From Security Weekly Wiki
Revision as of 15:08, 13 July 2020 by Matt (talk | contribs) (→‎Articles)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search


  • I’m a CISO, what’s next? - Gary Hayslip, CISO, Softbank Investment Advisor, reviews possible career paths for a CISO, including CIO, CTO, CRO, vCISO, and CPO the name a few...
  • Qualys appoints Ben Carr as CISO - Ben Carr, Chief Information Security Officer at Qualys, is responsible for providing cybersecurity guidance and security strategies to Qualys customers, leading the CIO/CISO Interchange, developed in partnership with the Cloud Security Alliance, and securing Qualys. To see our CISO interview with him, please visit BSW #120.
  • What CISOs Should Tell the Board About Cybersecurity - Knowing what to report to the board about security, however, is no easy thing. Here's some guidance for CISOs:
    • Ground the Board in the Basics
    • Talk About the Processes of Security
    • Reporting on Specific Incidents
    • Reporting on Specific Incidents
  • Elevating the MSSP from the Backroom to the Boardroom - While security teams are mired in vulnerability and patching metrics, the board really only wants the answers to three simple questions:
    • Where are we on the cyber-risk spectrum?
    • Where do we want to be?
    • How will we get there?
  • The Upside of Virtual Board Meetings - Here are eight practices that contribute to an excellent virtual board meeting:
    • Emphasize pre-work.
    • Shorten and energize the agenda.
    • Spread sessions over a week or two.
    • Build trust.
    • Use breakout rooms productively.
    • Build in “candor breaks.”
    • Replicate the dinner experience.
    • Bring in guest stars.
  • The new cybersecurity priorities of 2020 - Gartner expects spending on information security to grow about 2.4% in 2020, reaching nearly $124 billion. The firm initially projected and 8.7% growth before the coronavirus pandemic took its toll on the economy. Here's the new priorities:
    • Cloud Security
    • Data Security
    • Application Security
    • Identity Access Management
    • Infrastructure Protection
  • Majority of security pros fed up with alert fatigue - A vast majority of security professionals say they experience alert fatigue, and 88% are facing challenges with their current SIEM setup, according to a report.