A forward-thinking college student decides to reach out to local business professionals to organize an in-person Q&A panel for fellow students and entrepreneurs. Aili Vaananen called several successful businesspeople and assembled a great panel who s

As technology continues to evolve, so too the threats to the security of enterprises. As we enter 2023, the threat landscape for enterprises is becoming increasingly complex, fast-moving, with cyber threats growing in both volume and sophistication.

Cybersecurity has a growing problem that will force an evolution in the industry — it must deliver more recognizable value!

Cybersecurity must re-envision itself to both protect and become an active contributor to the overarching business goals. Embra

In this episode of the CISOPlatform QnA, we dived into the recent Securities and Exchange Commission rules or SEC rules, that are setting a new standard for cybersecurity incident reporting, and Denise, our very own community manager at CISOPlatform

Penetration testing, often referred to as "pen testing" or "ethical hacking," is a cybersecurity assessment technique used to evaluate the security of computer systems, networks, applications, or other digital environments. The primary purpose of pen

According to latest Threat Intelligence, 80% of the times, Ransomware gets initial access using Top 3 Attack Vectors:
1. Exploiting Vulnerabilities
2. Shadow IT & Stolen Credentials
3. Various Variants Of Phishing Attacks
This webinar covers 6 most c

There are many approaches to conduct a strategic cybersecurity risks assessment.  This is one of my favorite ways, using a Threat Agent Risk Assessment (TARA) methodology. 

This paper was authored by Tim Casey, David Houlding, and I while we were at I

Incident Lifecycle Management : Threat Management - NIST Aligned Process

Incident Lifecycle Management (ILM) refers to the systematic process of handling and managing security incidents within an organization. It involves the entire lifecycle of a

We are excited for the next ‘Best Of The World’ Session On "What's Hot For State CISOs In 2023?" by Dan Lohrmann (Field CISO, Presidio), Danielle Cox (CISO, West Virginia) & Michael Gregg (CISO, North Dakota)

The 'Best Of The World' Series features

Ever wonder what kinds of things happen when good-intentioned people try to manage cybersecurity?  Well, in this case, a High School in Illinois responded to a system error by resetting every student’s password and then communicating it to all the pa

This webinar covers popular IaaS/PaaS attack vectors, list them, and map to other relevant projects such as STRIDE & MITRE. Security professionals can better understand what are the common attack vectors that are utilized in attacks, examples for pre

Overview of Incident Response

Incident response is a critical aspect of any organization's cybersecurity strategy. When a security incident occurs, it is crucial to have a well-defined plan in place to handle the situation effectively. This blog pos

We are excited for the next ‘Best Of The World’ Session On "Understanding Cloud Attack Vectors" by Moshe Ferber (Cloud Security Expert, Frequent Speaker at Defcon, Blackhat, RSAC APJ)

The 'Best Of The World' Series features the world's best securit

Hackers are exploiting an un-patchable vulnerability (CVE-2023–2868) in Barracuda Email Security Gateway appliances. Barracuda has announced that customers should discontinue using the email security product or upgrade. Hackers are using multiple typ