Heads-up to my Intel and former Intel colleagues — a data breach has been discovered that exposed information on 270k workers. The good news, is that the data was probably not very sensitive as it was the internal system used to order business cards.
Blog (944)
“Who’s winning on the internet, the attackers or the defenders?”
I’m asked this all the time, and I can only ever give a qualitative hand-wavy answer. But Jason Healey and Tarang Jain’s latest Lawfare piece has amassed data.
The essay provides the fi
We’re excited to bring you an AI Demo Talk on "Harnessing AI to Personalize and Automate Human Risk Management" with Uzair Ahmed Gilani (CTO, Right-Hand Cybersecurity). In this session, we’ll dive into how AI can transform the way organizations manag
LAS VEGAS — A decade ago, the rise of public cloud brought with it a familiar pattern: runaway innovation on one side, and on the other, a scramble to retrofit security practices not built for the new terrain.
Related: GenAI workflow risks
Shadow IT
This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Cloud Threat Horizons Report, #12 (full version) that we just released (the official blog for #1 report, my unofficial
I spoke at the Black Hat Conference in Las Vegas for the first time since the COVID-19 pandemic. Here’s what I learned and a few takeaways to share.
I just returned from Black Hat in Las Vegas, and once again, AI dominated all conversations on b
Airportr is a service that allows passengers to have their luggage picked up, checked, and delivered to their destinations. As you might expect, it’s used by wealthy or important people. So if the company’s website is insecure, you’d be able to spy o
LinkedIn Security Tips to Protect from Fraud, Social Engineering, and Hacking
Stay updated on best #cybersecurity practices, be smart, and stay safe!
For more cybersecurity insights, follow me:
You
San Francisco, Calif., Aug. 1, 2025, CyberNewswire—Comp AI, an emerging player in the compliance automation space, today announced it has secured $2.6 million in pre-seed funding to accelerate its mission of transforming how companies achieve complia
Peter Gutmann and Stephan Neuhaus have a new paper—I think it’s new, even though it has a March 2025 date—that makes the argument that we shouldn’t trust any of the quantum factorization benchmarks, because everyone has been cooking the books:
Simil
LinkedIn is a great communication tool for business professionals that informs, provides opportunities, and fosters collaboration — which is exactly why it is attractive to sophisticated cyber adversaries, including aggressive nation state actors, wh
We’re excited to bring you an insightful fireside chat with Sandro Bucchianeri (Group Chief Security Officer at National Australia Bank Ltd.) and Erik Laird (Vice President - North America, FireCompass).
About Sandro:
Sandro Bucchianeri is an a
Fraudsters are flooding Discord and other social media platforms with ads for hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. Here’
I will be really, really honest with you — I have been totally “writer-blocked” and so I decided to release it anyway today … given the date.
So abit of history first. So, my “SOC visibility triad” was released on August 4, 2015 as a Gartner blog (it
ProPublica is reporting:
Microsoft is using engineers in China to help maintain the Defense Department’s computer systems—with minimal supervision by U.S. personnel—leaving some of the nation’s most sensitive data vulnerable to hacking from its lead
Microsoft faces ongoing, systemic cybersecurity failures rooted in blind spots within its very organizational design. These vulnerabilities repeatedly result in serious product blunders and damaging breaches. This has once again become evident with t
I froze when the question came in. If you work in cyber, you’ll know this question all too well. It’s the one that continues to resurface, both in boardrooms and at industry events:
“Why are people still the weakest link?”
Yes, it was familiar. Yes
The Chinese have a new tool called Massistant.
- Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico.
- The forensics tool works in tandem with
I am truly honored to join the Advisory Board of MindShield. This marks the beginning of an important journey—one focused on deciphering the underlying cognitive vulnerabilities that malicious cyber threats exploit. Our goal is to help individuals a
In my days there, Gartner had Maverick research (here is mine, from 2015 about social engineering AIs…. yes, really!) that “deliberately exposed unconventional thinking and may not agree with Gartner’s official positions.”
Here is a “maverick-ish” bl
Join The Community Discussion
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
The Insider Risk Summit (West)
- Description:
- Created by: pritha
- Tags: insider risk summit, monterey, california
CISO Cocktail Reception, San Francisco
- Description:
Are you @RSAC?
CISO Yacht Cocktail Dinner
Going to RSA Conference?
After a day of attending sessions at RSA, join us on a luxury yacht for drinks, food, and live entertainment while enjoying the stunning skyline views, cruising on San Francisco Bay.
Yacht Party…
- Created by: pritha
- Tags: san francisco, rsac, rsac2026, ciso, cocktail, yacht, invite-only
