Latest news with #CISO
National Post
3 days ago
- Business
- National Post
Wasabi Technologies Achieves ISO/IEC 27001 Certification
Article content Global security certification affirms Wasabi's commitment to high-performance, affordable cloud storage with zero compromise Article content BOSTON — Wasabi Technologies, the hot cloud storage company, today announced its achievement of ISO/IEC 27001 certification – the global standard for information security management systems. This milestone reinforces Wasabi's position as the trusted choice for enterprises demanding uncompromising data protection alongside breakthrough performance and cost efficiency. Article content As data breaches cost organizations an average of $4.88 million globally according to IBM, Wasabi's certification provides CISOs and IT leaders with the assurance they need to accelerate cloud migration strategies without compromising security posture. The internationally recognized ISO/IEC 27001 certification ensures Wasabi's security architecture is robust and protects petabytes of mission-critical data across healthcare, education, government, financial services and media sectors globally. Article content 'ISO/IEC 27001 isn't just a check-the-box exercise for Wasabi. It's about proactively helping our customers navigate a difficult cyber threat and compliance landscape,' said David Friend, co-founder and CEO of Wasabi Technologies. 'While other cloud providers force customers to choose between security, performance, and affordability, we deliver all three without compromise. This certification complements our data center operators' existing ISO 27001 certifications, meaning our customers benefit from a fully certified storage stack from infrastructure to application layer.' Article content Why This Matters for Public and Private Sector Organizations Article content Wasabi's ISO 27001 certification provides peace of mind for IT security leaders concerned with securing sensitive data: Article content Regulatory compliance made simple: Automatic alignment with a global regulatory framework. Risk mitigation: Comprehensive threat detection and response protocols that protect against evolving cyber threats. Audit readiness: Built-in documentation and monitoring that streamlines compliance reporting Zero-Trust Architecture: Advanced encryption and access controls that secure data at rest and in transit. Beyond certification: Wasabi's immutable storage and multi-user authentication guard against ransomware threats. Article content About Wasabi Technologies Article content Recognized as one of the technology industry's fastest growing companies, Wasabi is on a mission to store the world's data by making cloud storage affordable, predictable and secure. With Wasabi, visionary companies gain the freedom to use their data whenever they like without being hit with unpredictable fees or vendor lock-in. Instead, they're free to build best-of-breed solutions with the industry's fastest-growing ecosystem of independent cloud application partners. Customers and partners all over the world trust Wasabi to help them put their data to work so they can unlock their full potential. Visit to learn more. Article content Article content Article content Article content Article content Article content
The Independent
3 days ago
- Business
- The Independent
The AI revolution that's quietly transforming cyber-security operations
Sekoia is a Business Reporter client How artificial intelligence is rescuing overwhelmed security teams from alert fatigue – and why your organisation needs to pay attention. In the windowless rooms of corporate security operations centres across Britain, a quiet revolution is taking place. Where analysts once drowned in thousands of daily alerts – 99 per cent of them false alarms – artificial intelligence is now stepping in to separate genuine threats from digital noise. The numbers tell a stark story: the average security operations centre (SOC) processes over 10,000 alerts daily, yet fewer than 100 represent real threats. Meanwhile, the UK faces a cyber-security skills shortage of 2.9 million professionals, leaving existing teams stretched beyond breaking point. When human expertise meets machine speed 'We were haemorrhaging talent,' admits one CISO at a Fortune 500 Group. 'Brilliant analysts were leaving because they spent 80 per cent of their time chasing false positives rather than hunting real threats.' His team's transformation began 18 months ago with AI-driven SOC technology. Today, instead of manually sifting through thousands of alerts, his analysts receive just 10-15 high-priority cases daily – each one enriched with context, threat intelligence and recommended actions. The change has been dramatic. Response times have dropped from hours to minutes, while job satisfaction scores have soared. 'Our people are finally doing what they trained for. Strategic threat hunting, not digital paperwork.' The SMB paradox: enterprise threats, startup budgets The challenge isn't limited to large corporations. Small and medium-sized businesses face the same sophisticated threats but lack the resources for dedicated security teams. Recent data shows 60 per cent of SMBs that suffer a cyber-attack go out of business within six months. Stark reality: Sixty per cent of SMBs that suffer a cyber-attack go out of business within six months (Sekoia) Enter the partnership model that's reshaping the industry and democratising cyber-security. Managed security service providers (MSSPs) are now leveraging enterprise-grade AI-powered SOC platforms to offer Fortune 500-level protection to companies with fewer than 100 employees. 'With Sekoia's AI-SOC platform, we've built a scalable and efficient model in France. We are now ready to replicate this success across Southern Europe to protect local businesses from all types of cyber-threats,' said Romain Queïnnec, Director Southern Europe at Orange Cyberdefense. Beyond human versus machine: the collaboration model Contrary to headlines about AI replacing jobs, the most successful implementations put humans firmly in control. AI agents handle routine tasks – isolating infected devices, gathering forensic evidence, updating tickets – while analysts focus on strategic decisions and complex investigations. The technology learns continuously from human feedback. When analysts mark alerts as false positives or adjust detection rules, the AI adapts, becoming more accurate over time. It's less robot takeover, more digital apprentice. The business case: numbers that matter Early adopters are seeing remarkable results: A 70 per cent reduction in false positive alerts 60 per cent faster incident response times A 40 per cent decrease in analyst burnout rates ROI typically achieved within 12 months For CISOs facing budget pressures, these aren't just operational improvements – they're survival metrics in an increasingly hostile digital landscape. Ready to transform your SOC operations? Download comprehensive AI-Driven SOC whitepaper for practical implementation frameworks and real-world case studies. Time to act: Cyber-criminals are already using AI to accelerate their attacks, creating more sophisticated phishing campaigns and automating vulnerability exploitation (Sekoia) Racing against time The urgency is real. Cyber-criminals are already using AI to accelerate their attacks, creating more sophisticated phishing campaigns and automating vulnerability exploitation. Organisations that don't modernise their defences risk being left behind. 'The question isn't whether to adopt AI in your SOC,' warns a cybersecurity researcher in a major academic institution. 'It's whether you'll do it before or after a major breach forces your hand.' Looking forward: the 24/7 digital guardian The vision emerging from industry leaders is compelling: SOCs that operate continuously without human exhaustion, scaling automatically during attacks and freeing security professionals to focus on strategic initiatives such as risk assessments and proactive threat hunting. For organisations ready to explore this transformation, the first step is understanding how AI-native platforms can integrate with existing security infrastructure while maintaining the human oversight that remains crucial for complex threat analysis. The cyber-security landscape is evolving rapidly. To learn more about implementing AI-driven SOC operations and access detailed implementation guidance, security leaders can download comprehensive AI-Driven SOC whitepaper , which provides practical frameworks for modernising security operations while maintaining strategic human oversight.
Forbes
3 days ago
- Business
- Forbes
The Challenge Of Integrating Security With Business Risk
Steve Carter is CEO and co-founder of Nucleus Security. Today's chief information security officers (CISOs) have a much different role to play than their predecessors. Modern CISOs—no longer just gatekeepers of firewalls and threat feeds—are expected to operate as technical experts and strategic leaders. Yet, many CISOs struggle to live up to this expectation. In an ideal scenario, the CISO bridges the gap between technical teams and executive management, ensuring the security program aligns with the organization's more significant goals. But what often happens is that CISOs become distant bureaucrats in their quest to function as strategic leaders, and that distance can lead to oversimplified assumptions and reliance on shiny technology "fixes" to large-scale problems. Let's examine these challenges and how CISOs can build cohesive, risk-informed security programs. In a bid to find that one security solution that will fix it all, many organizations have a "buy more tools" mindset. Over the past decade, this has led to a patchwork of best-of-breed solutions: an endpoint detection and response (EDR) tool here, a vulnerability scanner there—and these days, some kind of magic ticket AI solution—yet, no unifying blueprint for how each tool supports business objectives. The CISO, who should translate corporate goals into a cohesive security strategy, is often too busy or too far removed to enforce that vision. Without tying these investments back to a genuine risk model—something that weighs not just IT threats but also potential operational disruptions—a company might end up with overlapping solutions that do little to reduce material risk. This lack of direction is one reason CISO tenures can be short. If leadership sees big spending with unclear results, they'll question the CISO's effectiveness. Another barrier is executives' tendency to view digital security as an "IT problem." Meanwhile, they understand and invest in preventing more tangible risks like natural disasters, supply chain disruptions or legal liabilities. The truth is that a major cybersecurity incident can be just as damaging to brand reputation, operational continuity and regulatory standing as an earthquake or a missed earnings target. The problem here is that CISOs rarely own the company's overall risk portfolio. Their purview is typically confined to cyber risk, which leaves them isolated from broader risk conversations handled by CFOs, COOs or legal teams. This siloed setup makes it difficult to compare the chance of a ransomware attack paralyzing operations to the odds of a 7.0 earthquake hitting an office in Los Angeles. Until CISOs can align cyber concerns with the company's full-risk appetite, cybersecurity will remain an afterthought rather than an integrated business consideration. Why don't more organizations treat cyber threats as seriously as other hazards? In large part, it's because measuring cyber risk is notoriously difficult. Frameworks like Factor Analysis of Information Risk (FAIR) offer a structured way to estimate potential financial losses, but the data is often incomplete. Unlike insurance industries with actuarial tables dating back decades, cybersecurity lacks the same wealth of historical, standardized metrics. Often, CISOs must make educated guesses about the frequency and impact of digital threats, which can undermine their credibility in front of the board. Meanwhile, the rest of the company uses more concrete models for traditional risks. That disconnect leads many to relegate cybersecurity to vague line items. In practice, though, a single breach can balloon into a massive financial and reputational crisis. Ultimately, the biggest frustration for many CISOs is the struggle to integrate security programs with business goals. They need to translate corporate objectives into a workable security plan, complete with threat modeling, risk appetite definitions and ongoing assessments. But what does the translation layer look like for all these technical aspects in relation to business risk? A lot of it still revolves around just spending money on tools without a solid strategy. CISOs should look to partner with finance, legal and operations leaders to encourage stronger collaboration in identifying and prioritizing risks across the organization. This can help ensure cybersecurity becomes a shared responsibility rather than an isolated IT issue. Amid an ever-expanding threat landscape and constantly shifting priorities, CISOs must balance strategy, risk management and daily operations, not to mention budgeting and technology investments. It's a big job, made more difficult by the intangible, hard-to-quantify nature of cyber risk. To succeed, modern CISOs must ensure security investments align with business goals, better quantify cyber risk and embrace collaboration with other business leaders to ensure cybersecurity is prioritized with other business risks. If they can do this effectively, CISOs can evolve from reactive gatekeepers to proactive enablers of overall business resilience. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Business Wire
4 days ago
- Business
- Business Wire
" The Davos of Cybersecurity": Team8's CISO Village Summit 2025 Gathers Cybersecurity Leaders from the NSA, Google, Checkpoint, Wiz, and more to Redefine Defense and Resilience in the Age of AI
NEW YORK--(BUSINESS WIRE)--Last week, Team8, a global venture fund that builds and invests in companies across cybersecurity, data, AI, fintech, and digital health, as well as at their intersections, hosted its flagship CISO Village Summit 2025. The immersive five-day gathering in Miami and the Florida Keys brought together more than 100 out of the 600-strong CISO village representing the most influential companies in the world Under the theme 'Cyber Resilience at Machine Speed: AI as Your Force Multiplier' this year's summit explored the rapidly changing cybersecurity landscape amid the rise of generative AI and autonomous technologies, examining how artificial intelligence is transforming both the nature of threats, the defenses built to counter them and the tantamount important of the people and communities behind them. Known as the 'Davos of Cybersecurity,' the CISO Village Summit featured a curated lineup of thought leaders, public officials, and industry pioneers, including: Anne Neuberger, former Deputy National Security Advisor for Cyber and Emerging Technology ; Nadav Zafrir, CEO of Check Point and Team8 Co-Founder; Ami Luttwak, CTO and Co-Founder of Wiz; Admiral Mike Rogers, former NSA Director and Team8 Operating Partner; Phil Venables, Former CISO of Google Cloud; Rich Baich, CISO at AT&T Marene Allison, former CISO of Johnson & Johnson; Jason Clinton, CISO of Anthropic; Dylan Patel, CEO of SemiAnalysis A key highlight was the 3rd annual CISO Village Choice Awards, held in partnership with Discount Bank and IDB Bank. Fifteen emerging cybersecurity startups showcased to their solutions to a highly engaged audience of global security executives. Charm Security won the Best Innovation Award, followed by Orchid Security as runner-up. Fig Security took home the Best Performance Award, with Astelia named runner-up. Notably, previous winners such as Dig Security (acquired by Palo Alto Networks) and Nagomi Security have achieved significant industry milestones. Departing from the traditional conference model, the summit was designed to break down silos, both technical and organizational. Through war-room simulations, candid 'unconference' debates, and hands-on threat modeling, participants were encouraged to confront today's biggest challenges in real time. Just as important were the wellness and connection experiences: mornings began with run clubs, floating meditation, and breathwork, while days and evenings included keynotes from 4-Time Olympic gold medalist Anthony Ervin and Leadership Expert David Mead, alongside intimate dinners. In one case, a participant at the end of the Summit added that 'I feel like I was lost and found my people.' The significance of the theme in this moment in time was particularly poignant: "Speed is the defining challenge in security today. Historically, back to the '90s and 2000s, we had traditional infrastructure and the risks associated with it. Then came the cloud, and the time it took to address cloud-related issues started to shrink. Now we're in the age of AI, and that timeframe is shrinking even more. Our ability to embrace AI, to think ahead and find innovative ways to reduce that speed is going to be critical." - Rich Baich, CISO at AT&T Liran Grinberg, Team8 Co-founder & Managing Partner and Amir Zilberstien, Team8 Managing Partner spoke on the power of the summit and said, 'While the summit was a resounding success, the recent tragic events in Israel are a reminder of how critical it is for global leaders to build resilience in the face of escalating threats, both digital and physical. The greatest cybersecurity risk today is isolation, when defenders are left disconnected from one another, the technology, and the communities they serve, falters. This summit is designed to give them the platform, perspective, and global community they need to lead at machine speed.'
Forbes
4 days ago
- Business
- Forbes
Securing Digital Transformation: An Imperative For Business Success
Chaim Mazal is the Chief Security Officer at Gigamon. Digital transformation didn't just surge during Covid—it's become a fundamental and continuous process for organizations seeking to remain relevant in today's dynamic business landscape. Companies need to adapt and evolve in real time, and the majority of them are firmly in the midst of this transition right now. In 2025, the adoption rate continues, with over 94% of organizations engaging in various digital initiatives, emphasizing the pervasive nature of digitization across all industries. Despite prioritizing the adoption of new technology to drive these transformations, 58% of organizations still face weekly disruptions due to flaws in their legacy systems, with 8 in 10 organizations struggling to keep up with the pace of change. Amid these challenges, security solutions can be perceived as adding another layer of complexity. However, now is the time to underscore how security programs can move beyond risk mitigation to become a proactive driver of digital transformation. This requires a shift in mindset throughout organizations, including redefining the approach to successful digital transformation, reassessing the role of security in this process and ensuring that CISOs align security goals more closely with business objectives. From a practical standpoint, digital transformation requires every company, regardless of its traditional industry, to function like a software development entity to maintain competitiveness. This involves the modernization of technology, including the migration to public and private clouds. Yet, many companies have shifted to the cloud without first developing a deep understanding of their data landscape, i.e., the volume, sensitivity, regulatory requirements and access patterns. Some might advocate for an "all-in" approach to cloud migration; however, what if, at the end, they discover the migration isn't the right fit? Not all clouds are created equal, which adds a layer of complexity—some excel in data, some in product and some on the enterprise backend. As such, it is crucial for companies to have an overarching cloud adoption strategy with checkpoints and evaluations, rather than waiting until the end of a long migration to realize it's not suitable. This includes implementing a comprehensive plan for how different cloud environments will work together, including the orchestration needed to integrate and automate processes. Keeping security in mind at every step can act as a conduit to success. Adopting a "security-first" mentality is paramount for organizations on their digital transformation journey. Key principles of IT security, such as control and repeatability, can drive the implementation of scalable and repeatable software solutions that ultimately benefit the entire business. This fosters more controlled and standardized environments by requiring organizations to establish secure foundations during the initial phases of modernization. We see this specifically within DevSecOps, which integrates security throughout the software development lifecycle. It also helps prioritize which systems or applications need to be modernized first based on factors like criticality and vulnerability. For example, during cloud migration, security teams need to establish identity and access management, data encryption and network security configurations for those specific applications before moving on to others. Complete visibility into all data in motion is also crucial. When combining network-derived telemetry (packets, flows, metadata) with MELT (metric, event, log and trace) data, organizations gain the deep observability of today's complex environments. It provides comprehensive, real-time insights into hybrid cloud infrastructure and all the diverse categories of assets an organization can have. Overall, this enhances security coverage while enabling more accurate and informed business decisions. However, it's imperative that CISOs be able to showcase how the intersection of security and business success can yield better results for all stakeholders. By aligning security objectives with business goals, CISOs can position security as a value center rather than a cost center. They do so by showcasing how security efforts contribute to tangible business outcomes, such as cost savings, efficiency gains and improved scalability. For CISOs looking to expand their influence across the board and demonstrate value beyond traditional security, I recommend the following key tips: • Drive value with numbers. Aim to present the executive team with concrete data and clear evidence of the value generated by security initiatives. For example, legacy systems require continuous upkeep to patch and upgrade. That said, by building security automation into new platforms, teams can save hours a week, allowing organizations to reinvest that time into innovation, product improvements and other revenue-driving activities. • Showcase security's role in contract renewals. Highlight to the board how security expertise can be applied to broader business challenges that can typically hinder contract renewals. For example, enhancing processes through stronger security controls illustrates how security measures (like identity and access management) can lead to improved data accuracy, better business intelligence and the prevention of revenue loss. • Establish ongoing communication with the board. Provide regular updates on security improvements and their impact on the organization. This is critical for maintaining the board's support and emphasizes the value of security investments. Even brief, biannual updates can highlight the positive impact of security initiatives across various parts of the business. Securing digital transformation is not only about mitigating risks, but it is also about enabling business agility, efficiency and growth. By adopting a business-aligned security posture, CISOs can transform security into a vital value driver, ensuring an organization's continued success in its digital transformation. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
