CSO:CYBER

Intelligent CISO - Issue 43 Ransomware pandemic - How business can implement the right tools to better protect themselves Zero Trust fears - Shedding light on the anxiety surrounding this cybersecurity approach Goveming bodies unite - Coming together to target ransomware attackers to critical infrastructure Secure Access - Eberhard Haugh, CISO, DB Schenker, tells us how the company - as one of the leading global logistics providers - extended its existing identity and Access Management (IAM) infrastructure to secure employee access Latest intelligence - Latest white papers from Bitdefender an Weston Cyber trends - The ransomware pandemic and how business can protect themselves Threat updates - Latest updates from across the globe, the United States and the United Kingdom Barracuda introduces data classification capabilities to help customers find sensitive data CloudBees survey reveals C-suite supply chain security concerns The ransomware pandemic and how business can protect themselve...

O poder que existe na computação em nuvem torna o negócio mais sustentável, mas ao mesmo tempo, exige atenção redobrada em aspectos de Segurança, controle e gestão de vulnerabilidade. Pontos que precisam ser considerados para a boa governança com recurso de cloud security cyber hygiene *Por Rangel Rodrigues A velocidade da transformação digital tem impulsionado a adoção de novas tecnologias como machine learning e inteligência artificial. Além disso, a pandemia acelerou o processo de migração para cloud, uma saída que as empresas encontraram para garantir a continuidade dos negócios com o trabalho remoto e, nesta linha, a tecnologia Zero Trust ganhou força, pois viabiliza o controle de acesso por meio de usuários e ativos ajudando as organizações a reduzir os riscos neste novo cenário. Consequentemente, a evolução da automatização do processo de desenvolvimento de software (SDLC) integrado com a cloud requer novas ferramentas. O uso de infraestrutura-as-code com soluções capazes de ger...

Thinking like a hacker, knowing how to exploit loopholes by creating or editing code, and understanding how security holes are used can help you understand and manage patch and patch application. Two months ago I mentioned in an article “Advance to 'Next Level' Security” the challenge of keep a system or service up to date by the time the vulnerability is discovered versus the time to apply a patch mid-2000. Notorious that manufacturers on the one hand developed new software consequently brought new vulnerabilities and the most exploited at that time was the webservers, whether on Unix platform, Linux or Windows were not yet mature. Of course, services such as DNS, FTP, Telnet, Netbios, among others, were also massacred. Crackers used their ability to create exploits to exploit vulnerabilities in Internet services, and at the time, as I worked for an American bank, it was many early hours to update the environment and fix web server failures. Although it was run was challengin...

Intelligent CISO Issue 41 - CISOs driving blindfolded - How CISOs are overcoming limited visibility after COVID-19 triggered increase in cyberattacks - Physical security - The procedures data centre leaders should have in place to ensure their facilities are secure - Consctructing robust security - Achieving a comprehensive risk-based cybersecurity strategy in the construction industry - Accelerating security - Keith O’Gorman, GISSM at Archroma, discusses how the organization relies on Edgescan technology to continuously scan its systems for vulnerabilities across its IT infrastructure - Cyber trends - Survey reveals UK CISOs driving blindfolded, with limited visibility and control - Infrographic - Australian capital market firms respond to new risk management demands - What procedures should data centre leaders have in place to ensure their facilities are physically secure? - Ransomware, phishing, Zero Trust and the new normal of cybersecurity - Security is a journey, not a destinati...

Intelligent CISO Issue 40 - Voice of the CSO - Proofpoint research shines light on security challenges and key priorities - Ransomware avoidance - Experts discuss the precautions to take to avoid a ransomware attack - Security planning - Why a change in approach in required, rather than a budget increase - Cybersecurity Vision - Andreas Schneider, Group CISO at TX Group, tells us how the Swiss media company worked with Cyberreason to extend TX Group’s detection and response capabilities across cloud services and infrastructure - Infographic - VMware report reveals surge in cyberattacks targeting the anywhere workforce - Editor’s question - What are the precautions security leaders should be taking to avoid a ransomware attack? - Feature - Protecting from the cyber kill chain evolution - Expert opinion - The cumulative effector ransomware and the lessons for UK national infrastructure - Business surveillance - Why the board needs to give their CISO a seat a the table - CISOs area under...

Rangel Rodrigues, advisor em Segurança da Informação, reflete em seu artigo o papel dos profissionais de SI nos processos de transformação do negócio e na importância de não negligenciar o básico pautado em processos, pessoas e tecnologias *Por Rangel Rodrigues Não tem como mover para o novo se não fazemos o básico. O básico pode ser o velho conhecido processo ou atividade que, às vezes, procrastinamos e/ou não fazemos com dedicação. O velho pode ser a fragilidade no processo de gestão de vulnerabilidades, na aplicação de patches, na configuração de hardening, na classificação da informação ou na falta de uma correção de vulnerabilidade encontrada em SAST, DAST ou MAST. Geralmente quando nos situamos neste ponto, o invisível para nós é aquilo que ainda não existe, seja no processo de gestão de segurança da informação ou na perspectiva de controles em cibersegurança. Para ver o futuro e chegar em um objetivo, precisamos fazer o básico da segurança no que tange processo, tecnologia e pes...

A new issue of Intelligent CISO Issue 39 publication has been published - Proactive defense - Ensuring a resilient cyber infrastructure with a reliable threat hating approach - Data loss prevention - The basics of backup and how to avoid desaster - Passwordless future - Experts discuss whether passwords are a thing of the past - Investing in Security - Simon Mair, Head of Information Security and Data Privacy at Brewin Dolphin, discusses how the leading wealth management company ensures the security of both its client and company data - Cyber trends - Report finds up to 300% increase in attacks from opportunist targeting - Editor’s question - What are the challenges and pitfalls CIOs make when designing their network security? - Predictive intelligence - A perfect storm for supply chain attacks - Expert opinion - Why attackers continue to target the network - Decrypting myths - Experts discuss whether passwords are still fit for puporse - ISC2 and University of Mary Washington deli...

Flexible Security - A new issue 38 - Intelligent CISO magazine  - Flexible Security -> Fiedrich Wetsning, CISO and Vice President of Enterprise It at Flex, tells us how the company achieved a unified approach to defend against cyberthreats with Palo Alto Networks - Future of passwords -> Experts discuss the need for security leaders to re-evaluate their approach to password security - Skills shortage -> Fortinet announces its new offering to reduce the cyber skills gap - CISO priorities -> Expert reveals the priorities that should be covered in every CISO’s budget - Predictive Intelligence -> A closer look at the impact of cloud video surveillance: What does it mean for CIOs? - Feature -> Why organizations need an open, cloud-based platform to build security into their hybrid It environments - Expert opinion -> XDR - The future of threat detection and response - Business surveillance -> Unblurring the lines between physical and cybersecurity - Decrypting my...

Rangel Rodrigues, advisor em Segurança da Informação, destaca em seu artigo um chamado para os profissionais de SI mudarem o mindset diante dos riscos cibernéticos com resiliência e ações proativas Não basta ter as melhores soluções implantadas se o mindset dos colaboradores e gestores continuam com uma visão turva, permitindo que pequenos pecados capitais de segurança ocorram em virtude da falta de tempo ou devido ao excesso de atividades que precisam ser feitas. Ignorar um relatório de vulnerabilidades com 600 issues ou não saber como agir diante de um incidente de ransomware não pode ser mais uma desculpa. O fato é que em muitas empresas, homens de negócios e profissionais de TI ainda tentam buscar o caminho mais fácil por natureza para driblar o dilema da segurança. Com isso, aceitam riscos iminentes mediante uma pressão e, às vezes, a falta de incisão e resiliência dos profissionais de infosec nestas situações podem tornar o projeto de segurança um desastre. O tempo talvez seja o ...

A new issue of Intelligent CISO Issue 37 publication has been published - Cyber Schooling - Cyber Trends - Industry expert says 2021 is the year of recover ware - CXO Research: 58% of data backups are failing, leaving data unprotected - Lasted updates from the Netherlands, United Kingdom, Singapore and UK/US - What is the consequence of organizations continuing to underestimate the level of damage cyberthreats can do and what can be done to avoid this? - Expert says CISOs need to take lateral movement seriously - Expert Opinion - From the C-suite to IT: Identifying anomalous behavior to stop digital adversaries in their tracks - Cybereason expert discusses securing the financial sector now and into the future - Oman sees 30% drop in COVID-19 cyberattacks to 640 in Q3 2020 - Cisco report finds crypto mining malware activity affected 69% of customers in 2020 - Cloud services: A threat vector for healthcare industry - Are we more vulnerable to scams than even before? Read more: https://...

Na visão de Rangel Rodrigues, advisor em Segurança da Informação, vazamento de dados impacta significativamente as organizações. Para ele, o problema não está no ataque, mas em como o CISO enxerga e estabelece os controles necessários, com integração entre visão corporativa e gestão do ambiente *Por Rangel Rodrigues Ouvi uma frase de um grande líder que admiro dizendo: “O problema não é a tempestade, mas a potência que seu barco tem, pois o barco não afunda com a água que está fora, mas com a água que está dentro”, logo me fez pensar como poderia fazer essa relação com os vazamentos de dados ocorridos nos últimos meses. Olhando por outra ótica, o problema não está nos ataques hackers, mas nas vulnerabilidades, na ausência de recursos e de controles capazes de suportar uma tempestade. Não adianta focar somente no objetivo em achar culpados por um erro de vazamento de dados. Isso é importante para o processo de incidente de segurança? Certamente que sim, mas seus olhos e concentração pre...

A new issue of Intelligent CISO Issue 35 publication has been published. - Will a passwordless future help us ensure effective cybersecurity? - Tem importante of collaboration on the Zero trust journey - New Telecoms security law to protect UK for cyberthreats - How BT drives security from a necessity to a beacon of business responsibility - Cyber trends - Cyberattacks on hospitals spike by 45% worldwide - UAE banks participate in first national cyberwar gaming exercise - Kaspersky reveals drop in DDoS attacks but crypto mining in on rise - Report reveals cyber-risk to critical and industrial infrastructure reaches all-time high - Why organizations need an open, cloud based platform to build security into their hybrid IT environments - World’s most dangerous malware disrupted through global action - Using automation to overcome the thorny problem of data truth for improved cybersecurity strategies - Building a human firewall to address insider threats - Why cybersecurity will set busin...

Intelligent CISO New Edition A new issue of Intelligent CISO Issue 30 publication has been published. - Safeguarding Success - Sawan Joshi, Head of Information Security, FirstPort, explains how the company utilized Proofpoint’s solution to address identified gaps and risks in today’s cybersecurity landscape to safeguard employees. - Automated future - How automation will shape the future and serve to benefit the industry - Remote security - Experts discuss how to securely manage employees working from home - Healthy defense - Strengthening healthcare’s cyberdefences to ensure future success - Lastest intelligence - Lasted white papers from Synopsys and Servicenow - Cyber trends - Seven in 10 CISOs believe cyber warfare is an imminent threat to there organizations - How can business leaders securely manage employees working from home? Read more: https://view.joomag.com/intelligent-ciso-issue-33/0927318001609949597/p51?short& Tags 🏷 #cybersecurity #cso #ciso #infosec #hacker #cib...