In the leadership and communications section, Fake CISO Profiles on LinkedIn Target Fortune 500s, Cybersecurity Executive Communication and importance of Metrics, Tips for developing cybersecurity leadership talent, and more!
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network of fake CISOs or what their intentions may be. But the fabricated LinkedIn identities are confusing search engine results for CISO roles at major companies, and they are being indexed as gospel by various downstream data-scraping sources.
The goals of the government’s zero trust push are familiar to chief information security officers (CISOs) steeped in the details of zero trust:
- End reliance on securing perimeter defenses. Clear perimeters no longer exist for most organizations thanks to remote work, cloud computing, mobile devices and the Internet of Things.
- Make sure both access for authorized parties and security aren’t tied to location. That means insiders aren’t automatically allowed and outsiders aren’t automatically excluded.
Gaining access to one resource doesn’t mean other lateral resources open up without further authorization.
- Other elements include strong data encryption, increased centralized visibility into who is accessing what and improved cybersecurity practices across the board.
The White House published a memo requiring agencies to comply with guidance from the Office of Management and Budget (OMB) which aims to improve software supply chain integrity and security.
Signed by OMB Director Shalanda Young, the memo builds on Executive Order (EO) 14028, Improving the Nation’s Cybersecurity from May 2021, which is focused on the security and integrity of the software supply chain.
The recent memo, published on September 14, requires each federal agency to comply with the NIST guidance when using third-party software on the agency’s information systems or otherwise affecting the agency’s information.
When you’re at your wit’s end with a challenging colleague and it feels like you’ve tried everything, well-meaning friends and coworkers may tell you to “just ignore it” or to “suck it up” and move on with your life. But suppressing our emotions rarely helps. In this piece, the author outlines four tactics that are tempting to try — but often backfire — when dealing with a difficult colleague. Another one to avoid: waiting to see if your difficult colleague will just leave on their own. Your dream that they’ll walk out the door may come true, but there’s no guarantee that the culture will shift or that you’ll get along with their replacement. Ultimately you’re better off trying to create a workable situation with your colleague now. And remember: even small improvements can make a big difference.
Co-founder & CTO at Cysense
Executive Director at RM-ISAO
Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element
In the leadership and communications section, The Sacrificial CISO heralds a new age for cybersecurity, To Coach Leaders, Ask the Right Questions, How to Handle Criticism Gracefully: 12 Pro Tips, and more!
Todd Fitzgerald, author of CISO Compass and host of CISO Stories, joins BSW to share his top leadership lessons from the first 100 episodes of CISO Stories. Todd interviews CISOs and gains insights into their challenges and how they are solving them. Don't miss this recap!
Are you a Small or Medium Business (SMB) or a Large Business grappling with infosec challenges? Dane moved from a large, well-funded organization to a smaller organization which accelerated global business growth during his tenure! Join us as we discuss these differences and how to adapt to the different environments.
To view the article from th...