A coalition of banking industry associations, including SIFA, the American Bankers Association (ABA), Bank Policy Institute (BPI), and several other lobbying groups have made a disgraceful appeal to the SEC to eliminate the rule requiring public disc
regulation (20)
My article on Help Net Security highlighting how the banking industry is leveraging their powerful lobbying groups to try and undermine the U.S. Securities and Exchange Commission 4-day cybersecurity reporting rule, which has been in place for over a
Banking industry lobbyists are pressuring the SEC to gut the four-day breach disclosure rule — an essential safeguard for shareholders and potential victims. Their arguments are misleading, self-serving, and designed to protect profits over public tr
The SEC has fined four major companies for materially misleading investors regarding cyberattacks.
Tech in Trouble
Regulatory actions have been brought against Unisys, Avaya, Check Point, and Mimecast for their purposeful decisions to not clearly infor
A recent report by Trellix indicated that due to growing complexity, responsibility, and regulatory accountability, a majority of CISOs believe their role should be split into separate positions.
This finding struck me as a little odd. It seems counte
The National Public Data breach has been a nightmare, exposing names, addresses, birthdates, emails, phone numbers, and Social Security Numbers of countless individuals — including mine.
As a California resident, I have the legal right to demand that
The Supreme Court struck down the Chevron Doctrine, sharply cutting back the power of federal agencies to interpret the laws they oversee and ruled that courts should rely on their own interpretation of ambiguous laws. The ramifications will have rip
More SEC rules, this time mandating financial firms inform victims of data breaches within 30 days!
Why wasn't this already a requirement?
Last year, the SEC instituted requirements for publicly traded companies to inform investors of material cybersec
The SEC case against SolarWinds and their CISO continues to reverberate across the cybersecurity community. I talk with Edward Amoroso, the Founder and CEO of TAG Infosphere, to discuss different aspects of the case and recent SEC requirements for di
The White House just released an Executive Order intended to lay down some standards intended to manage the risks of Artificial Intelligence. I absolutely like the idea of establishing guardrails to make AI safe, secure, and trustworthy, but I am uns
I think the list of executives and board members genuinely interested in cybersecurity will increase greatly as regulations, such as the US SEC cybersecurity reporting requirements and the European Union's proposed Cyber Resilience Act (CRA), are est
I like the EU Cyber Resilience Act! There, I said it! Yes, this will make companies nervous in the short term, but this regulation is a watershed moment that will fundamentally shift how digital products are secured and maintained! This will FORCE th
I like the concept of ‘banning’ the sale of offensive cyber weapons to potential adversaries, but what defines technology as offensive versus defensive?
Israel just announced it will ban the sales of hacking and surveillance tools to 65 countries: htt
A new bill has been proposed to address Ransomware. Congressman Patrick McHenry recently introduced the Ransomware and Financial Stability Act of 2021.
Good Direction, but Falls Short
I believe it is the right direction for undermining ransomware attac
Industries must either take security, privacy, and safety seriously or find themselves burdened under the crushing blanket of regulatory oversight.
A recent announcement by the European Commission that the Radio Equipment Directive will be updated to
In the absence of a federal privacy law, that would establish unified privacy rights of citizens, I applaud Colorado, to the be latest state to enact legislature that protects its residents. States are leading the charge to protect American’s privacy
Avast was recently caught selling user's web browsing data. Sensitive data like website destinations, search terms, and even what videos customers watched were collected by Avast software residing on customers' computers. The data was repackaged an
It simply makes no sense to call for IoT devices to be certified safe-and-secure. Before you get bent out of shape, hear me out.
Regulations are unwieldy blunt instruments, best left as a last resort. Cybersecurity regulations are not nimble, tend
CISO Platform
A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.
Join CISO Community Share Your Knowledge (Post A Blog)
CISO Platform Talks : Security FireSide Chat With A Top CISO or equivalent (Monthly)
- Description:
CISO Platform Talks: Security Fireside Chat With a Top CISO
Join us for the CISOPlatform Fireside Chat, a power-packed 30-minute virtual conversation where we bring together some of the brightest minds in cybersecurity to share strategic insights, real-world experiences, and emerging trends. This exclusive monthly session is designed for senior cybersecurity leaders looking to stay ahead in an ever-evolving landscape.
We’ve had the privilege of…
- Created by: Biswajit Banerjee
- Tags: ciso, fireside chat
CISO Talk (Chennai Chapter) - AI Code Generation Risks: Balancing Innovation and Security
- Description:
We’re excited to invite you to an exclusive CISO Talk (Chennai Chapter) on “AI Code Generation Risks: Balancing Innovation and Security” featuring Ramkumar Dilli (Chief Information Officer, Myridius).
In this session, we’ll explore how security leaders can navigate the risks of AI-generated code, implement secure development guardrails, and strike the right balance between innovation and security. AI…
- Created by: Biswajit Banerjee
- Tags: ciso talk
CISO MeetUp: Executive Cocktail Reception @ Black Hat USA , Las Vegas 2025
- Description:
We are excited to invite you to the CISO MeetUp: Executive Cocktail Reception if you are there at the Black Hat Conference USA, Las Vegas 2025. This event is organized by EC-Council & FireCompass with CISOPlatform as proud community partner.
This evening is designed for Director-level and above cybersecurity professionals to connect, collaborate, and unwind in a relaxed setting. Enjoy…
- Created by: Biswajit Banerjee
- Tags: black hat 2025, ciso meetup, cocktail reception, usa events, cybersecurity events, ciso
6 City Playbook Round Table Series (Delhi, Mumbai, Bangalore, Pune, Chennai, Kolkata)
- Description:
Join us for an exclusive 6-city roundtable series across Delhi, Mumbai, Bangalore, Pune, Chennai, and Kolkata. Curated for top cybersecurity leaders, this series will spotlight proven strategies, real-world insights, and impactful playbooks from the industry’s best.
Network with peers, exchange ideas, and contribute to shaping the Top 100 Security Playbooks of the year.
Date : Sept 2025 - Oct 2025
Venue: Delhi, Mumbai, Bangalore, Pune,…
- Created by: Biswajit Banerjee