San Francisco, Calif., Aug. 1, 2025, CyberNewswire—Comp AI, an emerging player in the compliance automation space, today announced it has secured $2.6 million in pre-seed funding to accelerate its mission of transforming how companies achieve complia
CISO (287)
Peter Gutmann and Stephan Neuhaus have a new paper—I think it’s new, even though it has a March 2025 date—that makes the argument that we shouldn’t trust any of the quantum factorization benchmarks, because everyone has been cooking the books:
Simil
Fraudsters are flooding Discord and other social media platforms with ads for hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited by players. Here’
I will be really, really honest with you — I have been totally “writer-blocked” and so I decided to release it anyway today … given the date.
So abit of history first. So, my “SOC visibility triad” was released on August 4, 2015 as a Gartner blog (it
The Cybersecurity Vault - episode 49, with guest Bob Zinga.
Cybersecurity leadership is facing a more difficult threat landscape and growing business challenges with CEO’s, C-suites, and Boards. Leadership skills and execution are more important than
ProPublica is reporting:
Microsoft is using engineers in China to help maintain the Defense Department’s computer systems—with minimal supervision by U.S. personnel—leaving some of the nation’s most sensitive data vulnerable to hacking from its lead
I froze when the question came in. If you work in cyber, you’ll know this question all too well. It’s the one that continues to resurface, both in boardrooms and at industry events:
“Why are people still the weakest link?”
Yes, it was familiar. Yes
The Chinese have a new tool called Massistant.
- Massistant is the presumed successor to Chinese forensics tool, “MFSocket”, reported in 2019 and attributed to publicly traded cybersecurity company, Meiya Pico.
- The forensics tool works in tandem with
In my days there, Gartner had Maverick research (here is mine, from 2015 about social engineering AIs…. yes, really!) that “deliberately exposed unconventional thinking and may not agree with Gartner’s official positions.”
Here is a “maverick-ish” bl
On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used th
Seems like an old system system that predates any care about security:
The flaw has to do with the protocol used in a train system known as the End-of-Train and Head-of-Train. A Flashing Rear End Device (FRED), also known as an End-of-Train (EOT) de
We are excited to invite you to the CISO Cocktail Reception if you are there at the BlackHat USA, Las Vegas 2025. This event is organized by EC-Council with CISOPlatform and FireCompass as proud community partners.
Please note that this event is exc
It started in a rugby box.
There I was, watching the match from a VIP suite—surrounded by a handful of other cybersecurity leaders. The beers were cold, the banter flowing, but one comment cut through the noise:
“Cybersecurity’s no longer about tech
In this interview with Peter Ulrich, Denver’s information technology audit manager, we explore relationships between auditors and security teams in government.
Back in 1789, Benjamin Franklin wrote a letter to a French scientist named Jean-Bap
Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the weaknesses addressed this month are known to be actively exploited, but 14 of the flaws earned Microsof
Building Real World Zero Trust
In cybersecurity’s early days, we built defenses like medieval castles big walls (firewalls), a drawbridge (VPNs), and guards at the gates (passwords). Once someone was inside, they could roam freely. But today’s world
Lately, a lot of people have been asking me about what “triggers” threat modeling. The question confused me: you think about threats as part of any design decision! There are lots and lots of design decisions, ranging from tiny to enormous. For each,
Benchmarking CISO Leadership Performance : A Strategic Guide for New CISOs
In today’s rapidly evolving cybersecurity landscape, Chief Information Security Officers (CISOs) are no longer confined to the role of mere technical guardians of digital asse
The gambling firms Paddy Power and BetFair have suffered a data breach, after “an unauthorised third party” gained access to “limited betting account information” relating to up to 800,000 of their customers.
What was exposed? Usernames, email addres
In an era where AI tools are transforming software development, CISOs face a pressing challenge: how to harness the speed of AI code generation without compromising on security. In a compelling CISO Talk (Chennai Chapter) hosted by CISO Platform, Ram
Join The Community Discussion
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
Atlanta Chapter Meet: Build the Pen Test Maturity Model (Virtual Session)
- Description:
The Atlanta Pen Test Chapter has officially begun and is now actively underway.
Atlanta CISOs and security teams have kicked off Pen Test Chapter #1 (Virtual), an ongoing working series focused on drafting Pen Test Maturity Model v0.1, designed for an intel-led, exploit-validated, and AI-assisted security reality. The chapter was announced at …
- Created by: Biswajit Banerjee
- Tags: ciso, pen testing, red team, security leadership
The Insider Risk Summit (West)
- Description:
- Created by: pritha
- Tags: insider risk summit, monterey, california
