Cyber Security Tribe

Q. What is the most used application in the enterprise that was not created with enterprise security controls? A. The Browser. Solution: The Enterprise Browser, which offers security controls and compliance features as well as secure access to data and applications, even from unmanaged devices. Many enterprises are turning to enterprise browsers, like Island for increased security and reducing the need for a VDI. We are proud to be partnered with the Island team as a Knowledge Partner.

From our 2025 State of the Industry Annual Report, take a look at these stats. Some as expected, some a bit surprising. #CISO #DSPM #IAM National Institute of Standards and Technology (NIST) #NISTCybersecurityFramework OWASP? Foundation

"Predictive Identity Verification (IDV) is fundamentally flawed." https://lnkd.in/dteBezvt Michael Engle discusses how to fix step-up authentication and how biometric authentication isn’t merely an additional security layer, it represents a fundamental shift in how enterprises should approach identity verification. 1Kosmos

From Tuskira: A new critical vulnerability, CVE-2025-24813, affecting Apache Tomcat has been identified and actively exploited in the wild within 24 hours following the public release of exploit code. This blog provides an in-depth understanding of the vulnerability, its exploitation process, impact, risk profile, and actionable mitigation strategies. https://lnkd.in/ed_-yiAK #CVE #ApacheTomcatVulnerability

"Cybersecurity must be a foundational pillar of AI governance to ensure system reliability" https://lnkd.in/ehpaisX7 In our latest article Paola Gálvez Callirgos?? discusses the critical role that CISOs play during the development of AI governance frameworks and the deployment of an AI system in an organization.

https://lnkd.in/eFCGn8Ce We recently published a report titled: CTEM: Redefining Vulnerability Management in Healthcare, this article written by Jon Fredrickson is an excerpt from the report and highlights 4 vulnerability management risks in healthcare today. #HealthcareCISO #CTEM #vulnerabilitymanagement #ContinuousThreatExposureManagement #Healtcharecybersecurity

https://lnkd.in/eJvUDvGc Interesting that more CISOs feel supported by their Boards than last year, but there's a decrease in the percentage who feel the Board understands cybersecurity. #CISOs #boadsupport

https://lnkd.in/evnA5wS8 Cryptocurrency has revolutionized the financial world. It offers speed, decentralization, and privacy, which make it attractive for legitimate investors and businesses. But that same anonymity has also made it a preferred tool for cybercriminals, particularly in money laundering and human trafficking. Criminal networks exploit the decentralized nature of cryptocurrency to move funds across borders, making it incredibly difficult for authorities to trace illicit transactions. In this article by Stacy Tatem (She/Her), she provides insights into how AI and machine learning models can parse massive amounts of blockchain data at incredible speeds, identifying patterns and anomalies that humans might miss.

There was a time when I was always the only woman in the room, whether that was at an event, a meeting, or a round table. Over the past two years that has shifted significantly and I’ve been so fortunate to meet many inspirational females in the industry. Apologies for anyone I may miss, but I must recognize: Olivia Phillips Julie Myerholtz Dd Budiharto CISSP CISM Shawnee Delaney Glenda Lopez, CTPRP Bezawit Sumner Carmen Marsh Noureen Njoroge Executive MBA Dr. Vivian Lyon, DIT, MBA, PMP, CISM, CISA, CRISC, CDPSE, CEH, CHFI Christina Morillo Jennifer Raiford Nicole Darden Ford Chamon Gayton Mea Clift Bindu Sundaresan

If you're interested in discussing any of the below topics with other Cyber Security Leaders, please reach out to us. These are 1-hour video roundtables with 8-10 CISOs (or equivalent titles) that an are open discussion amongst the participants. Although some of these are at full capacity, there will be additional ones covering these topics: Topic: Do You Know Who Has Access? Stopping Modern Identity Attacks? ? The increase in risks with remote employees and identity fraud ? The necessity of identity verification in a AI enabled world – even with tenured employees ? Identity lifecycle trust with seamless UX Topic: Modernizing Credentialing and Account Recovery: Beyond Incumbent Multifactor Authentication (MFA)? ? The increase in deepfake attacks and identity deception in remote worker hiring?? ? Preventing unauthorized account collusion and credential sharing? ? How to defeat social engineering attacks targeting the IT Service Desk Topic: AI-Powered Attacks vs. AI-Powered Defense: Who Wins? ? How AI is changing the attacker-defender dynamic ? Appling AI to reduce attack surfaces and prevent evasion techniques ? Testing security controls against AI-generated attack techniques Topic: SaaS and Web Based Apps: Securing the Modern Enterprise ? Governing how users interact with all SaaS and web applications ? Embracing GenerativeAI in a secure environment ? Protecting corporate data across all services, devices, locations and workers Topic: Best Practices for Board Reporting ? How much risk is too much risk ? What does the Board really want to hear ? How to articulate the true needs of security while meeting the business objectives