Featured Blog Posts (175)

CISSP Cheat Sheet for Asset Security with Classification Criteria and NIST Standards

This is a Cheat Sheet for Asset Security for the CISSP Exam created by Comparitech. For reference …


Added by CISO Platform on September 17, 2020 at 5:00pm — No Comments

Why You Need to Think Like a Hacker to Keep Your Network Safe

You may not have the resources to employ an army of white-hat hackers to stress test your security infrastructure; most organizations don’t. However, you want to make sure that the resources you do have are used in the most effective way.

It’s smart to invest in security products and spend time developing your capabilities. Cybercrime is more prevalent than ever, and modern attackers have no shortage of methods to choose from. Too often,…


Added by Pete Thurston on July 29, 2020 at 11:36pm — No Comments

Short Guide On Attack Surface Analysis

A report by Frost & Sullivan found that more than 80% of survey respondents admit to using non-approved applications in their jobs.If you don’t know what to protect, then you cannot protect.

Creating an asset inventory is the first step of any cyber security management function. However due rapid digitization, cloud adoption, IoT adoption and agile disperse teams, 3rd party integrations etc cyber…


Added by CISO Platform on October 24, 2019 at 12:00pm — No Comments

What are are the Top 5 CISO Frustrations?

I was recently asked an interesting question: What are are the Top 5 CISO frustrations with the cybersecurity industry?

After a few minutes of deep thought and half a cup of coffee later (my 4th big cup of the day), this is what I came up with:

Top 5 CISO Frustrations of the Industry:

  1. Maintaining an…

Added by Matthew Rosenquist on July 25, 2020 at 2:07am — No Comments

The 10 Worst Cybersecurity Strategies

Counting down to the absolutely worst cybersecurity strategies. Sadly, these are all prevalent in the industry. Many organizations have failed spectacularly simply because they chose to follow a long-term path that leads to disaster. You know who you are…

Let’s count them down.  

10. Cyber-Insurance



Added by Matthew Rosenquist on July 17, 2020 at 12:59am — No Comments

Data Security and Threat Models

This post is my admittedly imperfect attempt to “reconnect” data security controls to threats. It is also my intent to continue pulling on the thread I touched in this post— so expect more posts about that.

Let’s first get this out of the way: there are absolutely security controls that are NOT…


Added by Dr. Anton Chuvakin on May 8, 2020 at 11:00am — No Comments

The Essential Eight: Application Hardening

Part 6 of 8: Application Hardening

What Is It?  Think of it kind of like spring cleaning on top of a minimalist lifestyle where you keep only what you absolutely need after taking stock of what you have. Many applications are installed with defaults (you know the Next-Next-Next-Next-OK…


Added by Logan Daley on June 22, 2020 at 5:04am — No Comments

Will AI rescue the world from the impending doom of cyber-attacks or be the cause

There has been a good deal of publicized chatter about impending cyberattacks at an unprecedented scale and how…


Added by Matthew Rosenquist on July 8, 2020 at 5:17am — 1 Comment

(Free Tool Inside) Critical “SMBleed”, Vulnerability : Are You Affected

This blog was originally contributed by Apoorv Saxena, technical team, FireCompass over here…


Added by pritha on June 30, 2020 at 4:55pm — No Comments

I’m a CISO, what’s next?

 [Posted on Behalf of Gary Hayslip CISO Softbank Investment advisor]

Over the years in my career, I have heard some variation of this question from many of my peers. Usually, the discussion starts over a cold beverage as we catch up and discuss how our current roles and the companies we work for have issues, note to the reader everyone has issues, and that leads to the inevitable “now what, is there something else?” Basically, they have…


Added by CISO Platform on June 15, 2020 at 5:56pm — No Comments

Are you working from home?

[Posted on Behalf of Pushkal Mishra, AVP IT & CISO HDFC ERGO Health Insurance Ltd.]
While the world is battling with COVID-19, Information security professionals have a double duty to do.

1. Take all the precaution to keep the Coronavirus away on the personal front

2. Manage the IT risks that come along while facilitating Work From Home (WFH) for the organizations they work for

Let’s focus on point No. 2 here. With COVID-19, the…

Added by CISO Platform on June 15, 2020 at 8:10pm — No Comments

The CISO Job and Its Short Tenure

[Posted on Behalf of Gary Hayslip,  CISO Softbank Investment advisor]

Recently, I have written and spoken on the subject of CISO burnout. I have stated my belief that the job is maturing so fast, it's harming many of the security professionals who serve in its varied positions. While speaking about this subject and the importance of self-care for security professionals to manage their stress, I also found another topic that is of great…


Added by CISO Platform on June 17, 2020 at 5:01pm — No Comments

Teaching AI to be Evil with Unethical Data

An Artificial Intelligence (AI) system is only as good as its training. For AI Machine Learning (ML) and Deep Learning (DL) frameworks, the training data sets are a crucial element that defines how the system will operate. Feed it skewed or biased information and it will create a flawed inference engine. …


Added by Matthew Rosenquist on July 4, 2020 at 10:43pm — No Comments

10 Areas of Change in Cybersecurity for 2020

Cybersecurity in 2020 will be evolutionary but not revolutionary.  Although there is always change and churn, much of the foundational drivers remain relatively stable.  Attacks in the next 12 months are likely to persist in ways already known but taking it up-a-notch and that will lead to a steady escalation between attackers and defenders. …


Added by Matthew Rosenquist on May 12, 2020 at 10:00am — No Comments

You've got Mail!

You've got Mail!

While the world continues to battle with the Corona pandemic, there is another pandemic unfolding in digital space. Businesses and people are seeing an unprecedented onslaught of cyberattacks. As organisations try to maintain the business continuity and keep their…


Added by Rajesh Jain on May 9, 2020 at 1:58pm — No Comments

Maze Ransomware Attacks Cognizant

A large enterprise cognizant has released a notification regarding the maze ransomware attack. The team is working on various aspects to contain the incident. However, this puts us in a shocking position to understand how vulnerable major companies are. There have been various previous reports on this notorious malware…

Maze Ransomware Hits Cognizant


Added by pritha on May 12, 2020 at 12:22pm — No Comments

3 Steps That CISOs Can Take to Turn Hard Times Into a Blueprint for Success

As the CEO of Zoom, Eric Yuan is certainly one of the beneficiaries of the dramatic shift to remote work that’s occurred in light of the COVID-19 pandemic. His video conferencing platform has become somewhat of a phenomenon virtually overnight, and Yuan has become one of the world’s richest men in the process. So why has April turned into the …


Added by Pete Thurston on April 16, 2020 at 9:30pm — No Comments

Increase of the Phishing attacks in the COVID-19 situation

No alt text provided for this image

Novel CoronaVirus is not only posing a grave danger in the real world, but it is also posing a threat to the cyberworld. Cybercriminals are exploiting the public fears about this deadly virus using phishing attacks.

Phishing is a technique used by cybercriminals to send genuine-looking emails and make the user take actions. These actions can be replying with personal information or clicking…


Added by Venkata Satish Guttula on April 30, 2020 at 4:45pm — No Comments

Work From Anywhere Is The New Normal: Challenges & Solutions

Trying times like these requires organization to put their best foot forward for the safety of their employees and to enable business continuity. Work from anywhere in view of lock down and work from home is new normal. While some organizations had remote work enabled  with defined technologies and polices for some years  and are now…


Added by Smita on April 28, 2020 at 8:30pm — No Comments

Featured Monthly Archives












CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by SACHIN BP SHETTY Apr 24. 1 Reply

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

[Please Suggest] Corona Virus: Security advisory for work from home

Started by CISO Platform. Last reply by Bhushan Deo Mar 20. 12 Replies

(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue

Tags: #COVID19

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service