cybersecurity – Page 35

Rethinking Identity for the AI Era: CISOs Must Build Trust at Machine Speed

CISOs face a major identity crisis due to rising autonomous AI agents that challenge traditional identity management systems. Current models, designed for human users, risk collapse amid increasing cyber threats tied to compromised identities. Experts urge a swift overhaul toward an AI Trust Fabric, emphasizing dynamic identity management to counter AI-related risks, including prompt injection and data poisoning. Preparing for these challenges requires solid cybersecurity practices, governance, and collaboration with decision-makers to ensure effective management of AI-driven identity processes.

https://www.csoonline.com/article/4089732/rethinking-identity-for-the-ai-era-cisos-must-build-trust-at-machine-speed.html

Are You Implying This Line Graph Isn’t a Compelling Cybersecurity Narrative?

By CIO / Blog / cybersecurity

CISO Series offers podcasts and resources for cybersecurity professionals. In a recent episode, host David Spark and guest Nathan Hunstad discussed the importance of framing security metrics as narratives to engage businesses, emphasizing metrics tied to business objectives rather than traditional ones like MTTD/MTTR. They argued against the effectiveness of phishing tests that can stress employees while failing to enhance security culture. They also critiqued many pentests as mere vulnerability scans, advocating for engaging, impactful testing that demonstrates real-world risks. The episode encourages a collaborative approach to security metrics and testing, highlighting the importance of aligning them with business outcomes.

https://cisoseries.com/are-you-implying-this-line-graph-isnt-a-compelling-cybersecurity-narrative/

The New EU Rules on Cybersecurity: What Game Developers and Publishers Need to Know

By CIO / Blog / software development, regulation, EU, cybersecurity

EU's NIS2 Directive and Cyber Resilience Act impose stricter cybersecurity measures on game developers and publishers. Risks include cheating, data breaches, and legal consequences. Companies must ensure compliance, involve senior management in cybersecurity, conduct regular assessments, and report breaches timely. Cybersecurity is now a business priority, crucial for reputation and consumer trust.

https://www.gamesindustry.biz/the-new-eu-rules-on-cybersecurity-what-game-developers-and-publishers-need-to-know

From Snapshots to Signals: The End of Point-in-Time Compliance

By CIO / Blog / cybersecurity

Security Boulevard emphasizes a shift from static compliance to real-time monitoring in cybersecurity. Key steps include deploying agents for continuous data streaming, establishing baselines, mapping telemetry to compliance controls, and validating configurations continuously. When risks exceed thresholds, immediate remediation is facilitated, and a live dashboard tracks compliance and control status. This approach fosters proactive learning and improvement in security practices.

https://securityboulevard.com/2025/11/from-snapshots-to-signals-the-end-of-point-in-time-compliance/

Fighting Fraud at Scale With Mastercard Threat Intelligence

By CIO / Blog / payments, cybersecurity

Mastercard introduced Threat Intelligence at Money20/20, a unique solution to combat payment fraud by integrating fraud insights and cyber threat intelligence. This tool enables real-time detection and prevention of fraudulent activities, protecting banks from evolving cyber threats. Mastercard's approach addresses the increasing sophistication of cybercrime, utilizing AI to intercept fraud before it occurs. The initiative has already demonstrated success by disrupting significant fraud activities.

https://www.axios.com/sponsored/fighting-fraud-at-scale-with-mastercard-threat-intelligence

Banking and Credit Card Customers Complacent on Fraud Protection, Gen Z Most Likely Victims, J.D. Power Finds

By CIO / Blog / payments, cybersecurity

J.D. Power Study: Fraud Affects 29% of Bank Customers, 24% Credit Card Users; Gen Z Most Impacted. Many don't take security measures despite risks. 50% of bank and 55% of credit card users recall no recent provider prompts for security actions.

https://www.businesswire.com/news/home/20251118251466/en/Banking-and-Credit-Card-Customers-Complacent-on-Fraud-Protection-Gen-Z-Most-Likely-Victims-J.D.-Power-Finds

For AI to Succeed in the SOC, CISOs Need to Remove Legacy Walls Now

By CIO / Blog / cybersecurity, AI

CISOs must eliminate legacy barriers to effectively leverage AI in Security Operations Centers (SOCs). Successful AI implementation in cybersecurity hinges on organizational readiness rather than technology itself. Today's top organizations thrive by integrating AI, while many remain stalled by outdated systems. The increasing speed of adversarial attacks underscores the urgency of dismantling these legacy walls, which contribute to high false-positive rates and inefficiencies. A centralized governance architecture is essential for real-time decision-making and compliance. Transitioning from a restrictive security culture to a strategic, enabling role is crucial for CISOs, as integrated operations lead to better security outcomes and business growth.

https://venturebeat.com/security/cisos-remove-legacy-walls-ai-soc-success

A Turning Point for Cyber Physical Resilience

By CIO / Blog / cybersecurity

Industrial Cyber Days 2025 highlighted a shift in cyber-physical security, emphasizing resilience amid challenges like tight budgets and rising threats. Keynote speakers advocated practical strategies, collaboration between engineering and cybersecurity, and specialization in OT security. The focus included integrating safety with cyber controls and prioritizing business outcomes over isolated systems. Discussions addressed visibility gaps, the evolving threat landscape, and the importance of asset management and risk prioritization. Overall, the event demonstrated an industry united in enhancing defenses and advancing capabilities in response to growing cyber threats.

https://industrialcyber.co/features/a-turning-point-for-cyber-physical-resilience/

AI Is Solving Problems It’s Also Creating

By CIO / Blog / cybersecurity, AI

AI enhances cybersecurity but complicates compliance and oversight. Automating tasks can lead to increased complexity, as seen when AI layered firewall rules, complicating audits. Federal agencies must demonstrate compliance, but AI's opaque logic challenges transparency and accountability. Solutions involve integrating independent auditing tools for clarity and validation alongside AI to maintain both efficiency and compliance. Federal leaders must ensure they have visibility into AI changes and validate compliance with regulations to mitigate risks.

https://federalnewsnetwork.com/commentary/2025/11/ai-is-solving-problems-its-also-creating/

Discovering the NIS2 Directive: Security and Resilience of Digital Systems in the European Union

By CIO / Blog / cybersecurity, NIS2, regulation

NIS2 aims to improve resilience by categorizing entities as Essential or Important, enforcing security measures, and mandates timely incident reporting. Additionally, it fosters cooperation among nations for information sharing and enforcement, ensuring a structured response to cybersecurity threats while integrating with existing regulations like GDPR and the Cybersecurity Act. The directive also tasks ENISA with overseeing cybersecurity efforts in the EU.

https://www.redhotcyber.com/en/post/discovering-the-nis2-directive-security-and-resilience-of-digital-systems-in-the-european-union/