All Articles

We had an amazing CISOPlatform Playbook Roundtable in Atlanta! The energy in the room was incredible, and we’re taking it forward by launching a Cybersecurity Chapter in Atlanta to create the standards for pen testing programs. (Join CISOPlatform Atl

In an age where AI-driven agents increasingly handle sensitive requests, the critical question is: how do we trust the identity behind every interaction? Traditional methods like passwords and OTPs are proving inadequate in stopping fraud, deepfakes,

In today’s cybersecurity landscape, where analysts are overwhelmed by data and threats evolve faster than manual processes can handle, task-driven AI agents are emerging as game-changers. This AI Demo Talk featured Steve Povolny (Senior Director, Sec

In today’s rapidly evolving threat landscape, human risk remains one of the most critical challenges for CISOs. While technology defenses are essential, employee behaviors often define the difference between a contained incident and a costly breach.

We’re excited to bring you an insightful AI Demo Talk on "Building Trust in AI-Driven Interactions: Securing Agentic AI with Trusted Identity and Privacy-First Biometrics" with Nadav Stern (Head of Engineering, Anonybit) & Jeremiah Mason (Chief Produ

We’re excited to bring you an insightful AI Demo Talk on "Task driven agents for investigation, response, analysis and more!" with Steve Povolny (Senior Director, Security Research & Competitive Intelligence, Exabeam).

In this session, we’ll take a d

When is the right time to hire a CISO? It's a question many organizations face, and the answer isn't one-size-fits-all.

Key factors include regulatory requirements, organizational size, data sensitivity, and risk tolerance. Startups might benefit from

Knowing when to hire a CISO is a challenging proposition – one which most organizations will eventually need to answer.

The need to hire a CISO depends on a combination of factors, including but not limited to:

• Relevance of regulatory requirements

• Size

Palo Alto, Calif., July 29, 2025, CyberNewswire — Despite the expanding use of browser extensions, the majority of enterprises and individuals still rely on labels such as “Verified” and “Chrome Featured” provided by extension stores as a security in

Google’s vulnerability finding team is again pushing the envelope of responsible disclosure:

Google’s Project Zero team will retain its existing 90+30 policy regarding vulnerability disclosures, in which it provides vendors with 90 days before full

Security teams can no longer afford to wait for alerts — not when cyberattacks unfold in milliseconds.

That’s the core warning from Fortinet’s Derek Manky in a new Last Watchdog Strategic Reel recorded at RSAC 2025. As adversaries adopt AI-driven to

Newark, NJ, Aug. 4, 2025, CyberNewswire—Early Bird registration is now available for the inaugural OpenSSL Conference, scheduled for October 7–9, 2025, in Prague. The event will bring together leading voices in cryptography, secure systems, and open-

An Arizona woman was sentenced to eight-and-a-half years in prison for her role helping North Korean workers infiltrate US companies by pretending to be US workers.

From an article:

According to court documents, Chapman hosted the North Korean IT wo

London, Aug. 11, 2025, CyberNewswire—A survey of 80 North American MSPs shows fragmented security stacks drive fatigue, missed threats, and business inefficiency

Security tools meant to protect managed service providers are instead overwhelming them

“Who’s winning on the internet, the attackers or the defenders?”

I’m asked this all the time, and I can only ever give a qualitative hand-wavy answer. But Jason Healey and Tarang Jain’s latest Lawfare piece has amassed data.

The essay provides the fi

We’re excited to bring you an AI Demo Talk on "Harnessing AI to Personalize and Automate Human Risk Management" with Uzair Ahmed Gilani (CTO, Right-Hand Cybersecurity). In this session, we’ll dive into how AI can transform the way organizations manag

LAS VEGAS — A decade ago, the rise of public cloud brought with it a familiar pattern: runaway innovation on one side, and on the other, a scramble to retrofit security practices not built for the new terrain.

Related: GenAI workflow risks

Shadow IT

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our next Cloud Threat Horizons Report, #12 (full version) that we just released (the official blog for #1 report, my unofficial

I spoke at the Black Hat Conference in Las Vegas for the first time since the COVID-19 pandemic. Here’s what I learned and a few takeaways to share.

I just returned from Black Hat in Las Vegas, and once again, AI dominated all conversations on b

Airportr is a service that allows passengers to have their luggage picked up, checked, and delivered to their destinations. As you might expect, it’s used by wealthy or important people. So if the company’s website is insecure, you’d be able to spy o