cybersecurity – Page 60

How CISOs Are Tackling Cyber Security Challenges

CISOs are addressing cybersecurity challenges by focusing on understanding business needs, enhancing organizational resilience, and improving communication with boards. Notable insights from industry leaders at the Gartner Security and Risk Management Summit highlight the importance of protecting key assets while balancing costs. Effective strategies include fostering relationships with board members, ensuring robust backup practices, and redundancy in cloud architectures. In particular, experts stress the need for disaster recovery planning to swiftly manage incidents and the importance of applying governance across all business areas, similar to operational practices in stores.

https://www.computerweekly.com/news/366620535/How-CISOs-are-tackling-cyber-security-challenges

Post-Quantum Cryptography (PQC)

By CIO / P / cybersecurity

PQC: Security against quantum attacks; replaces classical algorithms (RSA, ECC); employs lattice-based, hash-based, code-based schemes; aims for standardization to ensure future-proof encryption.

Grading CISOs: Effective Metrics and Personal Growth Strategies

By CIO / Blog / cybersecurity

CISOs need effective metrics for performance assessment and personal growth. Key metrics include third-party risk, benchmarking, training, incident response, personnel, and ROI, with several sources offering diverse insights on CISO evaluation. While various methodologies exist, many are deemed overly complex or inadequately comprehensive. Emphasis on relationships and collaboration is essential for effective performance and professional development, alongside a call for mentoring within the CISO community.

https://www.govtech.com/blogs/lohrmann-on-cybersecurity/grading-cisos-effective-metrics-and-personal-growth-strategies

Empowering Organizations to Protect Critical Infrastructure With Advanced OT Network Monitoring for Cyber Threat Defense

By CIO / Blog / operational technology, cybersecurity

Organizations are increasingly using advanced OT network monitoring to defend against rising cyber threats targeting critical infrastructure. This monitoring provides essential visibility into network traffic, allowing for prompt detection of anomalies and potential attacks, which is crucial for industrial control systems. Innovations like AI and machine learning enhance monitoring capabilities, improving real-time threat detection and response. Experts emphasize integrating threat intelligence to shift from reactive to proactive security strategies, enabling organizations to better anticipate and mitigate risks associated with sophisticated cyber attacks.

https://industrialcyber.co/features/empowering-organizations-to-protect-critical-infrastructure-with-advanced-ot-network-monitoring-for-cyber-threat-defense/

Why Cyber Insurers Should Partner in Cybersecurity Support

By CIO / Blog / insurance, cybersecurity

Cyber insurers should partner in cybersecurity as threats grow. Insurers can enhance business resilience by offering proactive services like risk assessments, training, penetration testing, and incident response. This shift supports brokers as trusted advisors, strengthens policyholder security, and leads to fewer claims and improved underwriting models, emphasizing prevention over reaction.

https://www.insurancejournal.com/magazines/mag-features/2025/03/10/814547.htm

18 Cybersecurity Tools That May Cause a False Sense Of Security

By CIO / Blog / cybersecurity

18 cybersecurity tools create a false sense of security; adding more doesn't always enhance protection and can introduce complexities or vulnerabilities. Reliance on standard measures like traditional antivirus, SMS-based 2FA, and certifications can obscure real threats. Proper security requires holistic approaches, employee education, and continuous monitoring, not just tool accumulation.

https://www.forbes.com/councils/forbestechcouncil/2025/03/07/18-cybersecurity-tools-that-may-cause-a-false-sense-of-security/

NIST Releases Draft Cybersecurity White Paper on Crypto Agility, Aims to Shape Future Cybersecurity Strategies

By CIO / Blog / cybersecurity

NIST released a draft cybersecurity white paper on crypto agility, analyzing strategies and challenges for adapting cryptographic algorithms. The paper highlights the need for operational mechanisms to ensure security and interoperability during algorithm transitions, especially in light of threats from future quantum computing. NIST seeks stakeholder input to develop sector-specific strategies and emphasizes collaboration among experts to enhance cryptographic resilience.

https://industrialcyber.co/nist/nist-releases-draft-cybersecurity-white-paper-on-crypto-agility-aims-to-shape-future-cybersecurity-strategies/

ENISA’s NIS360 Report Guides NIS2 Directive Implementation, Maps Sectoral Maturity, Flags Cybersecurity Challenges

By CIO / Blog / NIS2, cybersecurity

ENISA's NIS360 report aids NIS2 Directive implementation, assessing cybersecurity maturity across sectors and highlighting challenges. It offers detailed analysis, identifies sector strengths and weaknesses, and recommends improvements to enhance resilience. The report underscores the importance of collaboration, tailored guidance, and cross-border alignment while pointing out risks in six sectors. Key sectors like electricity, telecoms, and banking display higher maturity levels, while others like public administration and health need significant improvements. Recommendations focus on upskilling, targeted guidelines, and sector-specific incident response planning. Future efforts will continue to refine strategies for improved cybersecurity compliance.

https://industrialcyber.co/reports/enisas-nis360-report-guides-nis2-directive-implementation-maps-sectoral-maturity-flags-cybersecurity-challenges/

Cyberattacks Targeting IT Vendors Intensify, Causing Bigger Losses

By CIO / Blog / supply chains, cybersecurity

Cyberattacks on IT vendors are escalating, resulting in significant financial losses, according to a Resilience report. In 2024, 23% of cyber insurance claims involved third-party breaches, causing operational disruptions and high costs, exemplified by UnitedHealth's $3.1 billion ransomware attack. Ransomware is still the leading cause of cyber claims, but attackers are shifting focus to larger targets for bigger payouts.

https://www.ciodive.com/news/vendor-driven-cyberattacks-losses/741686/

Identity: The New Cybersecurity Battleground

By CIO / Blog / cybersecurity

TLDR: Identity is now the primary target for cyberattacks due to the fragmented nature of tech stacks and the rise in cloud services. Centralizing Identity can enhance visibility, automate threat response, and improve security integration across systems. Organizations must adopt an Identity-first security strategy to mitigate risks and streamline operations.

https://thehackernews.com/2025/03/identity-new-cybersecurity-battleground.html