Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

12/10/2018
09:30 AM
Connect Directly
Twitter
RSS
E-Mail

6 CISO Resolutions for 2019

The ultimate to-do list for ambitious security leaders.
Previous
1 of 7
Next

Image Source: Pixabay

Image Source: Pixabay

The turn of the calendar page is always a great time for self-reflection. But beyond redoubling efforts around the typical life goals of working out, eating right, and taking their vitamins, next year plenty of CISOs are likely to be focused on professional goals that will help them get ahead on the job and reduce risks for their organizations. Here are a half-dozen of the most common areas we expect strong security leaders will be working on in 2019.

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Previous
1 of 7
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
TocsynX
TocsynX,
User Rank: Apprentice
12/20/2018 | 10:31:55 PM
Re: Enough, PLEASE!
Dude, see those boxes surrounding the text you are reading?

They are called "ads". The "content" is used to drag your eyes across multiple "ads" thus generating multipliers of "revenue". The multiple pages of content are called "clickbait" whether its "ooh cyber security" or "ooh what they wore to the Grammys". Its the same sh*t, sherlock.

And these things make the Internet go around, cos the "revenue" is used to pay the "writers" of "content" which is turned into more "clickbait" to drag your eyes across more "ads".

Here endeth the lesson.
ksreiter
ksreiter,
User Rank: Strategist
12/10/2018 | 1:15:02 PM
Enough, PLEASE!
This entire article could have been easily displayed on a single page - why do people insist on spreading it across multiple pages? 
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Incorporating a Prevention Mindset into Threat Detection and Response
Threat detection and response systems, by definition, are reactive because they have to wait for damage to be done before finding the attack. With a prevention-mindset, security teams can proactively anticipate the attacker's next move, rather than reacting to specific threats or trying to detect the latest techniques in real-time. The report covers areas enterprises should focus on: What positive response looks like. Improving security hygiene. Combining preventive actions with red team efforts.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-1883
PUBLISHED: 2022-05-25
SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0.
CVE-2022-21951
PUBLISHED: 2022-05-25
A Missing Encryption of Sensitive Data vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted via the network when a cluster is created from an RKE template with the CNI value overridden This issue affects:...
CVE-2022-1815
PUBLISHED: 2022-05-25
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2.
CVE-2022-29405
PUBLISHED: 2022-05-25
In Apache Archiva, any registered user can reset password for any users. This is fixed in Archiva 2.2.8
CVE-2022-29349
PUBLISHED: 2022-05-25
kkFileView v4.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the url parameter at /controller/OnlinePreviewController.java.