering businesses to swiftly identify, investigate, and respond to security incidents. To navigate complex data protection and privacy regulations, minimizing the risk of non-compliance penalties and legal ramifications is needed. Panoptic Cyberdefense offers three levels of cybersecurity detection. The levels of detection, response and analysis include managed detection and response (MDR), second level has both network detection response (NDR) + MDR, and the third level is security orchestration. Harness the Power of Detection By integrating detection capabilities into every layer of protection systems, including user involvement, businesses can establish a formidable defense against cyber threats. Consolidating data from various sources into a centralized platform for analysis becomes essential. Implementing a managed detection and response process enables continuous analysis of this data, empowering early detection of potential attackers and facilitating ongoing security enhancements. Collaborating with government and industry partners can further demonstrate a commitment to high-security standards and compliance requirements. Remaining prepared for potential attacks is crucial. In the event of an incident, prompt response becomes paramount. Equipped with comprehensive data providing attestation of methods and impact, organizations can swiftly and effectively address any cybersecurity breaches.

Read More
Software Security

Identity-Based Authentication Sets New Industry Standards for Secure and Streamlined User Onboarding

Article | August 9, 2023

Embrace the transformative power of identity-based authentication to establish new industry standards for safe and seamless user onboarding processes, enhancing security, workflows & user experience. The increasing adoption of decentralized identity systems, including blockchain-based solutions, introduces intricate challenges in the verification and authorization of identities across distributed networks. During interoperability, the threat to privacy and security within these systems is emerging at an alarming rate that requires urgent attention. Additionally, combating synthetic identity fraud poses a significant hurdle as fraudsters adeptly combine genuine and false information, making it arduous to differentiate between authentic and fraudulent identities. Deepfakes are the rising concern, which generate remarkably realistic audio, video, or images, mimicking genuine individuals and heightening the difficulty of detecting and preventing impersonation attacks. Password fatigue stems from the constant need to create and remember multiple passwords, leading users to choose weak or reused ones. Reusing passwords increases the risk, as compromising one account grants access to others. Password theft is a concern, with attackers employing phishing attacks and malware. A study by Google found that passwordless authentication can reduce password-related help desk tickets by up to 60%. (Source: PYMNTS) Complex password requirements can be challenging, pushing users towards weaker options. Password resets are time-consuming and frustrating. Solutions should alleviate fatigue, promote secure practices, and offer robust protection against theft and unauthorized access. All service providers or product companies confront a common challenge in this novel era of vulnerabilities, the question of creating an optimal and seamless user onboarding cycle while adhering to the necessary standards. This keeps them up at night as they attempt to find the optimal balance between seamless and secured-data onboarding. In this digital age, identity-secure data is the most valuable asset and a transformative resource. Organizations with data stored in cloud storage and password-based authentication systems are vulnerable to cybercrime. These are susceptible to numerous security threats, including phishing, social engineering, and brute-force attacks. These hazards may result in security breaches and sensitive data loss. Additionally, password management becomes burdensome for users, resulting in password fatigue, weak practices, and IT department involvement for password resets. This impacts user experience and productivity. Identity-Based Authentication (IBA) comes into action while implementing this secure identity verification. To ensure widespread adoption of IBA, the industry must standardize two crucial aspects of identity: ‘Identification Verification’ and ‘Passwordless Authentication’. Automating identity verification fundamentally transforms the onboarding work processes by shifting administrative burden to user endpoints and automating data capture, credential validation, and document workflow. This leads to increased user satisfaction and faster access to required services, driving efficiency and reducing the time to generate revenue for customers. BlockID Verify by 1Kosmos prevents such fraudulent accounts through an identity proofing process that verifies identity anywhere, anytime, and on any device with over 99% accuracy, thereby preventing the use of stolen or synthetic identities during customer onboarding. During a conversation with Media 7, Michael Cichon, CMO, 1Kosmos stressed on the implementation of identity proofing and authorization. At 1Kosmos we bring our solutions to the market through three distinct products. One product focuses on workforce authentication, another caters to business-to-consumer use cases, and the third product revolves around self-service identity proofing. These give organizations the ability to remotely verify an identity on the web with a high level of assurance, and then verify that identity at every access attempt. Onboarding users with security and data protection is a critical activity. It is a one-time action that must be combined with an authentication mechanism for long-term identity to be genuinely effective. Organizations with data stored in cloud storage and password-based authentication systems are vulnerable to cybercrime. While these are susceptible to numerous security threats, including phishing, social engineering, and brute-force attacks, these hazards can result in security breaches and sensitive data loss. A recent report by Verizon demonstrated that 61% of all data breaches are caused by compromised credentials. (Source: 1Kosmos) The catch that robust identity verification alone does not guarantee future authentication, calls for FIDO (Fast Identity Online). It is backed by an industry-leading organization 1Kosmos, which provides solutions for Identity Based Authentication. FIDO uses cryptography in the form of a public and private key to authenticate a user. With FIDO2 authentication, employees can authenticate into corporate systems and applications using their personal devices. This eliminates the need for conventional passwords and reduces the likelihood of security vulnerabilities resulting due to password-related attacks. With FIDO2, the user's keys are stored on their devices and not the service provider's server and thus proves to be less vulnerable to identity theft and phishing attempts. This is where the password to cryptographic passkeys adoption comes into picture. BlockID Workforce by 1Kosmos implements password-less authentication using FIDO, and has thus become a necessity, adopting self-service identity verification serving as a credential service provider. The ‘Identity Proofing’ together with ‘Passwordless Authentication’ results in a seamless user experience addressing credential theft, eliminating unauthorized users logging in corporate IT network and thus preventing data breaches, financial fraud, and ransomware.

Read More
Enterprise Security, Platform Security

Software Supply Chain Attacks: How Can Code Signing Help?

Article | July 13, 2023

Software supply chain attacks, such as the recent one involving MOVEit Transfer, are a serious issue for modern enterprises. Their dependency on third-party software makes it difficult to successfully vet the security integrity of every product used by enterprises. Software is especially difficult to assess securely, as it can be modified through updates throughout its lifecycle. For threat actors, targeting popular enterprise software tools is a lucrative and time-efficient way to gain access to the systems of a large number of corporate users. Verifying the integrity of software, and using attestation services, is one way to minimize the threat surface. So how can these concepts be leveraged in software? Software integrity (also known as code integrity) refers to the quality of the source code and allows the determination of the safety, security, and reliability of the software. It can mean that the code is unaltered by unauthorized parties, or it can also provide protection against hacks and guarantee privacy. Integrity checking can be relatively complex, but includes, at a minimum (from a security perspective), security features and ensures that security vulnerabilities have been eliminated. It does what it should, can be tested, and is easy to understand and edit, without introducing new errors or flaws. There are code analysis tools that can enable this. Beyond that, the code can be signed through the application of a digital signature to seal that integrity check. This can happen several times during the lifetime of that software: at production, for upgrades and patching, etc. This provides assurance that the software came from the developer and that it has not been changed in an unauthorized manner. This proof of authenticity becomes important in supply chain scenarios, and can be an important tool for brand protection of the developers. Code signing makes use of digital certificates; the signature is cryptographically hashed and packaged in a certificate. This certificate can then be verified by the user of the software through a Public Key Infrastructure (PKI), with a certificate authority validating (or refuting) the applied signature. There are various types of code signing certificates: standard and extended. The latter involves a more complex process and stricter requirements for validation and key management. Software attestation is essentially the other side of that process. It’s a trust mechanism that allows the user to independently validate the integrity asserted by a provider. Attestation might require not just the vendors name, version of the software, and origins of the code, but also other software artifacts, such as statements to the effect that they have followed secure development practices, information on external dependencies used to build it, the build process itself, the test suites that were run, and any security checks passed. Together, these artifacts form the metadata of the software, which then can be independently signed. A PKI can then be leveraged to verify the applied digital signature. There are software attestation standards that can be leveraged, including open ones (in-tot and Binary Authorization being two popular ones). The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is working on a self-attestation form (Secure Software Development Attestation Common Form) for software producers serving the federal government. The form will require them to confirm implementation of specific security practices. This was following the White House’s 2021 Executive Order 14028 and the Office of Management and Budget’s (OMB) M-22-18, “Enhancing the Security of the Software Supply Chain through Secure Software Development Practices.” Digital signatures for code integrity and software attestation will increasingly be in demand, especially as governments on both sides of the Atlantic (in the European Union and the United States) are pushing for policy and regulation on mandatory Software Bills of Materials (SBOMs). The goal is to make software developers and device manufacturers accountable for the components that make up their products. An SBOM will have to list known vulnerabilities associated with each component (open source and third party), pushing security rights to the forefront of product development. This visibility will allow for product development teams, DevOps, and implementers to address vulnerabilities and thereby strengthen security. SBOMs will likely form part of the software’s metadata, so signing will have a role to play here. In short, code signing and software attestation can both confer a level of security that can minimize the threat of a supply chain attack. It’s important to keep in mind, however, that they won’t address all issues, and will not be 100% fool-proof either. Of course, threat actors know this, and many are already targeting the code signing process in order to inject malicious code. This requires threat actors to compromise development platforms where code signing takes place. Ultimately, the use of digital signatures, from creation to management, is another aspect that will need to be secured from a developer perspective. DevSecOps will also have an important role to play here in order to avoid such malicious tactics, thereby providing a holistic security context for using digital signatures. But there is no doubt that digital signatures are a key technology for code integrity and software attestation, and will have a positive impact on thwarting the progress of supply chain attacks, if used widely. Sources: CISA WH EO 14028 OMB

Read More
Network Threat Detection, Platform Security, Software Security

Digital Defense 2023: Top Network Security Trends for Businesses

Article | June 28, 2023

Discover emerging network security trends to stay informed about evolving landscape and safeguard business operations, protect sensitive data, and fortify defenses against evolving cyber threats. Contents Introduction The Latest Network Security Trends Every Business Should Know in 2023 Zero Trust Architecture Secure Access Service Edge (SASE) Internet of Things (IoT) Security Artificial Intelligence (AI) and Machine Learning (ML) in Network Security Privacy-Enhancing Technologies Third-party Security and Interoperability Incident Response and Cyber Insurance Network Security: Beyond the Horizon Introduction The landscape of network security is evolving rapidly, driven by advancements in technology and the cyberattack tactics of cybercriminals. There has been a significant rise in network security threats, such as ransomware attacks, Distributed Denial of Service (DDoS), phishing, and others, over the past few years. According to a report by Barracuda, 81% of the companies surveyed stated that they had suffered at least one security breach in 2021. As a result, it is increasingly becoming crucial for businesses to stay vigilant and well-informed about the recent trends in network security to protect their critical assets, maintain the trust of their customers, and mitigate the potentially devastating consequences of current cybersecurity threats. The Latest Network Security Trends Every Business Should Know in 2023 As technology evolves, so do the threats that businesses face in the digital landscape. Network security has become a critical concern for organizations as they navigate the complex world of data protection, privacy, and cyber threats. Several upcoming network security trends are shaping the landscape, demanding the attention of businesses worldwide. Understanding and adapting to these trends is crucial to maintaining a secure and resilient network infrastructure. Key emerging network security future trends in the information security industry are as follows: Zero Trust Architecture Traditional perimeter-based security approaches are no longer sufficient to protect today's dynamic and distributed networks. The zero trust architecture is gaining massive traction as an emerging cyber security technology in the network security sector. It operates on the principle of "never trust, always verify," requiring continuous authentication and authorization for every user, device, and application seeking access to network resources. Implementing these conditions enables businesses to significantly reduce the risk of unauthorized access, lateral movement, and data breaches. Consequently, organizations are focusing on embracing this approach to strengthen their security posture and safeguard critical assets, ensuring the confidentiality, integrity, and availability of their network infrastructure. Secure Access Service Edge The rapid adoption of cloud services and the proliferation of remote work have accelerated the need for a unified and cloud-native network security solution. Secure Access Service Edge (SASE) combines network security functions, such as secure web gateways, firewall-as-a-service, and data loss prevention, into a single cloud-delivered service. SASE offers businesses a scalable and flexible approach to secure their networks, providing consistent security policies and access controls regardless of the user's location or device. As SASE simplifies network security management, reduces complexity, and improves visibility, organizations are increasingly adopting these solutions to enhance overall security posture. Internet of Things (IoT) Security The proliferation of IoT devices presents significant security challenges for businesses today. These devices often have limited computing resources and lack built-in security features, making them vulnerable to exploitation. Additionally, continuous monitoring, threat intelligence, and timely patching of IoT devices are essential to identify and address vulnerabilities promptly. As a result, businesses are paying close attention to IoT security by implementing robust security controls, device authentication mechanisms, and network segmentation. Prioritizing IoT security, they can safeguard their networks and sensitive data, as well as maintain trust with customers. Artificial Intelligence and Machine Learning in Network Security As cyber threats become increasingly sophisticated, leveraging AI and Machine Learning (ML) in network security becomes essential for businesses to stay ahead of evolving threats. These technologies analyze vast amounts of data, identify patterns, and detect anomalies in real time, enabling companies to proactive threat detection and response. The threat detection and remediation capabilities of AI and ML-powered solutions provide organizations with rapid real-time protection. These solutions enable them to analyze complex datasets without human intervention by automating routine security tasks, enhancing network visibility, and empowering faster incident response times. Privacy-Enhancing Technologies With the increasing emphasis on data privacy regulations and consumer expectations, privacy-enhancing technologies are extensively gaining importance in network security. These technologies, including differential privacy, homomorphic encryption, and secure multiparty computation, allow businesses to protect sensitive data while performing essential operations. The adoption of privacy-enhancing technologies also assists organizations in maintaining compliance with privacy regulations, building customer trust, and mitigating the risks of data breaches and privacy violations. Consequently, they are increasingly implementing these advanced technologies to demonstrate their commitment toward data privacy and strike a balance between data utility and protecting individual privacy rights. Third-party Security and Interoperability Organizations often rely on third-party vendors, suppliers, and partners for critical services and solutions, in today's interconnected business landscape. However, this reliance introduces potential vulnerabilities and risks to the network infrastructure. A study by Forrester anticipates that nearly 60% of security incidents will involve third parties. Ensuring third-party entities adhere to robust security standards and practices is crucial to maintaining a secure ecosystem. Thus, businesses are implementing robust interoperability protocols, secure APIs, and standardized security controls to enable secure communication and data sharing between different network components. Incident Response and Cyber Insurance Despite comprehensive security measures, organizations can still fall victim to cyberattacks. Incident response plans ensure a swift and effective response to security incidents, enabling the detection, containment, and recovery from breaches. Businesses can minimize damage, protect sensitive data, and maintain operational continuity by promptly addressing security incidents. Furthermore, considering the increasing financial impact of cyberattacks, organizations are obtaining cyber insurance to mitigate the potential financial losses associated with data breaches, business disruptions, and legal liabilities. This allows organizations to transfer some of the financial burden of a cyberattack. Network Security: Beyond the Horizon With the proliferation of cyber threats and the increasing value of data, organizations must prioritize the protection of their networks and sensitive information. A robust network security framework ensures the confidentiality, integrity, and availability of critical business data, guarding against unauthorized access, data breaches, and potential financial and reputational damage. Businesses must prioritize improving their network security to protect their operations, reputation, and sensitive data effectively. Keeping pace with these global security trends enables organizations to identify vulnerabilities, implement robust safeguards, and deploy advanced defense mechanisms. Actively monitoring and responding to these emerging security trends in network infrastructures enable organizations in fortifying their resilience, maintaining customer trust, and securing their long-term success in an ever-evolving digital environment.

Read More

Spotlight

Reveald, Inc

Reveald is making Exposure Management a reality to solve the biggest challenges in cybersecurity with a trailblazing ‘offense to defense’ approach that gives the advantage back to the business. It is the only solution that combines risk hunting, full defensive response, and threat and exposure remediation services that deliver business-driven outcomes. Operationalizing cutting-edge technology for exposure management, Reveald uncovers every conceivable attack path and intelligently prioritizes them by business criticality and risk. Our Fusion Center team of elite security experts then systemically neutralizes those attack paths to make critical IT assets increasingly impervious to exploitation. The addition of ongoing monitoring and advisory services empowers users to adopt a formidable defensive posture while taking pressure off their in-house security resources. Above all, Reveald turns cyber risk into something measurable and manageable from the SOC to the C-Suite.

Related News

Cloud Security

Google Cloud Next 2023 Embraces Generative AI for Safer Digital Future

Google | September 18, 2023

Google reveals its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. Alphabet and Google CEO Sundar Pichai's keynote emphasizes Google's AI-first approach and the transformative impact of AI across industries. Google introduces innovative security updates and trends, highlighting its commitment to enhancing cybersecurity capabilities. Google Cloud extends Duet AI to three key products in preview mode, empowering security teams to address complex cybersecurity challenges more efficiently. Google unveiled its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. This significant revelation follows the broader accessibility of generative AI, made possible earlier this year by technologies like ChatGPT. Google's strategic endeavor aims to harness the potential of AI to combat cybersecurity challenges. Additionally, the event featured a keynote address by Alphabet and Google CEO Sundar Pichai, who underscored the transformative influence of AI across sectors and emphasized Google's extensive history of adopting an AI-first approach. During the conference, Google seized the opportunity to introduce innovative security updates and trends, signifying its commitment to enhancing cybersecurity capabilities for its customers. These developments come at a time when the integration of AI technologies in addressing cybersecurity concerns has gained substantial attention and recognition. Alphabet and Google CEO Sundar Pichai, a prominent figure in the technology industry, initiated the conference, reiterating the profound influence of AI across various sectors, industries, and business functions. His emphasis on Google's decade-long dedication to an AI-first approach solidified the company's leadership position in this transformative era. Furthermore, Google unveiled significant developments in the conference, including expanding Vertex AI with over 100 foundation models and introducing enhancements like PaLM 2, supercomputing capabilities, and the fifth-gen Tensor Processing Units. However, their commitment to democratizing AI was highlighted, demonstrated through customer stories and live demos. Google Cloud's developer advocate, Priyanka Vergadia, showcased Duet AI, an intelligent chatbot assistant that streamlines developers' tasks, saving time and enhancing security. Duet AI automates deployments, configures applications correctly, aids in debugging, and strengthens security. Its preview release marks a step towards achieving shift-left and DevSecOps goals, empowering developers to secure their code effectively and allowing security teams to scale their efforts. The research conducted by ESG and ISSA highlights the challenges faced by cybersecurity professionals. A significant majority (63%) have found their roles increasingly complex over the past two years. A closer look reveals that the surge in complexity (81%), rising workloads, and growing cyberthreats (59%), as well as understaffing issues (46%), are the primary factors contributing to this challenge. In response to these evolving demands, Google Cloud has taken a proactive step by extending the application of Duet AI to three key products, now available in preview mode. These applications empower security teams with Mandiant Threat Intelligence for threat analysis, Google Chronicle for accelerated SecOps processes, and Google Security Command Center for risk mitigation. A live demonstration showcased how Duet AI streamlines security analysts' workflows, making threat detection and response more efficient and enhancing overall security posture management. Google Cloud announced Mandiant Hunt for Chronicle Security Ops in preview, boosting threat hunting with expert Mandiant insights. Agentless vulnerability scanning (powered by Tenable) in preview detects OS, software, and network vulnerabilities on Google Compute Engine VMs. Custom posture findings and threat detectors are now available in the Security Command Center. Cloud Firewall Plus, in preview, enhances firewall service with advanced threat protection (Palo Alto Networks). These updates, utilizing Duet AI in preview, demonstrate Google Cloud's dedication to cybersecurity innovation, with specific availability details to come. The conference also highlighted partner offerings in the ever-evolving cloud security landscape.

Read More

Data Security

Oracle Attempts to Design New Open Network and Data Security Standard

Oracle | September 20, 2023

Oracle to participate in an industry-wide initiative to design a new open network and data security standard. Oracle and Applied Invention are assisting to developing and promoting a novel network and data-centric security standard to tackle distributed cloud deployment challenges. This standard will enable organizations to protect their data throughout its entire lifecycle without requiring modifications to their distributed cloud environments' underlying architecture. Oracle, one of the world's largest database management companies, announced that it will participate in an industry-wide initiative to design a new open network and data security standards that will assist organizations in protecting their data in distributed IT environments. Oracle will collaborate with Applied Invention, a significant technology provider, and other industry leaders, including Nomura Research Institute, Ltd. (NRI), a global leader in consulting and system solutions. This new standard will enable networks to enforce shared security policies collectively, thereby augmenting the security architecture organizations already employ without requiring modifications to existing applications and networks. Oracle plans to launch the Oracle Zero-Trust Packet Routing Platform, based on the new standard, to support this new initiative. This platform will assist organizations in preventing illegal access or use of their data without imposing additional obstacles on legitimate activities. Executive Vice President of Security and Developer Platforms at Oracle Cloud Infrastructure, Mahesh Thiagarajan, said, Over the last 20 years, the cybersecurity industry has produced many incremental changes, but we need a fundamentally novel approach to protect our data in the increasingly complex cloud era. Organizations require a way to describe their data security policies in one place where they can be easily understood and audited, and they need a way to make sure those policies are enforced across their entire computing infrastructure, including their clouds. [Source – Cision PR Newswire] As the adoption of cloud technology rises and IT landscapes become more intricate with distributed cloud deployments, organizations face escalating challenges in safeguarding their data using conventional methods and tools. For example, many existing systems necessitate security teams to orchestrate disparate solutions across various facets, including database, application, network, and identity security. This complexity is further compounded when applied across diverse environments. Ensuring seamless collaboration among these solutions becomes a formidable task due to the dynamic and independent changes in applications, environments, and user profiles. Additionally, current security systems demand extensive configurations to accurately distinguish between different user categories, such as full-time employees and contractors, without compromising security or restricting access. Research Vice President of Cloud and Edge Infrastructure Services at IDC, Dave McCarthy, said, The new standard Oracle develop has the potential to change all of that by adding a unified layer of security on top of existing solutions. Building data protection policies into the network itself will assist users get the access they require while ensuring the data remains secure behind the scenes. [Source – Cision PR Newswire] Oracle and Applied Invention are assisting in designing and promoting a novel security standard, focusing on network and data-centric security, which aims to tackle these challenges. This innovative standard will empower organizations to safeguard their data across its entire lifecycle, including distributed cloud environments. To accomplish this, the standard will implement an intent-based security policy that is designed to be understandable, auditable, and interpretable by humans. This intent-driven approach will be put into practice at the network layer, ensuring that every data transmission contains authenticated attributes concerning the sender, receiver, and the nature of the data in transit.

Read More

Enterprise Security, Platform Security, Software Security

ReasonLabs Releases Key Updates to Wi-Fi Security Product RAV VPN

PR Newswire | August 16, 2023

ReasonLabs, the cybersecurity pioneer equipping home users with the same level of cyber protection used by Fortune 500 companies, today announced major updates to its renowned RAV VPN. This latest release for desktop and Android incorporates significant security and infrastructure improvements, reinforcing RAV VPN's position as a complete, reliable, and user-friendly tool in the fight for online privacy and identity protection. The new releases ensure RAV VPN, both the desktop and mobile applications, provides Wi-Fi security wherever a user might be. With an updated RAV VPN, users can seamlessly browse the web with confidence, knowing that their data is encrypted and they are protected from threats such as Man-in-the-Middle attacks. RAV VPN is simple to install and extremely easy to use, making online privacy for all easily attainable. "As our digital landscape rapidly evolves, safeguarding our online presence becomes more essential than ever before," said Kobi Kalif, CEO and co-founder of ReasonLabs. "With an unwavering commitment to your digital privacy, we are proud to unveil our latest innovation to RAV VPN. We are redefining what security in the digital age means by delivering to home users the same cyber security protection that Fortune 100 companies use." Without sufficient Wi-Fi protection, a user's network can be susceptible to hacking, malware, and other privacy and security hazards. Bad actors can exploit these vulnerabilities to steal highly discreet information like financial details, social security numbers, email addresses, passwords, and more private data. To mitigate this, Wi-Fi protection from RAV VPN secures users' wireless networks to create an encrypted tunnel between their PC or Android device and the internet. RAV VPN is a part of ReasonLabs' industry-leading suite of consumer-focused cybersecurity products, which includes its flagship product, RAV Endpoint Protection, as well as an Endpoint Detection and Response, DNS, Parental Control App, and more. Led by cybersecurity, artificial intelligence, and machine learning experts, ReasonLabs delivers the highest levels of cybersecurity protection and privacy to home users worldwide. About ReasonLabs ReasonLabs is a leading cybersecurity company equipping tens of millions of home users with the same level of cyber protection utilized by Fortune 500 companies. Its AI-powered, next-generation antivirus engine scans billions of files around the world to predict and prevent cyberattacks in real time, 24/7. Its flagship product, RAV Endpoint Protection, together with its other products combine to form a multilayered solution that safeguards home users against next-generation threats. Co-founded in 2016 by seasoned cybersecurity expert Andrew Newman—an architect of Microsoft's native cybersecurity program, Microsoft Defender—ReasonLabs is based in New York and Tel Aviv. Learn more at https://www.ReasonLabs.com.

Read More

Cloud Security

Google Cloud Next 2023 Embraces Generative AI for Safer Digital Future

Google | September 18, 2023

Google reveals its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. Alphabet and Google CEO Sundar Pichai's keynote emphasizes Google's AI-first approach and the transformative impact of AI across industries. Google introduces innovative security updates and trends, highlighting its commitment to enhancing cybersecurity capabilities. Google Cloud extends Duet AI to three key products in preview mode, empowering security teams to address complex cybersecurity challenges more efficiently. Google unveiled its pioneering approach to applying generative AI in cybersecurity at the Google Cloud Next conference in San Francisco. This significant revelation follows the broader accessibility of generative AI, made possible earlier this year by technologies like ChatGPT. Google's strategic endeavor aims to harness the potential of AI to combat cybersecurity challenges. Additionally, the event featured a keynote address by Alphabet and Google CEO Sundar Pichai, who underscored the transformative influence of AI across sectors and emphasized Google's extensive history of adopting an AI-first approach. During the conference, Google seized the opportunity to introduce innovative security updates and trends, signifying its commitment to enhancing cybersecurity capabilities for its customers. These developments come at a time when the integration of AI technologies in addressing cybersecurity concerns has gained substantial attention and recognition. Alphabet and Google CEO Sundar Pichai, a prominent figure in the technology industry, initiated the conference, reiterating the profound influence of AI across various sectors, industries, and business functions. His emphasis on Google's decade-long dedication to an AI-first approach solidified the company's leadership position in this transformative era. Furthermore, Google unveiled significant developments in the conference, including expanding Vertex AI with over 100 foundation models and introducing enhancements like PaLM 2, supercomputing capabilities, and the fifth-gen Tensor Processing Units. However, their commitment to democratizing AI was highlighted, demonstrated through customer stories and live demos. Google Cloud's developer advocate, Priyanka Vergadia, showcased Duet AI, an intelligent chatbot assistant that streamlines developers' tasks, saving time and enhancing security. Duet AI automates deployments, configures applications correctly, aids in debugging, and strengthens security. Its preview release marks a step towards achieving shift-left and DevSecOps goals, empowering developers to secure their code effectively and allowing security teams to scale their efforts. The research conducted by ESG and ISSA highlights the challenges faced by cybersecurity professionals. A significant majority (63%) have found their roles increasingly complex over the past two years. A closer look reveals that the surge in complexity (81%), rising workloads, and growing cyberthreats (59%), as well as understaffing issues (46%), are the primary factors contributing to this challenge. In response to these evolving demands, Google Cloud has taken a proactive step by extending the application of Duet AI to three key products, now available in preview mode. These applications empower security teams with Mandiant Threat Intelligence for threat analysis, Google Chronicle for accelerated SecOps processes, and Google Security Command Center for risk mitigation. A live demonstration showcased how Duet AI streamlines security analysts' workflows, making threat detection and response more efficient and enhancing overall security posture management. Google Cloud announced Mandiant Hunt for Chronicle Security Ops in preview, boosting threat hunting with expert Mandiant insights. Agentless vulnerability scanning (powered by Tenable) in preview detects OS, software, and network vulnerabilities on Google Compute Engine VMs. Custom posture findings and threat detectors are now available in the Security Command Center. Cloud Firewall Plus, in preview, enhances firewall service with advanced threat protection (Palo Alto Networks). These updates, utilizing Duet AI in preview, demonstrate Google Cloud's dedication to cybersecurity innovation, with specific availability details to come. The conference also highlighted partner offerings in the ever-evolving cloud security landscape.

Read More

Data Security

Oracle Attempts to Design New Open Network and Data Security Standard

Oracle | September 20, 2023

Oracle to participate in an industry-wide initiative to design a new open network and data security standard. Oracle and Applied Invention are assisting to developing and promoting a novel network and data-centric security standard to tackle distributed cloud deployment challenges. This standard will enable organizations to protect their data throughout its entire lifecycle without requiring modifications to their distributed cloud environments' underlying architecture. Oracle, one of the world's largest database management companies, announced that it will participate in an industry-wide initiative to design a new open network and data security standards that will assist organizations in protecting their data in distributed IT environments. Oracle will collaborate with Applied Invention, a significant technology provider, and other industry leaders, including Nomura Research Institute, Ltd. (NRI), a global leader in consulting and system solutions. This new standard will enable networks to enforce shared security policies collectively, thereby augmenting the security architecture organizations already employ without requiring modifications to existing applications and networks. Oracle plans to launch the Oracle Zero-Trust Packet Routing Platform, based on the new standard, to support this new initiative. This platform will assist organizations in preventing illegal access or use of their data without imposing additional obstacles on legitimate activities. Executive Vice President of Security and Developer Platforms at Oracle Cloud Infrastructure, Mahesh Thiagarajan, said, Over the last 20 years, the cybersecurity industry has produced many incremental changes, but we need a fundamentally novel approach to protect our data in the increasingly complex cloud era. Organizations require a way to describe their data security policies in one place where they can be easily understood and audited, and they need a way to make sure those policies are enforced across their entire computing infrastructure, including their clouds. [Source – Cision PR Newswire] As the adoption of cloud technology rises and IT landscapes become more intricate with distributed cloud deployments, organizations face escalating challenges in safeguarding their data using conventional methods and tools. For example, many existing systems necessitate security teams to orchestrate disparate solutions across various facets, including database, application, network, and identity security. This complexity is further compounded when applied across diverse environments. Ensuring seamless collaboration among these solutions becomes a formidable task due to the dynamic and independent changes in applications, environments, and user profiles. Additionally, current security systems demand extensive configurations to accurately distinguish between different user categories, such as full-time employees and contractors, without compromising security or restricting access. Research Vice President of Cloud and Edge Infrastructure Services at IDC, Dave McCarthy, said, The new standard Oracle develop has the potential to change all of that by adding a unified layer of security on top of existing solutions. Building data protection policies into the network itself will assist users get the access they require while ensuring the data remains secure behind the scenes. [Source – Cision PR Newswire] Oracle and Applied Invention are assisting in designing and promoting a novel security standard, focusing on network and data-centric security, which aims to tackle these challenges. This innovative standard will empower organizations to safeguard their data across its entire lifecycle, including distributed cloud environments. To accomplish this, the standard will implement an intent-based security policy that is designed to be understandable, auditable, and interpretable by humans. This intent-driven approach will be put into practice at the network layer, ensuring that every data transmission contains authenticated attributes concerning the sender, receiver, and the nature of the data in transit.

Read More

Enterprise Security, Platform Security, Software Security

ReasonLabs Releases Key Updates to Wi-Fi Security Product RAV VPN

PR Newswire | August 16, 2023

ReasonLabs, the cybersecurity pioneer equipping home users with the same level of cyber protection used by Fortune 500 companies, today announced major updates to its renowned RAV VPN. This latest release for desktop and Android incorporates significant security and infrastructure improvements, reinforcing RAV VPN's position as a complete, reliable, and user-friendly tool in the fight for online privacy and identity protection. The new releases ensure RAV VPN, both the desktop and mobile applications, provides Wi-Fi security wherever a user might be. With an updated RAV VPN, users can seamlessly browse the web with confidence, knowing that their data is encrypted and they are protected from threats such as Man-in-the-Middle attacks. RAV VPN is simple to install and extremely easy to use, making online privacy for all easily attainable. "As our digital landscape rapidly evolves, safeguarding our online presence becomes more essential than ever before," said Kobi Kalif, CEO and co-founder of ReasonLabs. "With an unwavering commitment to your digital privacy, we are proud to unveil our latest innovation to RAV VPN. We are redefining what security in the digital age means by delivering to home users the same cyber security protection that Fortune 100 companies use." Without sufficient Wi-Fi protection, a user's network can be susceptible to hacking, malware, and other privacy and security hazards. Bad actors can exploit these vulnerabilities to steal highly discreet information like financial details, social security numbers, email addresses, passwords, and more private data. To mitigate this, Wi-Fi protection from RAV VPN secures users' wireless networks to create an encrypted tunnel between their PC or Android device and the internet. RAV VPN is a part of ReasonLabs' industry-leading suite of consumer-focused cybersecurity products, which includes its flagship product, RAV Endpoint Protection, as well as an Endpoint Detection and Response, DNS, Parental Control App, and more. Led by cybersecurity, artificial intelligence, and machine learning experts, ReasonLabs delivers the highest levels of cybersecurity protection and privacy to home users worldwide. About ReasonLabs ReasonLabs is a leading cybersecurity company equipping tens of millions of home users with the same level of cyber protection utilized by Fortune 500 companies. Its AI-powered, next-generation antivirus engine scans billions of files around the world to predict and prevent cyberattacks in real time, 24/7. Its flagship product, RAV Endpoint Protection, together with its other products combine to form a multilayered solution that safeguards home users against next-generation threats. Co-founded in 2016 by seasoned cybersecurity expert Andrew Newman—an architect of Microsoft's native cybersecurity program, Microsoft Defender—ReasonLabs is based in New York and Tel Aviv. Learn more at https://www.ReasonLabs.com.

Read More

Events