Blog

Are You Implying This Line Graph Isn’t a Compelling Cybersecurity Narrative?

CISO Series offers podcasts and resources for cybersecurity professionals. In a recent episode, host David Spark and guest Nathan Hunstad discussed the importance of framing security metrics as narratives to engage businesses, emphasizing metrics tied to business objectives rather than traditional ones like MTTD/MTTR. They argued against the effectiveness of phishing tests that can stress employees while failing to enhance security culture. They also critiqued many pentests as mere vulnerability scans, advocating for engaging, impactful testing that demonstrates real-world risks. The episode encourages a collaborative approach to security metrics and testing, highlighting the importance of aligning them with business outcomes.

https://cisoseries.com/are-you-implying-this-line-graph-isnt-a-compelling-cybersecurity-narrative/

The New EU Rules on Cybersecurity: What Game Developers and Publishers Need to Know

EU's NIS2 Directive and Cyber Resilience Act impose stricter cybersecurity measures on game developers and publishers. Risks include cheating, data breaches, and legal consequences. Companies must ensure compliance, involve senior management in cybersecurity, conduct regular assessments, and report breaches timely. Cybersecurity is now a business priority, crucial for reputation and consumer trust.

https://www.gamesindustry.biz/the-new-eu-rules-on-cybersecurity-what-game-developers-and-publishers-need-to-know

2026 Federal CIO Forecast: Shifting Priorities, Enterprise Focus

Federal CIOs prioritize AI, infrastructure, and cybersecurity as they face budget cuts and modernization challenges. CIOs must align IT investments with mission outcomes to secure support and realize efficiency through app rationalization and enterprise approaches. Collaboration among industry partners is crucial for building secure AI platforms. A solid data foundation and governance are essential for effective AI implementation, while cybersecurity must be integrated from the start. Agencies should aim for simplicity and efficiency by consolidating systems and amplifying their IT environments for long-term success.

https://www.meritalk.com/articles/2026-federal-cio-forecast-shifting-priorities-enterprise-focus/

How CIOs Feel Agentic AI Has Changed Their Roles

CIOs believe agentic AI enhances their roles, boosting communication and leadership skills. 61% report improved abilities, with over half enhancing storytelling and change management skills. Salesforce CIO highlights AI's role in complementing work, while over 60% of CIOs feel ahead in AI implementation. Building trust in AI is essential for staff adaptation.

https://www.itbrew.com/stories/2025/11/17/how-cios-feel-agentic-ai-has-changed-their-roles

The Forbes CIO Next List: 2025

Forbes’ CIO Next List 2025 highlights 50 top technology leaders across various industries who have delivered tangible business impact through AI adoption, digital transformation, and process modernization. These executives improved efficiency by automating tasks, upgrading systems, and launching new digital platforms. The list features leaders from sectors such as healthcare, finance, retail, and technology, many of whom have unified fragmented systems, enhanced cybersecurity, and accelerated enterprise-wide innovation. The selection process involved expert nominations and focused on recent, proven achievements rather than being a ranked competition.

https://www.forbes.com/sites/richardnieva/2025/11/18/the-forbes-cio-next-list-2025/

From Snapshots to Signals: The End of Point-in-Time Compliance

Security Boulevard emphasizes a shift from static compliance to real-time monitoring in cybersecurity. Key steps include deploying agents for continuous data streaming, establishing baselines, mapping telemetry to compliance controls, and validating configurations continuously. When risks exceed thresholds, immediate remediation is facilitated, and a live dashboard tracks compliance and control status. This approach fosters proactive learning and improvement in security practices.

https://securityboulevard.com/2025/11/from-snapshots-to-signals-the-end-of-point-in-time-compliance/

Fighting Fraud at Scale With Mastercard Threat Intelligence

Mastercard introduced Threat Intelligence at Money20/20, a unique solution to combat payment fraud by integrating fraud insights and cyber threat intelligence. This tool enables real-time detection and prevention of fraudulent activities, protecting banks from evolving cyber threats. Mastercard's approach addresses the increasing sophistication of cybercrime, utilizing AI to intercept fraud before it occurs. The initiative has already demonstrated success by disrupting significant fraud activities.

https://www.axios.com/sponsored/fighting-fraud-at-scale-with-mastercard-threat-intelligence

Banking and Credit Card Customers Complacent on Fraud Protection, Gen Z Most Likely Victims, J.D. Power Finds

J.D. Power Study: Fraud Affects 29% of Bank Customers, 24% Credit Card Users; Gen Z Most Impacted. Many don't take security measures despite risks. 50% of bank and 55% of credit card users recall no recent provider prompts for security actions.

https://www.businesswire.com/news/home/20251118251466/en/Banking-and-Credit-Card-Customers-Complacent-on-Fraud-Protection-Gen-Z-Most-Likely-Victims-J.D.-Power-Finds

Jensen Huang Gets It Wrong, Claude Gets It Right

The article debates whether AI should be viewed as a tool or a worker, pushing back against claims that AI is fundamentally different from previous software. While acknowledging the advancements in AI’s abilities, the author argues that, like earlier complex software systems, AI is still directed and supervised by humans and should be considered a tool that empowers people, not a replacement for them. Viewing AI as a worker can undermine human agency and risk repeating historical mistakes where technological gains benefited only a few. The piece stresses the importance of using AI to empower individuals and to more widely distribute the benefits of productivity gains, highlighting that only humans have real stakes and agency in work.

https://www.oreilly.com/radar/jensen-huang-gets-it-wrong/

Council Adopts New EU Law to Speed-up Handling of Cross-border Data Protection Complaints

The Council of the EU has introduced new rules to harmonise and speed up cross-border data protection complaint handling under GDPR. Admissibility conditions for complaints are standardised across the EU, complainants and companies have common procedural rights, and straightforward cases may use a simplified process. Investigations now have set deadlines: 15 months for standard cases (extendable for complex matters), and 12 months for simple procedures. The law takes effect 20 days after publication and is enforceable 15 months later.

https://www.consilium.europa.eu/en/press/press-releases/2025/11/17/council-adopts-new-eu-law-to-speed-up-handling-cross-border-data-protection-complaints/

Scroll to Top