iSecurity Social’s Post

In recent weeks, the headlines have been flooded with reports of significant cybersecurity breaches, impacting organizations ranging from small businesses to large multinational corporations. High-profile incidents have raised alarm bells in the tech world and beyond, forcing us to confront a pressing question: Why is this happening? Now I have been pondering this question and have a few option that could lead to this: 1.    Increased Attack Sophistication 2.    Remote Work and Digital Transformation 3.    Lack of Cyber Hygiene 4.    InsufficientCybersecurity Investment 5.    Insider threat 6.    Lack of visibility 7.    Lack of understanding of the risks 8.    Ignorance 9.    Arrogance Or is it something else entirely? #ciso #leadership #alchemycyberdefence #troublemaker

I’m curious if anyone has insights into the current cyber expertise levels on S&P 500 boards? Have there been any reports published in 2024? This is from last year: A report found that S&P 500 organizations have gaps in their cybersecurity leadership when it comes to risk mitigation. The study found that 57% of companies in the S&P 500 lack specialized experience in non-cyber technology categories. Twelve percent of S&P 500 companies have specialized cybersecurity expertise among their directors, such as a chief information security officer (CISO), former chief executive officer (CEO), or former chief information officer (CIO) of a cyber company on their boards. Seven percent had a current or former CISO on their boards. Link in comments

Gartner statistics predict that by 2025, stress at work will force 25% of security leaders to pursue completely alternative professions, and the majority of cyberattacks will be caused by human error or a lack of skill. For individuals working in #cybersecurity, it’s evident that the existing strategy isn’t working. Leaders need to address this problem before it’s too late and realize that #hyperautomation in #security may hold the key to a successful organizational security posture. Our new blog delves into the benefits of hyperautomation in cybersecurity to reduce organizational debt & improve brand value. https://hubs.ly/Q02F2hnB0

Cybersecurity 2024: Key Insights from Industry Leaders https://lnkd.in/gq-4ciQa The threat landscape is evolving rapidly, with scams now outpacing ransomware globally. Here are my takeaways from the Queensland Futures Institute's recent panel: Emerging Risks Ryan Ko highlighted the fivefold rise in scam payments, showing how cybercriminals are increasingly targeting individuals and SMEs. Awareness and prevention are especially critical for vulnerable groups. Building a Security Culture Ivar van den Berge shared the value of using ‘cyber safety shares’ in meetings to build a security-conscious mindset across teams. He points out how leadership can drive awareness and accountability. Adopting AI for Security Karla Day discussed the challenge of finding trustworthy AI vendors amidst overwhelming options. She highlighted that smart partnerships are key to leveraging AI effectively. SMEs and Cybersecurity Bruce Irwin emphasised the need for risk-aware cultures, strong governance, and processes before relying on technology. He advised that the focus must be on people and processes first; technology is the enabler. Government’s Role Cat Matson highlighted that with two-thirds of SMEs at risk of failure after a ransomware attack, government support is essential. Her advice was that policy and resources must prioritise small business resilience. These insights reinforce the importance of collective action across leadership, technology, and policy to combat growing cyber threats. What is your top priority for cybersecurity ? Let me know your thoughts. #CyberSecurity #Leadership #DigitalTransformation

#Cybersecurity is no longer just an IT problem, it’s a critical #business priority that impacts every aspect of #operations, #reputation, and #trust. As we navigate an increasingly #digital world, the stakes have never been higher: ✅ #Cyberthreats are evolving faster than ever. ✅ Businesses are under pressure to protect data and systems without compromising innovation. ✅ #Leadership is called upon to make cybersecurity a cornerstone of #businessresilience. 𝗧𝗵𝗲 𝗾𝘂𝗲𝘀𝘁𝗶𝗼𝗻 𝘄𝗲 𝗺𝘂𝘀𝘁 𝗮𝗹𝗹 𝗮𝘀𝗸 𝗼𝘂𝗿𝘀𝗲𝗹𝘃𝗲𝘀 𝗶𝘀 𝘁𝗵𝗶𝘀: 💡 Are we prepared for the next wave of cyber threats or merely reacting to yesterday's challenges? 2024 presents an opportunity to rethink strategies, build stronger defenses, and foster a culture of cybersecurity awareness across all levels. It’s a call to action for leaders, teams, and individuals. What steps are you taking to ensure your organization stays ahead? Let’s start the conversation. Drop your thoughts in the comments! Referral Links:- 1. https://lnkd.in/gwaqmtNZ 2. https://lnkd.in/g85KGjZP 3. https://lnkd.in/dVQbrCP 4. https://lnkd.in/gJdkxbus.

"AI-driven cyber attacks are coming.” - Gabby Fredkin We just kicked off #SecurityEdge with Gabby Fredkin, Head of Insights & Analytics at ADAPT, who revealed key insights from over 500 ADAPT surveys of the region’s top CIOs, CISOs, CTOs, and Heads of Data and Digital—leaders responsible for over 40% of Australia’s GDP. Here are some key takeaways from his session: 📊 𝐓𝐨𝐩 𝐜𝐲𝐛𝐞𝐫 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐜𝐨𝐧𝐜𝐞𝐫𝐧𝐬  Phishing and socially engineered attacks rank as the #1 concern for CISOs, followed by data security risks and third-party risks. 🚀 𝐏𝐫𝐨𝐚𝐜𝐭𝐢𝐯𝐞 𝐜𝐲𝐛𝐞𝐫 𝐜𝐮𝐥𝐭𝐮𝐫𝐞  Companies with a proactive cyber culture are 2.2x more likely to align cyber and business resilience, and 2.3x more likely to achieve cyber resilience. ⚖️ 𝐂𝐲𝐛𝐞𝐫 𝐫𝐞𝐬𝐢𝐥𝐢𝐞𝐧𝐜𝐞 𝐛𝐞𝐧𝐞𝐟𝐢𝐭𝐬  Cyber-resilient organisations are: ▪1.8x better at avoiding data breaches  ▪2.6x better at balancing privacy with customer experience  ▪1.6x better at detection and response    🎉 𝐂𝐲𝐛𝐞𝐫 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐰𝐢𝐧𝐬   ▪79% of CISOs surveyed in 2024 now have a proactive relationship with their executive leadership teams ▪We've doubled our maturity in implementing standardised controls to stop AI data leakage. Follow along for more insights throughout the day with #SecurityEdge #CyberResilience #AIReady #DataProtection #CISO #CyberLeadership

International Fraud Awareness Week 2024: Day 2 – Cybersecurity In today’s disruptive world, organizational leaders face many challenges, from sustaining growth to navigating emerging technologies and talent acquisition and retention. 💻 Dive deep into the key cyber considerations and uncover the actions organisations can take as they seek to accelerate recovery times, reduce the impact of incidents on employees, customers, and partners and aim to ensure their security plans enable — rather than expose — the business. #cybersecurity #KPMGForensic #fraudweek #AntiFrau #KPMGMexico Know more here: https://lnkd.in/eRZBX3B9

Fear, uncertainty, and doubt plague our cybersecurity industry, often used by vendors and leaders to assert their programs and expertise. The biggest issue is how after serious incidents, many jump on the bandwagon to share lessons—always with hindsight clarity. We need a shift in mindset. It shouldn't be this way. We must be pragmatic and results-oriented rather than just focusing on broad goals. Collaboration is key to pushing each other toward better cybersecurity solutions. The real focus should be on addressing broken business processes, raising cyber hygiene standards, and improving operational resilience. Security must be seen as a quality measure, as noted by Greg van der Gaast, rather than relying on elusive silver bullet solutions. Be the change our industry needs. Collaborate, improve, and elevate. The old way isn't working. Discuss and share your ideas in the comments, likes, and shares. #CyberSecurity #Collaboration #CyberHygiene #OperationalResilience #FearUncertaintyDoubt #GregVanderGras #QualityMeasure #PragmaticApproach #ResultsOriented #CyberSolutions

FYI…. Not really much new.. poor cyber hygiene is always one, as is weak IDM, and leaky cloud security. Et al… “…. The 10 biggest issues CISOs and cyber teams face today… From escalating cyber threats to questions about resources and security’s role in the enterprise, cyber leaders are reshaping their agendas to address several key issues 1. Expanded Threat Landscape 2. Protecting a Moving Target 3. Regulatory Compliance 4. Third-Party and Supply Chain Risk 5. Increasing Personal Liability 6. Securing AI within the Enterprise 7. Protecting Against AI-Enabled Threats 8. Resource Adequacy 9. Security’s Organizational Role 10. Achieving Operational Excellence https://lnkd.in/g7eBNJbY