CISO Guru

A CISO game plan for cloud security As businesses increasingly migrate to the cloud, CISOs face numerous critical challenges in ensuring robust cloud security. Gartner projects a significant 24% increase in spending on cloud security, positioning it as the fastest-growing segment within the global security and risk management market. Shifting to cloud computing necessitates fundamentally rethinking security. Organizations strive to integrate the cloud into standard business operations, however, this transition has more pitfalls than most CISOs understand. Issues that have been present in traditional IT environments persist in the cloud, such as governance, misconfiguration, insecure supply chains and pipelines, data loss or exfiltration, and failures in secrets and key management. The cloud introduces unique risks, including limited visibility, dynamic attack surfaces, identity proliferation, and misunderstandings around shared responsibility, compliance, regulation, and sovereignty. And this is just the tip of the iceberg. Many CISOs and security teams need clarification about the?shared responsibility model?used by major public cloud providers such as Amazon Web Services (AWS) and Microsoft Azure. CISOs often encounter several key pitfalls in managing cloud security: Business lines have inadequately addressed security needs. The cloud is more complex than initially understood. Cloud strategy, architecture, or transformation initiatives often proceed without input from the CISO, who is then expected to make it all secure. Failure to collaborate with CIOs to integrate security into platform engineering and DevOps bottlenecks development pipelines with outdated security processes. Avoid using old security patterns that are applied to new technologies. #CISO #cloudsecurity

Mergers and acquisitions (M&A) are a common way for businesses to grow and expand their operations. However, these deals can also introduce new risks for cybersecurity teams. I will review some of the key risks that CISOs need to be aware of when their company is involved in an M&A. I will also provide some tips on how to mitigate these risks. Key Risks There are several key risks that CISOs need to be aware of when their company is involved in an M&A. These risks include: * Data breaches: When two companies merge, their data sets are combined. This can increase the risk of a data breach, as the combined data set is now a larger target for attackers. * Misconfigurations: When two companies merge, their IT systems are also combined. This can lead to misconfigurations, which can open up security vulnerabilities. * Incompatible security policies: When two companies merge, their security policies may not be compatible. This can create security gaps that attackers can exploit. * Cultural differences: When two companies merge, their cultures may also be different. This can lead to challenges in implementing security policies and procedures. Mitigating Risks There are a number of things that CISOs can do to mitigate the risks associated with M&A. These include: * Performing a security due diligence review: This will help to identify any potential security risks associated with the M&A. * Implementing a security integration plan: This plan will help ensure that the two companies' IT systems are properly integrated securely. * Establishing a security steering committee: This committee will oversee the merged company's security. * Providing security awareness training to employees: This training will help employees to understand the company's security policies and procedures. By taking these steps, CISOs can help mitigate the risks associated with M&A and protect their company's data and assets. ## Conclusion Mergers and acquisitions can be a complex and challenging process, but they can also be a great way for businesses to grow and expand. By understanding the key risks associated with M&A and taking steps to mitigate these risks, CISOs can help to ensure that their company's data and assets are protected.

NIST Can't Allocate Enough Resources To Maintain The National Vulnerability Database(NVD). ?? The NVD database, a U.S. federal government-maintained repository of security vulnerabilities, virtually stopped in February after funding cuts forced NIST to stop analyzing thousands of reported software and hardware flaws. ?? The database was nearing 10,000 unanalyzed vulnerabilities and NIST only assessed two of the nearly 2,000 CVEs reported in May. ?? This is a clear example of the US falling behind as China exploits our apathy and weakness attacking our government's antiquated security infrastructure. #NIST #CVE #CISA #DHS

AI Scammers Are Hijacking Google Searches ?? Cybercriminals Are Using AI to Place Fake Sites Atop Search Results. They are leveraging advanced AI to manipulate search results and lure unsuspecting users into clicking on malicious links. ???? Scammers purchase ads to place their fake websites at the top of search results. These sites look legitimate and trustworthy but are designed to trap you. For example, searching for “PayPal” might show a top result that appears genuine. You click, and suddenly, you’re on a fake site that steals your personal information. ?? Researchers have noted a shift from email-based to browser-based attacks. Cybercriminals are now favoring search result manipulation to distribute malware, making it more crucial than ever to stay vigilant. Google actively works to flag and remove suspicious listings, but many slip through the cracks. #cybersecurity #AI #

FBI Says It Dismantled 'Likely the World's Largest Botnet' US-Led Operation Disrupts 911 S5 Botnet in Global Crackdown U.S. federal law enforcement said Wednesday that an international law enforcement operation disrupted the 911 S5 botnet used to hack residential computers as proxies to commit fraud. The department's Office of Foreign Assets Control said an investigation revealed the botnet was used to submit "tens of thousands of fraudulent applications" for coronavirus and economic stimulus funds and to anonymously spread bomb threats. The botnet infected computers in nearly 200 countries including 613,841 IP addresses located in the U.S.?According to?the indictment, Wang criminally generated millions of dollars by offering access to the exploited devices for a fee.

AI Is an Expert Liar Artificial intelligence lies the way humans lie - without compunction and with premeditation. That's bad news for the people who want to rely on AI, warn researchers who spotted patterns of deception in AI models trained to excel at besting the competition. Large language models and other AI systems learn through the data they're trained on - and that includes the ability to deceive by concealing the truth or offering untrue explanations. In an experiment, the researchers discovered that AI systems trained to negotiate monetary transactions learned to misrepresent their preferences to gain an advantage over their counterparts. They also "played dead" to avoid being recognized by a safety test meant to detect their presence. #AI Rashmi Ramesh

There Has Been a Lot of Discussions about Banning TikTok since President Joe Biden Signed The Tik Tok Ban Legislation Today. Tik Tok Had Already Been Banned on All Government Devices in March of 2023. Tic Tok is People's Republic of China(PRC) Spyware. If you use TikTok maybe you should read the Terms of Use you agreed to when you downloaded the app. Terms of Service: https://lnkd.in/g7PXFy2a Privacy policy: https://lnkd.in/gQ6xJwBR We collect certain information about the device you use to access the Platform, such as your IP address, user agent, mobile carrier, time zone settings, identifiers for advertising purposes, model of your device, the device system, network type, device IDs, your screen resolution and operating system, app and file names and types, keystroke patterns or rhythms,?battery state, audio settings and connected audio devices. We automatically assign you a device ID and user ID. Where you log in from multiple devices, we will be able to use information such as your device ID and user ID to identify your activity across devices. We may also associate you with information collected from devices other than those you use to log in to the Platform. We gather your phone and social network contacts. If you choose to find other users through your phone contacts, we will access and collect information such as names, phone numbers, and email addresses, and match that information against existing users of the Platform. Information, including text, images, and videos, found in your device’s clipboard, with your permission. For example, if you choose to initiate information sharing with a third-party platform, or choose to paste content from the clipboard onto the Platform, we access this information stored in your clipboard in order to fulfill your request. Your phone and social network contacts, with your permission. If you choose to find other users through your phone contacts, we will access and collect information such as names, phone numbers, and email addresses, and match that information against existing users of the Platform. If you choose to find other users through your social network contacts, we will collect your public profile information as well as the names and profiles of your social network contacts. There is much more but you can read it for yourself. Especially the Privacy Policy. They say "with your permission" but by default, they do not ask for permission

MITRE Corporation, a non-profit organization that operates federally funded research and development centers (FFRDCs) on behalf of the US government, has revealed a major breach in its Networked Experimentation, Research, and Virtualization Environment (NERVE), a collaborative network vital for the organization’s research and development activities. Jason Providakes, president and CEO, of MITRE Corporation highlighting the relentless nature of cyber threats warned that “No organization is immune from this type of cyber attack, not even one that strives to maintain the highest cybersecurity possible.” The threats and cyber attacks are becoming more sophisticated and require increased vigilance and defense approaches. The breach, detected in early April 2024, has been attributed to a foreign nation-state threat Actor.?Cybersecurity major Checkpoint defines?a nation-state cyberattack as an attack carried out by a state-sponsored actor against another government or some other individual or organization. Gyana Swain

If I look at one of the most troubling things I see in the world of cloud computing, it’s this. Enterprises have accepted inefficient cloud deployments and they’re coming back to bite them in the butt. The fix is going to be long and costly.

Do You Think Toxic CISOs Are a Security Risk? Given the perilous environment of security today — the ruthless hackers, AI-based threats, legislative compliance changes, limited staffing, and mounting liability concerns — it’s easy to see why some CISOs might occasionally lose their cool on the job. One of the thorniest challenges of a toxic CISO is that the person causing the problem is also the one in charge, making them susceptible to blind spots about their own behavior. Many see toxic CISOs as symptomatic of a wider problem across all industries: organizations promoting people with expertise in one specific domain to executive positions, without ensuring they possess broader leadership skills like communication and emotional intelligence. What do you think? Chris Roberts Brent Deterding Jimmy S, CISSP, CRISC, CISM