Discover and read the best of Twitter Threads about #CISO
Most recents (11)
State of the #Cloud 2023: An in-depth report on the latest trends and risks โ
#cloudsecurity #CNAPP #CISO #Engineer
Report highlights in thread ๐งต or download the full report for free here ๐
wiz.io/blog/the-top-cโฆ
#cloudsecurity #CNAPP #CISO #Engineer
Report highlights in thread ๐งต or download the full report for free here ๐
wiz.io/blog/the-top-cโฆ
โ๏ธ The responsibility of #security professionals to stay up-to-date on the state of the #cloud has never been greater.
๐ก With cloud adoption continuing to grow, it is crucial to proactively address potential threats and ensure secure deployment of solutions.
๐งต2/6
๐ก With cloud adoption continuing to grow, it is crucial to proactively address potential threats and ensure secure deployment of solutions.
๐งต2/6
โ๏ธ The number of API calls increased by 15% in #AWS, 20% in #Azure, and 45% in #GCP, leading to expanded attack surfaces.
๐จโ๐ซ 57% of companies use more than one #cloud platform, requiring greater knowledge from #cloudsecurity teams.
๐งต3/6
๐จโ๐ซ 57% of companies use more than one #cloud platform, requiring greater knowledge from #cloudsecurity teams.
๐งต3/6
Are you taking advantage of Rego's policy language for your #cloudsecurity needs?
If you're not, you need to check out these amazing resources to help get you started ๐งต๐
#CSPM #Coding #CNAPP #CISO #DevSecOps
If you're not, you need to check out these amazing resources to help get you started ๐งต๐
#CSPM #Coding #CNAPP #CISO #DevSecOps
Gettting started with Open Policy Agent (OPA) to improve your #cloudsecurity!
๐ What is OPA and why should you use Rego
๐ How to write your first OPA policy
#CSPM #Coding #CNAPP #CISO #DevSecOps
๐งต2/5
wiz.io/blog/getting-sโฆ
๐ What is OPA and why should you use Rego
๐ How to write your first OPA policy
#CSPM #Coding #CNAPP #CISO #DevSecOps
๐งต2/5
wiz.io/blog/getting-sโฆ
Step 2: Learn the basics of Rego Wiz ๐
#CSPM #Coding #CNAPP #CISO #DevSecOps
๐งต3/5
datocms-assets.com/75231/16745778โฆ
#CSPM #Coding #CNAPP #CISO #DevSecOps
๐งต3/5
datocms-assets.com/75231/16745778โฆ
15 ๐
๐๐๐ ๐๐๐ซ๐ญ๐ข๐๐ข๐๐๐ญ๐ข๐จ๐ง ๐ฉ๐ซ๐จ๐ฏ๐ข๐๐๐ ๐๐ฒ ๐ญ๐ก๐ ๐๐๐๐ (Cyber & Infrastructure Security Agency of the United States)
1. Cloud Computing Security lnkd.in/dE62kGXX
2. Cloud Security - What Leaders Need to Know lnkd.in/dDSMg7xa
1. Cloud Computing Security lnkd.in/dE62kGXX
2. Cloud Security - What Leaders Need to Know lnkd.in/dDSMg7xa
3. Cryptocurrency for Law Enforcement for the Public lnkd.in/dNkVm-4j
4. Cyber Supply Chain Risk Management for the Public lnkd.in/dxEaQA8w
5. Cyber-essentials lnkd.in/dCQr2ket
6. Donโt Wake Up to a Ransomware Attack lnkd.in/d36WV_g5
4. Cyber Supply Chain Risk Management for the Public lnkd.in/dxEaQA8w
5. Cyber-essentials lnkd.in/dCQr2ket
6. Donโt Wake Up to a Ransomware Attack lnkd.in/d36WV_g5
7. Foundations of Cybersecurity for Managers lnkd.in/dg4Ed4Gf
8. Fundamentals of Cyber Risk Management lnkd.in/dXjpdZMr
9. Introduction to Cyber Intelligence lnkd.in/dB9cgC99
10. Securing Internet-Accessible Systems lnkd.in/dv_nYHbP
8. Fundamentals of Cyber Risk Management lnkd.in/dXjpdZMr
9. Introduction to Cyber Intelligence lnkd.in/dB9cgC99
10. Securing Internet-Accessible Systems lnkd.in/dv_nYHbP
FREE #Microsoft #CISO Workshop on End-to-End Security & Strategic Guidlines
WHO should watch & What's in the Workshop?
Thread ๐งต
docs.microsoft.com/en-gb/securityโฆ
WHO should watch & What's in the Workshop?
Thread ๐งต
docs.microsoft.com/en-gb/securityโฆ
โ WHO should watch this #Workshop
The workshop is useful for #security_teams, IT teams, #business-leaders, and #cloud teams, but is primarily focused on:
โข CIO + IT Directors
โข #CISO + Security Directors
โข #Enterprise + Security Architects
The workshop is useful for #security_teams, IT teams, #business-leaders, and #cloud teams, but is primarily focused on:
โข CIO + IT Directors
โข #CISO + Security Directors
โข #Enterprise + Security Architects
โ Workshop FOCUS on - Key Context & Fundamentals discussion of
โข #Threat Enviorment and Trends
โข Roles & Responsibilities
โข Strategy & Recommended Initiatives
โข #Threat Enviorment and Trends
โข Roles & Responsibilities
โข Strategy & Recommended Initiatives
Live from #GartnerSEC | Top Trends in #Security and #RiskManagement With Gartner VP Analyst Jay Heiser.
Follow along for highlights ๐
Follow along for highlights ๐
What to expect: We'll discuss the top trends in business, market & tech that security and risk management leaders cannot afford to ignore. These trends have the potential to transform the #security ecosystem & will accelerate their adoption over the next 1-3 years. #GartnerSEC
"As security and risk management leaders, it's up to you to help the rest of the organization to make good decisions about what they are and are not going to do." We need to focus on 7 trends to do that well. #GartnerSEC
Live from #GartnerSEC | Opening Keynote | Cybersecurity 2032: Accelerating the Evolution of #Cybersecurity with Andrew Walls, Gartner Distinguished VP Analyst, and Katell Thielemann, Gartner GVP Analyst.
Follow along for highlights.
Follow along for highlights.
About this session: Gartner analysts will deliver a repeatable methodology, grounded in sci-fi prototyping, that will allow you to identify the threats, vulnerabilities, and risks that organizations will face and develop the tools to fight them.
We will map the evolution of the new cybersecurity leader over a 10-year period illustrating practical implementations of the methodology as it impacts with inventible barriers, fails, evolves, and re-emerges. #GartnerSEC
Ok... It's the time of year I treasure. @VZDBIR reading at a coffee shop. This is going to be a live thread of love for DBIR, folks like @alexcpsec and @gdbassett, footnotes, and exciting uses of data visualization. 1/x
First: @VZDBIR predictions pre-reading
- Ransomware up! Thus making intrusions up! (Shocker,Malware that tells you you are infected makes for better detection)
- Increased threat to OT (colonial)
- BEC is actually the real threat
- APTs reduced in volume but higher in impact 2/x
- Ransomware up! Thus making intrusions up! (Shocker,Malware that tells you you are infected makes for better detection)
- Increased threat to OT (colonial)
- BEC is actually the real threat
- APTs reduced in volume but higher in impact 2/x
Ahhh right off the bat. Can we just do this to begin every ppt, whitepaper, blog and conference talk? Then add definitions of Risk, Vulnerability, and Threat? Would be nice to educate.folks 3/x
๐ด ๐ฏ๐ฒ๐ต๐ฎ๐๐ถ๐ผ๐๐ฟ๐ ๐น๐ฒ๐ฎ๐ฑ๐ฒ๐ฟ๐ ๐ป๐ฒ๐ฒ๐ฑ ๐๐ผ ๐ถ๐บ๐ฝ๐ฟ๐ผ๐๐ฒ ๐ผ๐ฟ ๐๐ต๐ฒ๐ ๐๐ถ๐น๐น ๐ฝ๐๐๐ต ๐ฝ๐ฒ๐ผ๐ฝ๐น๐ฒ ๐ผ๐๐ ๐๐ต๐ฒ ๐ฑ๐ผ๐ผ๐ฟ
Poor performance by leaders on eight key behaviours pushes team members out the door @ZengerFolkman. A thread.
#CISO #Leadership
Poor performance by leaders on eight key behaviours pushes team members out the door @ZengerFolkman. A thread.
#CISO #Leadership
@ZengerFolkman research shows that the number one factor influencing people to quit their job continues to be the behaviour of their immediate supervisor or manager. This has become significantly more pronounced in the pandemic.
#CISO #Leadership
#CISO #Leadership
The worst managers (in the bottom 10%) had 49% of their direct reports thinking about quitting. Here are eight behaviours @ZengerFolkman found that cause direct reports to quit.
#CISO #Leadership
#CISO #Leadership
So what's it like to be a #CISO? I was Acting CISO of a billion-dollar crypto company for three months during the spring bull run, and am currently Deputy CISO. I'm still feeling the burnout. What mistakes did I make? What are my lessons learned? A ๐งต 1/x
#infosec #cybersecurity
#infosec #cybersecurity
As a #CISO, the stakes are high. This is not a drill. Your decisions affect the success or failure of the enterprise. Totes no pressure. 2/x
You make a *lot* of decisions as a #CISO. Mission-critical decisions based on too little information. And you make them *fast*. You're not sure what's going on, and you have to make a decision *now*. Got it? Good. 3/x
This morning, as I prepare my coffee, let me tell you a tale of a time when I was affected by the #wagegap. This oneโs a doozy.
When I first became an #infosec analyst, the #CISO had intended that I make $65k which was a fair wage for the position, region, and etc.
1/?
When I first became an #infosec analyst, the #CISO had intended that I make $65k which was a fair wage for the position, region, and etc.
1/?
The #IT management and #HR had all agree and the paperwork was printed out. The #CTO volunteered to send it to me, even though he was technically in a separate department.
Now, I didnโt know that the wage was supposed to be $65k, I wasnโt a part of these convos.
2/?
Now, I didnโt know that the wage was supposed to be $65k, I wasnโt a part of these convos.
2/?
At the time, I was just making $14 an hour on their HelpDesk knowing that I would soon be promoted and was awaiting to sign off on it.
When the CTO delivered the paperwork to me, the amount I signed off on was $45k. I even said, โHm. Seems low?โ And he didnโt say anything.
3/?
When the CTO delivered the paperwork to me, the amount I signed off on was $45k. I even said, โHm. Seems low?โ And he didnโt say anything.
3/?
As the ransomware used on Garmin did not have known weaknesses or decryptors, Garmin probably negotiated with them. They might have paid the full $10 mil though.
#cybersecurity #ransomware #security #CISO #CISOthoughts
bleepingcomputer.com/news/security/โฆ
#cybersecurity #ransomware #security #CISO #CISOthoughts
bleepingcomputer.com/news/security/โฆ
And the provided decryption software included a number of security software that would help Garmin reduce the potential of another ransomware attack.
It is always good to have a customer centric focus, and even if you are peddling malware, it still behooves you to act professionally. These malware service providers are very professional. 10/10. Would pay again. ๐๐๐
