Meet the Deputy CISOs Who Help Shape Microsoft’s Approach to Cybersecurity

By / Blog / , ,

Microsoft's cybersecurity strategy includes a Cybersecurity Governance Council and Deputy Chief Information Security Officers (CISOs) focusing on risk management, compliance, and operational security. Key figures Igor Sakhnov, Mark Russinovich, and Yonatan Zunger lead initiatives in identity security, Azure security, and AI safety. They stress the importance of integrating security into innovation, assume that breaches will happen, and highlight misconceptions about perfect solutions in cybersecurity. Their leadership showcases a commitment to building resilient systems that involve collaboration across the company's tech landscape.

https://www.microsoft.com/en-us/security/blog/2025/04/08/meet-the-deputy-cisos-who-help-shape-microsofts-approach-to-cybersecurity/

2025 Cybersecurity Agenda: Upgrading Legacy Systems

By / Blog / ,

TLDR: The 2025 Cybersecurity Agenda emphasizes modernizing legacy systems, particularly application servers, to enhance security, compliance, and operational resilience against sophisticated cyber threats. Most organizations rely on outdated technology, making them vulnerable, and modernization can help meet regulatory requirements, improve performance, and foster future readiness. Effective migration strategies and vendor support are crucial for successful upgrades.

https://www.forbes.com/councils/forbestechcouncil/2025/04/08/2025-cybersecurity-agenda-upgrading-legacy-systems/

News: The Hidden Risk: How Cybersecurity Impacts Operational Continuity in Automation

By / Blog / ,

Cybersecurity risks threaten operational continuity in automated industries due to increasing connectivity of Industrial Control Systems (ICS). The integration of IT and operational technology enhances efficiency but exposes systems to cyber threats, as shown by events like Stuxnet and recent ransomware attacks. Vulnerabilities include outdated technologies, poor network separation, and insufficient employee training. Best practices for enhanced cybersecurity include risk assessments, network segmentation, limited user access, and regular training. Following international cybersecurity standards, such as IEC 62443 and frameworks like NIST CSF, is crucial for safeguarding industrial automation against evolving cyber threats.

https://www.automate.org/news/-81

NIS2 in Belgium: Are You Considered an ‘energy Producer’ if You Generate Power Solely for Your Own Use?

By / Blog /

Belgium's NIS2 legislation classifies energy producers broadly. Companies generating energy solely for internal use, like solar or wind power, may still be deemed “energy producers” under NIS2 if they meet size criteria (medium or large). Thus, even minor energy generating activities can lead to compliance obligations, including incident reporting. However, proportionate oversight may be applied, recognizing lower societal impact from smaller operations.

https://www.eversheds-sutherland.com/en/slovakia/insights/nis2-in-belgium

Ask a CIO Recruiter: How AI Is Shaping the Modern CIO Role

By / Blog / ,

AI is transforming CIO roles by demanding value creation and business acumen, while challenges persist due to legacy systems. Organizations seek CIOs with a mix of technical knowledge and practical AI implementation experience. Change leadership and cultural fit are crucial for success in technology-driven transformations. Aspiring CIOs should focus on collaboration and driving real business results.

https://www.informationweek.com/it-leadership/ask-the-cio-recruiter-how-ai-is-shaping-the-modern-cio-role

7 Risk Management Rules Every CIO Should Follow

By / Blog /

7 Risk Management Rules for CIOs:
1. Establish risk appetite for alignment with IT strategy.
2. Maintain a comprehensive application inventory to mitigate risks.
3. Adopt a proactive cybersecurity culture and measures.
4. Formalize risk management in daily operations for clarity.
5. Assess risk strategies against real-world incidents.
6. Focus on system resiliency and recovery capabilities.
7. Align IT risk management with business objectives for better resource allocation.

https://www.cio.com/article/3954997/7-risk-management-rules-every-cio-should-follow.html

Can the EU’s Dual Strategy of Regulation and Investment Redefine AI Leadership?

By / Blog / ,

EU's dual strategy on AI, combining regulation and investment, aims to establish global leadership and tech sovereignty. Deregulating large AI firms won't solve Europe's tech ecosystem issues; instead, robust regulation ensures trust, safety, and legal certainty, crucial for downstream companies. Europe must address structural barriers, such as fragmented markets and migration laws, instead of attributing tech dependency on regulation. A strong regulatory framework can foster innovation and public trust, positioning the EU to compete effectively with the US and China in AI development.

https://www.techpolicy.press/can-the-eus-dual-strategy-of-regulation-and-investment-redefine-ai-leadership/

Lessons for the Modern CISO With Tim Ramsay and Sam Rehman

By / Blog /

Podcast discusses modern CISO challenges amid tech complexities. Tim Ramsay and Sam Rehman highlight the importance of communication, trust, and integrating security early in project planning. Security isn't about limiting innovation but facilitating it securely. Strong executive relationships and proactive risk discussions improve security outcomes.

https://www.epam.com/insights/podcasts/silo-busting-70-lessons-for-the-modern-ciso-with-tim-ramsay-and-sam-rehman

Scroll to Top