The role of a CISO in an organization is continuously evolving, more so after the COVID-induced digital transformation boom - and not in isolation. Protecting businesses is more than just putting the technology pieces together, said Arvin Bansal, CISO of Nissan Americas.
In light of former Uber CSO Joe Sullivan's sentencing, five cybersecurity executives from distinct walks of cybersecurity discuss how professionals can protect themselves from personal liability for making business decisions while doing what's best for their organization.
Ron Gula practices what he preaches. The cybersecurity industry veteran who formerly led a market-leading vendor now works as an investor and philanthropist and focuses on expanding inclusivity - most recently via a $1 million grant to nonprofits that promote neurodivergent opportunities in cyber.
The cybersecurity industry needs to be increasingly agile, said Hugh Thompson, program committee chairman of RSA Conference. Attackers are constantly changing tactics. Security leaders also need to change and keep up with the technologies accessible to a large group of people, he said.
Early-stage startups interested in the implementation of artificial intelligence are often concerned about the policies surrounding AI use. While some startups are looking at automating policies, others are building platforms to test the accuracy, integrity and robustness of AI models.
Divakar Prayaga, A.P. Moller - Maersk's director for security engineering, discusses the evolution of a CISO's role from a tech to a business partner, how it affects a firm's cybersecurity posture and how to get the best return on security technology investments amid challenging economic conditions.
The guilty verdict against Joe Sullivan, former chief security officer of Uber, has generated much discussion about CISO accountability for disclosures of breaches. How should CISOs be preparing to deal with this responsibility? Kirsten Davies, CISO at Unilever, said communication is crucial.
Prosecutors are urging a U.S. federal judge to sentence former Uber CSO Joe Sullivan to 15 months in prison for his role in impeding an investigation into the ride-hailing company's security practices. Sullivan exploited "his position to cover up a deeply embarrassing event," prosecutors wrote.
Venture capitalist Alberto Yépez says there are opportunities to innovate in this economy. The market is self-correcting, but the demand for cyber protection has increased with the rise in cyberattacks and increased regulations, making it a top priority in terms of technology budgets, he said.
Much of the friction between CISOs and their general counsels, according to Ron Raether, partner at Troutman Pepper, is the result of ignorance. General counsels don't understand the full extent of IT and information security and often pin the blame on the CISOs, who become the scapegoats.
ChatGPT may be grabbing headlines, but many security practitioners are still skeptical about AI. ISMG editors at the RSA Conference 2023 in San Francisco discuss the hot topics this year, from the looming risk of the metaverse and our reality to the latest approach to cloud development.
The high-profile Equifax breach happened nearly six years ago. Jamil Farshchi, CISO of Equifax, discusses how the firm invested $1.5 billion, hired new staff and improved governance to prevent future attacks, but he says security organizations need to enter a new era of cooperation and transparency.
Supply chain risk has become more critical in the post-pandemic world, and that means you need to ask "much more focused, targeted questions" about your partners, according to Sawan Joshi, director of information security at Cervest, a climate intelligence startup.
With signs pointing to a global economic downturn, cybersecurity organizations are already thinking about managing budgets and doing more than less. Four CISOs share a wide range of belt-tightening tips, from putting the squeeze on your vendors and suppliers to training and hiring from within.
According to the World Economic Forum, geopolitical instability has helped to close the perception gap between business and cyber leaders' views on the importance of cyber risk management, and "91% of all respondents" believe that "a far-reaching, catastrophic cyber event" is on the horizon.