Blog Posts

(Community Round Table) Shadow IT Risks And Controls : Managing The Unknown Unknowns In Deep & Dark Web

Posted by pritha on December 9, 2019 at 2:52pm 0 Comments

Progress Till Date : 

  • 300+ check-lists, frameworks & playbooks
  • Platform for comparing security products
  • Task force initiatives to solve specific industry problems
  • Kid’s cyber safety initiatives

Key Discussion Points : 

  • What is Shadow IT?
  • What are the types of Shadow IT?
  • Practical demo using open source tools
  • Controls to manage shadow IT risk

Reason Of Risk : 

  • No standardization
  • Unknown risks
  • Security breaches
  • Data leaks

Types Of…


Progress Report - Kids Cyber Safety 2019

Posted by pritha on November 26, 2019 at 8:30pm 0 Comments

Our Mission

Children are amongst the most vulnerable in the Cyber world and we believe It is time for us to do something for our next generation.

At CISO Platform community, we have taken on a mission to help the kids. We are creating "Kid's Cyber Safety Week" on June 4 -10 to help train kids and their parents.

We need you to help to realize our vision. It would be great if you could indicate your interest by volunteering.

For more details visit here :

Progress Report - Kids Cyber Safety…


Lean Information Security Team for a Product Organization

Posted by Santosh C on November 26, 2019 at 10:02am 1 Comment

Generally, security team size would always lean for any type, kind or size of the organization :-), however, we are seeing a change in the trend, thanks to high-profile and increasingly sophisticated data breaches every other day and new privacy regulations being enforced across the world. I will try to summarize the key roles and responsibilities of the security team specifically for a cloud-based product organization.

Security Team: 

No alt text provided for this image

Head of Security and Compliance(CISO):

  • Ensure Security and Compliance programs are aligned with business objectives, company culture and changing priorities. This would help achieve the right balance between restrictions and convenience for all the departments, and security and compliance efforts are seen as a business enabler as against traditional view of…

Chennai Local City Round Table - CISO Meet + Kids

Posted by pritha on November 20, 2019 at 3:00pm 0 Comments

The Chennai security community got together for their November meet. Here's the session learnings and documents. Glad to see the Chennai chapter growing. Downloadable document links are given under header 'Documents from meeting'. Or Click Here To Go to download

Agenda Sessions : 

1.Networking and High Tea

2.GDPR Session by Dhanasekaran

3.Open Source Intelligence Session By Gowdhaman

D4.iscussion on Cyber Security Initiative for Kids and planning for next meeting.

Minutes Of The Meeting

1.Next meeting will be on 19th Dec 2019. Topic: Zero Trust Security Model. Session By: A V S Prabhakar (FSS).Venue will be confirmed by…


9 Critical Capabilities For Digital Risk Protection Program

Posted by CISO Platform on October 24, 2019 at 12:41pm 0 Comments

Digital Risk Protection ( DRP ) is a term possibly popularized or coined by Forrester to describe the market of tools and technologies to protect from the risks posed by externally facing digital assets. As per Forrester: “Most buyers (77%) are purchasing DRP tools as net-new solutions for their organizations (as opposed to replacing an existing capability). They’re adding DRP to their existing security technology stacks to better tackle digital risk activities — namely, to improve their external digital risk visibility and to streamline the ensuing remediation.” Here are the Critical Capabilities For Digital Risk Protection.

>> Download the Complete Report…


How mature is your Application Security Program?

Posted by Pushkal Mishra on August 30, 2019 at 7:00pm 0 Comments

Business applications are vital for the successful functioning of any organization. Therefore, managing their information security risks are just as important as the business itself. If I ask about different measures you take to ensure security of your applications, you might reply with few initiatives such as periodic secure code reviews, external scans, vulnerability assessments & penetration testings and perhaps audits etc. But what If I asked how mature is your program?

One way to answer that would be to compare your program with the industry practice and identify relative position of your organization. For example, if the industry benchmark is 2 (out of 3) and you are at 0.05, then there are many things that need your immediate attention.

So how do I measure vis-à-vis industry?

No alt text provided for this image

The answer to that…



Data Classification and Data Leakage Prevention

Started by Gowdhaman Jothilingam. Last reply by pritha Nov 29. 6 Replies

To implement DLP do we need to classify the documents as a mandate step ? DLP Vendors say Data classification is not required and it will be taken care by DLP Engine. However, on the other hand Tools like Titus, Klassify say that is important to…Continue

Tags: Classification, Data, DLP

What Is The Easiest Way To Allow Only Indian Public IP Addresses To Connect To My Web Server?

Started by CISO Platform. Last reply by HARISH H S Nov 22. 1 Reply

“What is the easiest way to allow only Indian public IP addresses to connect to my Web server? I want my public server to be inaccessible for any foreign IP address.” (question posted on behalf of a CISO member) Continue

[Nominate] Suggest Your Favourites For Top 100 Global IT Influencers 2020

Started by CISO Platform. Last reply by Jason Lau Nov 11. 1 Reply

Recommend an influencer whom we might have missed: We have chosen 82 and look forward to remaining 18 nominations. Now you can suggest us names with their contribution.----> Just reply to the discussion and add your favourite influencer!Continue

Can anyone share their experiences with DNIF and aujas as they are their partner for implementation

Started by CISO Platform Oct 4. 0 Replies

Anyone can share their experiences with DNIF and aujas as they are their partner for implementation (question posted on behalf of a CISO member) Continue

Need Views on Concept Shifting The Security to Left

Started by CISO Platform Sep 27. 0 Replies

Concept Shifting the Security to Left.. to get views and is it practical? Also how and what tools & processes required for it to be successful ?  (question posted on behalf of a CISO member) Continue

XSS game developed by Google to train new recruits:

Started by pritha. Last reply by Mason Dobson Sep 22. 1 Reply

A new way to security...XSS game developed by Google to train new recruits: https://xss-game.appspot.comContinue

Tags: CrossSiteScripting, xss, appspot, google


© 2019   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service