Planning is key when it comes to minimizing risk with the latest AI tools. Without a plan you risk exposing your organization to biased training data, leaking private information, and just missing the productivity gains you want from these tools. In this video Greg Clark, director of product management, OpenText, details why organizations need to proactive head off these risks with proper planning. HUGE thanks to our sponsor, OpenText OpenText Cybersecurity helps customers reduce risk, preserve trust, minimize disruption and be resilient. The post Navigating AI Security and Planning appeared f ..read more

It’s one thing to protect your data within your four walls. But when data leaks increasingly come from third-parties, what can you do to protect your organization? Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining me is our sponsored guest, Mackenzie Jackson, developer advocate, GitGuardian. Got feedback? Join the conversation on LinkedIn. Huge thanks to our sponsor, GitGuardian GitGuardian is a Code Security Pla ..read more

Sandworm-linked group tied to attack on water utilities In 2024, the threat group Cyber Army of Russia claimed credit for attacks on several water utility systems in the US, France, and Poland. A new report from Mandiant claims this group is linked to the threat group Sandworm, a suspected part of Russia’s GRU military intelligence agency. It’s unclear if Cyber Army of Russia operates as just another personae of Sandworm or as an independent entity. Analysts note that Sandworm previously never hit US networks with disruptive cyberattacks. This also comes at a time when Sandworm itself changes ..read more

Cisco announces breach of multifactor authentication message provider One of the providers used by Cisco to send multifactor authentication messages was breached by a threat actor on April 1. This according to an email message sent from Cisco to its customers. The breached company, Duo, was acquired by Cisco in 2018. According to the email, the attacker “breached the system of a telephony supplier that Duo uses to send MFA messages through texts and phone calls to its customers.” The attacker used the credentials of an employee of that telephone supplier which it allegedly obtained through a ..read more

Please join us on Friday May 3, 2024 for Super Cyber Friday. Our topic of discussion will be “Hacking the Value of GRC: An hour of critical thinking of how compliance can kickstart your risk program.“ REGISTER for 05-03-24 Super Cyber Friday event Joining David Spark (@dspark), producer of CISO Series for this discussion will be: Kim Elias, senior compliance specialist, Vanta Norman Hunt, deputy CISO, GEICO In preparation for our discussion, think about the following: How do you make risk an organization concept? Where do you start when looking for a new GRC solution? What should you take i ..read more

Welcome to episode one of Capture the CISO Season 2! Our judges are Geoff Belknap (@geoffbelknap), CISO, LinkedIn and Steve Zalewski, co-host, Defense in Depth. Our contestants: Omer Singer, vp, strategy, Anvilogic Satish Veerapuneni, CEO & co-founder, Lumeus Sivan Tehila, CEO, Onyxia Watch the contetants’ demo videos below. Got feedback? Join the conversation on LinkedIn. Huge thanks to all our contestants who are also sponsors of Capture the CISO Anvilogic Anvilogic breaks the SIEM lock-in that drives detection gaps and high costs for enterprise SOCs. It ..read more

Every business wants to grow. But every CISO is tasked with managing and ultimately reducing risks. Being too cautious makes a CISO seem like an impediment to growth. So how do you manage the risks of growth with the realities of cybersecurity? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining me is our sponsored guest, Matt Radolec, senior director, incident response and cloud operations, Varonis. Huge thanks to our sponsor, Varonis Ready to reduce your risk without taking any? Try Varonis’ free data risk assessment ..read more

Meta to close Threads in Turkey Last month, the Turkish Competition Authority found that Meta abused its market position by not providing an opt-in for combining newly created Threads profiles with Instagram accounts. In response to an interim injunction based on that finding, the social network giant said it will “temporarily” shut down its Threads service in Turkey as of April 29th. Ahead of the shutdown date, Meta will notify Turkish Threads users and give them the option to delete or deactivate their accounts, the latter will allow them to bring back an account if the service becomes avai ..read more

The CISO Series Podcast returns once again to the Bay Area on the eve of RSA Conference as part of the entertainment at BSidesSF! Joining me on stage will be Mike Johnson, CISO, Rivian and Steve Zalewski, co-host, Defense in Depth. Tickets for BSidesSF are available here. WHERE: Metreon, theater 13 (135 Fourth Street, San Francisco, California, 94103) Got feedback? Join the conversation on LinkedIn HUGE thanks to our sponsors, Devo, Eclypsium and NetSPI Devo replaces traditional SIEMs with a real-time security data platform. Devo’s integrated platform serves as the foundation of your security ..read more

House passes reauthorization of U.S. surveillance program The House voted Friday to reauthorize a key U.S. government surveillance tool following a showdown in the House over whether the FBI should be restricted from using the program to search for Americans’ data. The spy tool has been renewed several times since it was first authorized in 2008, and has aided in disrupting terror attacks, cyber intrusions and foreign espionage. The legislation also permits the U.S. government to collect communications of non-Americans located outside the country without a warrant. The bi-partisan bill would ..read more