Apptega’s Post

🔒💼 Cybersecurity Leadership: A Balancing Act of Accountability 🔒💼 In the ever-evolving cybersecurity landscape, the recent SEC vs. SolarWinds case brings a pivotal question to the forefront: Where does the buck stop in the realm of cyber breaches? Here are some questions going through my mind... 🌐The evolving role of CISOs in strategic decision-making 🔄 The importance of fostering a culture of collective cybersecurity responsibility 🔒The implications of regulatory actions on cybersecurity leadership and governance Who is 🎯accountable versus 👥responsible? #cybersecurity #cyberresponsibility #cyberaccountability

#growthfactors: It's time to reframe our perspective on #cybersecurity and data-centric security. Rather than merely a safeguard against threats, it's increasingly becoming a catalyst for business growth. In the 2022 PwC survey, more than half of CEOs shared a forward-thinking perspective on security within their organizations. They see security in the context of growth-related objectives. Remarkably, a fifth of them declared their top mission: "to establish trust with our customers regarding how we use their data ethically and protect their data." Read more: https://lnkd.in/epJqzCZZ Why is this crucial? Because when customers believe that their personal data is treated with respect and safeguarded, they are not only more likely to remain loyal to a company but also to deepen their relationship with it. It's a testament to the fact that trust is a cornerstone of customer retention and growth. Connect with one of comforte AG's cybersecurity specialists to assist you in nurturing your business's growth: https://lnkd.in/dNgiHcCV

As businesses across verticals continue to receive more and more external pressure to demonstrate capability in their cyber resilience, the worrying pattern of CISO's being brushed off because of perceived negativity and their concerns being belittled cannot be overlooked. When 79% of CISO's say they have been pressured into downplaying the severity of an incident, it shows the size of the gap to businesses ensuring cyber is taken seriously as a true part of overall business risk. Read more here: https://bit.ly/3ynd6RW Full Trend Micro research article: https://bit.ly/3wIMN8d

At Deloitte, we understand the importance of protecting your organization against evolving cyber threats. Our Cyber solutions has been curated to provide you with a robust defense strategy in today's dynamic digital landscape. Check out our newly released Cyber portfolio! #CyberAwarenessMonth #CybersecuritySolutions #Deloitte https://shorturl.at/oNS24

That’s a wrap on day 2 of Gartner’s Security & Risk Summit. Great to catch up with industry friends doing cool things at innovative companies. Awesome to catch up Stree Naidu; super interested in XM Cyber! Always good to see established players there too, including our partner since 2016 Zscaler. Key themes today included: - more tools does not equal better protection; focus on what matters most - “gear acquisition syndrome” is endemic; it comes at the expense of simplification, and therefore, security Strive for a Minimum Effective Toolset: the fewest technologies required to observe, defend and respond to exploitations of the enterprise’s exposures. Also lots of talk and examples of #SASE and #SSE as #zerotrust rightly remains a dominant theme. When done properly, #SASE can streamline previously seperate functions and toolsets. Finally, a general reminder: Security is everybody’s responsibility in an organisation. All employees should be educated to make cyber-risk-informed decisions autonomously. #gartnersec

“On the other hand, when they are able to align cyber with business strategy, the benefits are clear,” the report continued. “Half (46%) of respondents say that when they have been able to measure the business value of their cybersecurity strategy, they’ve been viewed with more credibility.” Aligning cybersecurity to the business as opposed to being a siloed IT function is vital to securing the funding necessary for an effective risk strategy https://lnkd.in/eZ9rBBiJ

From Friday's Codebook: Cybersecurity has a domino effect problem as hundreds of organizations this year face service disruptions due to a single attack on a third-party vendor. Take the ongoing CDK Global attack. Chances are you had never heard of this company before last week. But an apparent ransomware attack targeting its systems rippled out across thousands of auto dealers in the last week, leaving many offices to turn to pen and paper to process auto repairs and car sales. This is just the latest in a series of high-profile attacks — see: Change Healthcare, Synnovis — that started by hitting one little-known company and disrupted hundreds of their customers. The problem is concentrated risk. 150 companies account for 90% of the technology products and services that global companies are using in their systems, according to research from SecurityScorecard and McKinsey & Company. More on Axios: https://lnkd.in/erTdw8pE

Did you know? 50% of organizations surveyed have faced disruptions due to cyber incidents. Now, picture the potential chaos during an M&A deal. At CybelAngel, we understand the stakes. Our M&A Cybersecurity Due Diligence Assessment goes beyond the basics to protect your investments and future-proof your growth. Our seasoned analysts dig deep to uncover: ✅ Exposed intellectual property that could be at risk. ✅ Potential cyber threats affecting valuation and brand equity. ✅ Technical integration challenges that could pose security risks. ✅ How the target company's cyber posture measures against industry standards. Plus, you'll receive a robust list of actionable mitigation strategies to address these risks head-on. In an era where cybersecurity is non-negotiable, make sure your M&A strategies include comprehensive cyber due diligence: https://bit.ly/4a4G06v

One out of five S&P500 companies provides investors almost no detail about their #cyber program, according to a manual analysis I conducted of S&P500 proxy statements. What companies did share often amounted to very little in terms of concrete detail. Read the report below or here: https://lnkd.in/gEpcq4KZ Some takeaways: only 39 companies explicitly stated they had not suffered a material incident in [typically] the previous three years, and fewer than 1% acknowledged they had suffered a material cyber incident; only 1 in 12 companies state they align with the #NIST CSF; only 6% of companies mention a third-party risk program; and only 1 in 20 companies said that management and/or the board conducted a cyber-themed tabletop exercise to test incident response plans. My feeling is there should be some standardization of disclosures in this area to allow investors to compare businesses more easily. Governance and director expertise are a must, and an explicit statement about material incidents in a defined period would be useful - what else would you include? The previous two outputs from this research: Analysis of director-level expertise in S&P500 companies: https://lnkd.in/gFPFch_Z Analysis of board committee oversight of cyber risk: https://lnkd.in/g-9rpmQV I'd genuinely love any feedback. Feel free to DM or email me. Kavitha Mariappan Andy Brown CXO REvolutionaries #cybersecurity #SEC #NACD Zscaler

Roundtable Discussions Happening Now 💬! 1️⃣ Which behaviours increase risk and how can we measurably change them? with 🐡 Lucy Finlay, Client Delivery Director- Secure Behaviour and Analytics, Think Cyber Security Ltd 2️⃣ Mid-Market Companies shouldn't compromise on cybersecurity. SaaS Cyber is here to stay with Poppaea McDermott, Senior Threat Hunter, Detection & Response Team, WithSecure 3️⃣ Chain Reactions: Why securing your supply chain should be the centrepiece of your cybersecurity strategy with Idika Kalu, Regional Sales Manager UK & Bofin Babu, Co-Founder, CloudSEK 4️⃣ The good, the bad and the practical - Managing risk in an AI-based supply chain with Sergio Nesti, VP Third Party Risk, Panorays 5️⃣ Unifying your security strategy across hybrid environments with Josh Davies, Principal Technical Manager, Fortra's Alert Logic 6️⃣ From Z to A - Extending Zero Trust to APIs with Richard Meeus, Director of Security Technology and Strategy – EMEA, Akamai Technologies #teissLondon2024 #roundtable #ciso #reslience #infosecurity