Latest news with #CISO
Business Insider
2 days ago
- Business
- Business Insider
CISO Global files $100M mixed securities shelf
16:49 EDT CISO Global (CISO) files $100M mixed securities shelf Confident Investing Starts Here: Easily unpack a company's performance with TipRanks' new KPI Data for smart investment decisions Receive undervalued, market resilient stocks right to your inbox with TipRanks' Smart Value Newsletter Published first on TheFly – the ultimate source for real-time, market-moving breaking financial news. Try Now>>
Business Insider
2 days ago
- Business
- Business Insider
Microsoft transfers a top cybersecurity executive out of the company's security group, internal memo shows
Microsoft transferred its chief information security officer out of the company's security organization, in a move that hints at the growing importance of artificial intelligence at the software giant. As CISO, Igor Tsyganskiy, is responsible for securing Microsoft's own business, and setting cybersecurity standards across the company. He will now report to EVP Scott Guthrie, who runs Microsoft's Cloud + AI group. This is the organization that runs important business like Microsoft's Azure cloud and the teams that help OpenAI and other AI companies develop and run giant AI models and chatbots in the cloud. "As we continue to navigate increasingly complex global threats, the CISO team plays a critical role in safeguarding Microsoft, the Microsoft Cloud, and our customers," Guthrie wrote in the recent memo. "They are our first line of defense, and drive our services, products, platforms, and operations to be secure by design and secure by default." Tsyganskiy previously reported to the head of the Security group, Charlie Bell, who oversees all of Microsoft's security and compliance, according to a memo viewed by Business Insider. This is an illustration of how important AI is becoming to Microsoft. Spokesman Frank Shaw said the move gets Tsyganskiy's organization closer to the systems it helps protect. "The CISO organization is focused on protecting Microsoft and our customers and being customer zero for our security products," Shaw said. "Moving the team to Cloud + AI puts them closer to the engineering systems they secure, deepens integration with platform development, and strengthens our ability to see and stop emerging threats." Tsyganskiy's team will continue working closely with Microsoft Security "to ensure our solutions reflect real-world enterprise needs," Shaw added. The move is also the latest change in Microsoft's approach to security after some high-profile challenges in recent years. Microsoft recruited Bell from Amazon to run a new cybersecurity organization in 2022, but the company has still had struggles. The Department of Homeland Security last year condemned Microsoft for what it called "a cascade of security failures" that allowed Chinese hackers to access emails from thousands of customers. Microsoft expanded its Secure Future Initiative last year, making security the top priority for every employee, including adding making security a metric on which employees are evaluated during performance reviews. Tsyganskiy became Microsoft's CISO in January 2024. Bell praised him in an internal memo viewed by BI at the time, saying he was a "technologist and dynamic leader with a storied career in high-scale/high-security, demanding environments."
Forbes
4 days ago
- Business
- Forbes
Securing SaaS In The Age Of AI: What CISOs Need To Know
Galit Lubetzky Sharon was Head of the Stategic Center of the IDF's Cyber Defense Division and is now the Co-Founder & CEO of Wing Security. AI is everywhere. It's driving productivity, accelerating workflows and powering SaaS for every department. But while AI tools are making life easier for teams, they are also creating new opportunities for cybersecurity attacks. The unpleasant truth is that the security implications of AI are growing fast. CISOs and security teams need to understand where these risks are emerging and get ahead of them fast. Shadow AI is the new shadow IT. AI-powered apps are entering your SaaS stack often without approval from your security team. Tools that seem harmless, such as writing assistants, meeting notetakers or document summarizers, can plug directly into your SaaS environment and access sensitive data. Some of these tools request broad access to emails, file storage or chat platforms. Others quietly collect user inputs. If they are operating outside of monitored processes, they increase your organization's exposure, and you won't even know about it. Make sure you know if the apps in your stack utilize AI and understand the potential risks of that exposure. AI integrations can go from access to exploitation. AI tools often require deep access to functions, including admin-level permissions, API keys or OAuth tokens. Once granted, this access is hard to track and even harder to revoke. If a connected AI tool is compromised, the attacker also inherits its permissions. A single compromised integration can become a foothold into your SaaS ecosystem and allow attackers to move laterally from there. This is why it's so important to be aware of the permissions granted to AI apps and monitor to ensure those permissions are removed when no longer needed. Weak privacy laws create long-term exposure. AI privacy regulations are still evolving in many regions. As a result, vendors have broad leeway in how they collect, process and store your company's data. Without strong legal protections or vendor transparency, sensitive internal information shared with AI tools can end up being stored, reused or even incorporated into the training datasets of your competitors. This means your product road map, brand terminology or financial models could become part of someone else's model training process. It's important to assess the data policy of your AI vendor to make sure it aligns with your company policy. AI is helping attackers move faster. On top of the risks discussed above, attackers are also using AI to scale and enhance their attacks. From tailored phishing emails to automating credential stuffing across multiple platforms, AI has lowered the barrier for launching large-scale identity-based attacks and increased their success rate. These attacks are more efficient, are harder to detect and often mimic legitimate activity with alarming accuracy. What used to be one-off attacks can now be executed at scale with minimal effort. So, the same way that AI is accelerating your work, it is accelerating breaches. There is no time to wait for an airtight security policy around AI. The time to implement strategies and tools is now. Can you have safe AI in your organization? AI adoption is not slowing down, and simply avoiding AI is not realistic and not the goal. What you can do is focus on visibility, control and consistent enforcement. You can only secure what you can see. Identify all AI-powered tools in use across your organization, including embedded features and third-party integrations. A strong SaaS security posture management (SSPM) solution can help uncover what might otherwise go undetected. AI tools often request more access than they actually need to serve their intended purpose. Review access scopes closely and apply least privilege policies. Pay attention to any tool requesting access to documents, calendars, messaging platforms or admin-level functions. When in doubt, reject. Most employees want to do the right thing but might not understand the risks. Provide practical, easy-to-follow guidelines and provide training. Do not assume that employees are reading memos or organization-wide emails. Any tool that processes your company's data is a vendor and should be vetted accordingly. This means conducting risk assessments, reviewing how data is handled and requiring security controls and adherence to compliance standards. Achieve a safe AI reality. With AI, the risks are getting more complex, but SaaS security can still be controlled. My advice is not to fear AI, but to approach it with a clear strategy. By understanding the risks, establishing clear policies and implementing the right tools, you can enable productivity and innovation without compromising on your security. The threat landscape is changing. Is your SaaS security agile enough to change with it? Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Forbes
4 days ago
- Business
- Forbes
5 Mental Models For CISOs To Sharpen Their Cybersecurity Strategy
Dr. Aleksandr Yampolskiy, Co-Founder and CEO of SecurityScorecard, is a globally recognized cybersecurity innovator, leader and expert. As a competitive chess player, I've learned that success comes from recognizing patterns quickly. You centralize your king in the endgame, but never during the opening. You don't spread your queen too thin by making her guard too many pieces at once. The same principle guides the best chief information security officers (CISOs) I've interviewed at Fortune 1000 companies. They lean on mental models—simple frameworks that turn complex situations into clear decisions. Here are five mental models I've found CISOs can immediately use to sharpen their decision making: 1. Pre-Mortem And Pre-Parade Work backward from outcomes. In a pre-mortem, imagine your security strategy has failed spectacularly. Was it a breach? Budget cuts? A leadership shake-up? Identify what specifically went wrong in these scenarios: Did patching cadence falter while you addressed other priorities? Did your boardroom lose confidence in your abilities? Why? Now proactively address those issues and inoculate yourself. Pre-mortems can help you and your teams find blind spots before reality does it for you. Don't stop at imagining worst-case scenarios; imagine your wins, too. A pre-parade involves imagining great success—perhaps you've just been promoted, or your team successfully shortened the time it takes your organization to detect a cybersecurity incident. Maybe you and your team are surpassing your vulnerability management goals. What did you do right? Which teams collaborated seamlessly, and what steps did it take to get there? Identify the key components of success and break it down into specific steps you need to take over the next 10, 30, 60 and 90 days to make that vision a reality. 2. 5x5x5 Experimentation If you knew precisely what would work, you'd already be doing it. Good ideas and bad ideas can look very similar in the beginning, and you can't tell them apart until you test them. The 5x5x5 framework by Mike Schrage is a fast, effective way to experiment without risk. It's radically simple and, if done right, it could have an immediate and profound effect on your team's direction. Start by launching experiments that meet three requirements: 1. Five people 2. $5,000 3. Five days Instead of overanalyzing or running 100 miles per hour in the wrong direction, test quickly and incrementally. If your IT team isn't fixing vulnerabilities fast enough, try five simple, testable solutions within a week. Offer small bonuses or alert management when tickets exceed the service level agreement (SLA). Focus on speed, learning and iteration—not perfection. 3. Local Maximum Versus Global Maximum Excelling as a CISO means more than just working toward your local maximum (in this case, securing the organization). You must also ask how you can deliver a global maximum: broader business value. Think like a CEO and do both. Can you create a security trust center to streamline your sales team and security contract reviews? You could make your security ratings a selling point for consumers, not just a metric. Could automating third-party risk reviews reduce costs? Good CISOs protect business, but great CISOs grow it. If you're not tying security to revenue generation, customer trust or speed of execution, you're likely thinking too small. 4. Semaphore (Red/Yellow/Green) Parallel key performance indicators (KPIs) and objective measures to the colors of traffic lights to understand your true progress on security metrics. Too many teams live in the land of "all green," where everything is fine. But that's not visibility—that's denial. Encourage your teams to highlight areas for improvement that may fall in the yellow or red categories to stress-test your current approach. Quantify security decisions using clear metrics for every program, from access reviews to vulnerability management. Clearly identify costs, risk reduction and improvement over time. Security ratings can serve as a useful barometer for benchmarking against your industry peers—and can help highlight when an "all green" assessment is masking risk. 5. Domino Effect Prevention The domino effect prevention model suggests accidents result from interconnected events, each like a falling domino that sets off the next. Remove one domino, and you prevent the cascade before it even begins. To make this framework work, be proactive and resilient. Deploy an enterprise secure browser to stop phishing at the source, implement supply chain detection and response (SCDR) to continuously monitor vendors for security risks and invest in endpoint protection solutions like CrowdStrike or SentinelOne. Focus on stopping threats before they trigger the chain reaction. Don't Wait For Checkmate Leadership in cybersecurity is about thinking clearly under pressure and planning to prevent a crisis before it hits. These models can help you cut through the noise and get razor-sharp on where you stand and where you need to be. When I became CISO at Gilt Groupe, I ran a pre-mortem and asked myself a blunt question: What would get me fired? The answer was clear—a breach that compromised credit card data and cost us our PCI DSS compliance, threatening both our reputation and our ability to process payments. That fear pushed us to redesign our entire architecture, isolating payment data in a hardened, bulletproof environment. We also implemented layered encryption so that no single person and no single point of failure could unlock access. That kind of clarity—seeing the worst-case scenario and planning backward from it—forced us to confront the unimaginable and design for it. Without that mindset, we would've never built such a resilient architecture. Just as elite chess players might recognize signs that an opponent is preparing an attack on their king and reposition their pieces in advance, cybersecurity leaders must proactively identify and eliminate blind spots before they spiral out of control. Stop reacting to what's in front of you and start seeing the board five moves ahead. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Forbes
4 days ago
- Business
- Forbes
10 Ways CISOs Can Balance AI Innovation, Resilience And Compliance
Michelle Drolet is CEO of Towerwall, a specialized cybersecurity firm focused on proactive incident preparedness and compliance services. getty The CISOs of today are becoming key strategic executives amid rapid digitization. As radical technologies like AI become entrenched, they face increasing pressure to enhance their organizations' ability to withstand new threats while managing human factors and technical vulnerabilities. The top concerns chief information security officers must balance today include: 1. Artificial Intelligence As A Double-Edged Sword Cybercriminals are using AI to automate attacks, avoid detection and be more deceptively persuasive in their social engineering campaigns. Fortunately, defensive AI systems are rapidly accelerating threat detection and prevention services with pattern recognition, anomaly detection and predictive analysis. 2. SaaS Security Risks And Shadow AI Since SaaS applications reside in the cloud, they cause a lack of visibility into what is happening to data in real time across numerous SaaS applications. Adding fuel to the fire is shadow AI, where users bring in unapproved and ungoverned AI tools to increase productivity or automate tasks. Such unauthorized applications increase the risk of making poor business decisions, potentially causing workflow disruption or regulatory problems. CISOs must advocate responsible use of AI, putting in place ethical AI governance frameworks and policies to enable the safe use of AI for business and security solutions. 3. Emphasizing Resilience Over Prevention To foster resilience, organizations should minimize delays when business processes face interruptions and ensure a swift response and recovery from security incidents. CISOs should prioritize detection, containment and recovery strategies, regularly testing them through tabletop exercises. Implementing a zero-trust framework and network micro-segmentation can restrict lateral movement while enforcing security awareness training through phishing and social engineering simulation exercises to sharpen employee vigilance. 4. Managing Third-Party Risks Managing third-party vendor risk is important because their networks can introduce security gaps that may compromise the compliance initiatives of the primary organization, even when its own defenses are robust. Attackers target these weaknesses as a means to enter the core organization. Neglecting to assess and manage these risks can lead to data breaches, supply chain disruptions, and financial losses. CISOs should establish a third-party risk management (TPRM) program to evaluate vendor risks in alignment with the organization's risk identification strategies. Ongoing monitoring of the vendor network provides real-time information regarding any changes to the vendor's security posture, allowing the organization to proactively address any issues. 5. Evolution Of Ransomware Threats Ransomware has evolved from basic encryption-based attacks to automated assaults. Double and triple extortion strategies, which threaten to not only encrypt data but also leak sensitive information, are raising the stakes. Tactics like living off the land (LOTL) and fileless ransomware allow threat actors to circumvent security controls by blending in with systems and processes already present in the victim's environment. CISOs must adopt proactive resiliency strategies, utilizing zero trust, AI-based security automation and immutable backups to mitigate ransomware attacks and ensure uninterrupted business operations. 6. Navigating Regulatory Compliance Risk The growing number of cybersecurity regulations and evolving AI governance rules are creating compliance risk. CISOs have to deal with overlapping, ever-evolving, complex regulations, as well as intricate auditing and reporting obligations. CISOs can implement governance, risk and compliance (GRC) platforms to centralize compliance tracking. Deploy third-party expertise to validate the compliance posture, avoid potential fines and penalties and minimize internal workloads. 7. Addressing IAM Challenges With Zero Trust Identity and access management—who has access to what resources—becomes more complicated as businesses continue to increase their digital presence and run in multicloud environments. Identity sprawl, or an increased number of identities—including human, machine and privileged users—contributes to the complexity. Cybercriminals are proactively attacking IAM vulnerabilities by impersonating legitimate users through sophisticated tactics. CISOs should review access control policies periodically to stay abreast of evolving threats and changes in the organizational structure. Detection systems based on AI can identify attempts to access resources in violation of set policies and detect abnormal activity. Access logs and permissions should be regularly audited and reviewed to spot and address security loopholes. 8. Bridging The Cybersecurity Skills Gap With AI involved, cybercriminals remain ahead of the curve by continuously enhancing their tactics and leveraging generative AI to accelerate sophisticated attacks. Digital transformation also expands the realm that must be managed and secured properly, putting pressure on the SOC. The skills gap in cybersecurity widens, exposing organizations because their security teams are not properly resourced. According to an IBM report, the skills gap increases the average cost of a breach by $1.76 million. CISOs should invest in security automation and AI-driven threat intelligence to complement outside consultants. Consider onboarding a temporary virtual CISO to upskill current employees. Collaborate with universities and cybersecurity groups to recruit new talent. 9. Maximizing Security ROI With Flat Budgets Even with growing cyber threats, security budgets in many organizations are static, compelling CISOs to settle for low-cost tools and accomplish more with less, saving money with tech consolidation and moving away from consoles. CISOs should see cybersecurity as a strategic investment rather than a cost center and frame it as a business enabler. 10. Convincing The Board To Value Security Even with a growing board focus on cybersecurity matters, communication gaps between security leaders and executive management persist. Technical security metrics do not resonate with board members, and the business value of security programs is hard to measure. Effective security leaders are creating better risk quantification techniques, business-focused security metrics and communication models that can effectively position security as a business enabler. The role of CISOs has moved beyond traditional security management, with AI-facilitated threats, SaaS security concerns and rising regulatory complexities dominating their agendas. By integrating security into every aspect of the business, CISOs can shift from a reactive-only posture to a strategic approach and deliver the desired business outcomes. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
