cybersecurity – Page 38

73% of U.S. CISOs Faced a Significant Cyber Incident in the Past Six Months, According to Nagomi Data

By CIO / Blog / CISO, trends, cybersecurity

73% of U.S. CISOs experienced significant cyber incidents in the last six months, highlighting internal pressures rather than external threats as the main stressors. Burnout is prevalent, with 87% reporting increased role pressure. Many struggle with managing numerous security tools and face board expectations exceeding their ability to quantify risk. Nagomi Security's CISO Pressure Index reveals the need for shared accountability and support for CISOs to navigate these challenges effectively.

https://www.businesswire.com/news/home/20251105165613/en/73-of-U.S.-CISOs-Faced-a-Significant-Cyber-Incident-in-the-Past-Six-Months-According-to-Nagomi-Data

The Next Evolution Of Cybersecurity Is Preemptive

By CIO / Blog / trends, cybersecurity, AI

Cybersecurity is rapidly evolving from reactive responses to proactive prevention as advances in AI enable attacks to occur much faster. Instead of only responding to incidents, the new focus is on detecting early signals—like new domains or infrastructure—that may indicate an impending attack and neutralizing threats before they develop. This shift has led to the development of new metrics that measure how quickly organizations can preempt threats. Both attackers and defenders are leveraging AI to stay ahead, with startups like Malanta designing systems to discover and dismantle potential attacks at the earliest stage. The industry sees prediction and early intervention as key to future cybersecurity.

https://www.forbes.com/sites/tonybradley/2025/11/05/the-next-evolution-of-cybersecurity-is-preemptive/

The AI Penetration Testing Lie: Why Human Expertise Remains Irreplaceable

By CIO / Blog / PCI DSS, cybersecurity, AI

AI cannot replace human expertise in penetration testing; it only automates tasks without the creativity needed for real security. Compliance testing has degraded to automated scans, misleading businesses about their security. AI tools are similar to vulnerability scanners and lack human adaptability and innovation. The best approach is a hybrid model, using AI for repetitive tasks but relying on humans for genuine threat emulation. Penetration testing is a crucial investment for security, promising significant ROI by preventing costly breaches.

https://aijourn.com/the-ai-penetration-testing-lie-why-human-expertise-remains-irreplaceable/

To Maximize Their Influence, CISOs Need Diverse Skills

By CIO / Blog / CISO, leadership, cybersecurity

CISOs must possess diverse skills to influence organizational strategy by effectively addressing cybersecurity as a business issue. Key requirements include understanding security technology, aligning cybersecurity with business goals, and communicating risks clearly to stakeholders. Modern CISOs need leadership skills to engage all employees in security practices and a risk-centric mindset to prioritize vulnerabilities. With increased cybersecurity threats, corporate executives are more receptive to CISOs, marking a significant shift in their role from solely tech leaders to strategic business partners.

https://www.techtarget.com/searchsecurity/tip/To-maximize-their-influence-CISOs-need-diverse-skills

Top 10 Countries That Have Payment Card Info Spilled Onto the Dark Web in 2025

By CIO / Blog / cybersecurity, payments

Top 10 countries with card info on dark web in 2025: US (30,000+ cards), Singapore (5,400+), Spain (5,090+), UK (1,804+), Kuwait (1,518), France (722), Ireland (589), Canada (442), Germany (408), Cyprus (326). Stolen cards trading at low prices due to high supply and low-quality data. Most stolen details remain valid for 12-16 months, making them risky for consumers. Key security measures: monitor statements, use strong passwords, disable browser password saving, enable multi-factor authentication.

https://www.cybersecurity-insiders.com/top-10-countries-that-have-payment-card-info-spilled-onto-the-dark-web-in-2025/

How Agentic AI Could Turbocharge Fraud

By CIO / Blog / payments, AI agent, cybersecurity

Agentic AI could revolutionize online shopping but poses significant fraud risks. Payments professionals at Money 20/20 expressed concerns that criminals might exploit AI to execute scams more effectively. Programs like FraudGPT, available for subscription, could escalate fraud incidents by automating scams and creating synthetic identities. Executives highlighted challenges in verifying AI-driven transactions and the need for robust authentication processes to combat fraud as agentic AI technology becomes prevalent.

https://www.paymentsdive.com/news/how-agentic-ai-could-turbocharge-fraud-payments/804562/

Vulnerability-Lookup

By CIO / Blog / cybersecurity

Vulnerability-Lookup is a platform for security teams to track and manage vulnerabilities across products and vendors. It integrates multiple vulnerability databases, enabling users to correlate and manage vulnerabilities without relying on specific identifiers. Features include custom watch lists, an API, modular import systems, and support for Coordinated Vulnerability Disclosures (CVD). It is co-funded by CIRCL and the EU.

https://www.vulnerability-lookup.org/

Preparing for Threats to Come: Cybersecurity Forecast 2026

By CIO / Blog / cybersecurity, trends

Cybersecurity Forecast 2026: Google Cloud's report focuses on upcoming cybersecurity threats, emphasizing AI's role in escalating cybercrime, with adversaries leveraging AI for more sophisticated attacks and social engineering. Key predictions include increased ransomware incidents, the growth of cyber operations from nation-states like Russia, China, Iran, and North Korea, and challenges in securing AI systems. Organizations are advised to adapt to these evolving threats, enhancing their security strategies in anticipation of 2026.

https://cloud.google.com/blog/topics/threat-intelligence/cybersecurity-forecast-2026/

AI and Cybersecurity

By CIO / Blog / AI, cybersecurity, coding

A report from Aikido reveals that AI-generated code is introducing serious security vulnerabilities, with nearly seven in ten organizations having discovered such flaws and one in five reporting major incidents. Responsibility for these issues is unclear, as it is split among security teams, developers, and vendors, and the growing reliance on automated tools is exacerbating the problem. As more junior coders depend on AI, crucial human expertise is being lost, raising concerns about “dumbing down” the developer workforce. CISOs warn that organizations should focus on basic security hygiene and critical thinking while resisting the temptation to trust AI blindly, as the technology can amplify existing mistakes if not managed carefully.

https://diginomica.com/ai-and-cybersecurity-ciso-warns-blight-losing-skills-vibe-coding-where-does-your-code-come-ai-so-it

AI in Cybersecurity: The Sharpest Shield and the Sharpest Sword

By CIO / Blog / AI, cybersecurity

AI transforms cybersecurity, serving as both a defense and attack tool, especially in healthcare where records are highly vulnerable. AI enhances detection and response, automates threat management, and enables realistic breach simulations. However, attackers exploit AI to execute sophisticated phishing and malware attacks faster than defenses can adapt. CISOs must focus on resilience, governance, and partnerships, ensuring robust AI practices and scrutinizing external AI vendors. The key question shifts to recovery speed post-attack, emphasizing that resilience is vital for maintaining trust.

https://aijourn.com/ai-in-cybersecurity-the-sharpest-shield-and-the-sharpest-sword/