Request A Consultation
Abstract technology digital hi tech geometric concept background.

CISO Global Blog

Subscribe to receive the latest cybersecurity news
from the CISO Blog

subscribe
  • Bridging the Gap: Aligning IT and Cybersecurity for Better Business

    Bridging the Gap: Aligning IT and Cybersecurity for Better Business

    Ryan Greyslak, Director of Secured Managed Services West When your IT and cybersecurity partner is the same firm, that roadmap is more than theoretical. It’s built into how your systems are managed day-to-day, ensuring strategy and operations always align. While cybersecurity is not just a technology problem, it’s clear that IT and cybersecurity cannot operate…

    Read More →

  • What Great IT Looks Like

    What Great IT Looks Like

    Brian Yelm, Managing Director Technology should never be an afterthought. It should accelerate efficiency, productivity, and competitive advantage. When most people think of IT, they imagine someone racing in to fix what’s broken, a downed Wi-Fi network, a crashed server, or a printer that won’t cooperate. While that’s a common perception, it’s not what great…

    Read More →

  • When Trust Becomes a Liability: The Salesloft Drift Breach and the Hidden Risk of SaaS Integrations

    When Trust Becomes a Liability: The Salesloft Drift Breach and the Hidden Risk of SaaS Integrations

    Gary Perkins, Chief Information Security Officer This was not a brute-force intrusion, the attackers persuaded or tricked systems into granting long-lived access, then quietly exploited that trust. In early August 2025, a sophisticated supply-chain cyberattack targeting Salesloft’s Drift application came to light. Salesloft, a sales engagement platform widely used to streamline communication and customer relationship…

    Read More →

  • Future of AI: What’s Next, What to Watch Out For

    Future of AI: What’s Next, What to Watch Out For

    CISO Global AI Division There’s a lot of noise right now about what AI will become. Everyone has a prediction. The hype will fade. It always does. But something useful will remain. In security, AI’s future is probably less about autonomous decision-making and more about augmentation. Triage assistance. Predictive analytics. Smarter correlation across diverse telemetry.…

    Read More →

  • Buying AI Tools? How to Cut Through Buzzwords

    Buying AI Tools? How to Cut Through Buzzwords

    CISO Global AI Division Buzzwords can’t protect you from liability. If you buy something because it sounds smart but can’t perform, that’s on you. Buying AI Tools? How to Cut Through Buzzwords The AI label is slapped on just about everything now. It’s the security equivalent of a juice cleanse. Sounds impressive, but often not…

    Read More →

  • DEF CON 2025

    DEF CON 2025

    Ferdinand Mudjialim, Pentester   Attending DEF CON this year with the CISO Global team was a blast as always, despite the searingly hot Las Vegas weather. Luckily, with the recent exodus to the Las Vegas Convention Center, it’s easy to forget that there’s an outside world in the first place. DEF CON is one of…

    Read More →

  • Role of AI in Incident Response: Hype vs. Value (Part 2)

    Role of AI in Incident Response: Hype vs. Value (Part 2)

    CISO Global AI Division AI also struggles with cost vs. benefit trade-offs. It can flag a spike in activity, but it can’t tell you whether it’s worth taking a system offline in the middle of payroll processing. In the first part on this topic, we looked at where AI genuinely helps in incident response and…

    Read More →

  • Role of AI in Incident Response: Hype vs. Value (Part 1)

    Role of AI in Incident Response: Hype vs. Value (Part 1)

    CISO Global AI Division AI won’t save you. But it might give your humans enough lift to keep up. Vendors love to pitch AI as the future of incident response. Faster. Smarter. Hands-free. But look past the slogans and you’ll find a much more grounded story. Here’s what AI is actually good at in IR:…

    Read More →

  • Ethical AI in Cybersecurity

    Ethical AI in Cybersecurity

    CISO Global AI Division Let’s get something straight: using AI isn’t ethically neutral There’s an ethical blind spot developing in cybersecurity. Everyone wants to use AI, but few stop to ask how and whether they should. That needs to change. Start with data. Are you feeding these models confidential incident reports? Internal communications? Case notes?…

    Read More →

  • Why Governance and Compliance Are Essential for Businesses in Regulated Industries

    Why Governance and Compliance Are Essential for Businesses in Regulated Industries

    Lou Morentin, VP of Compliance & Privacy Effective governance and compliance frameworks empower organizations to manage staff with clarity and consistency. As regulations grow more complex, governance and compliance are not optional but foundational pillars of a resilient, trustworthy, and well-managed organization. For businesses operating in regulated industries such as finance, healthcare, energy, and cybersecurity,…

    Read More →

  • This analysis will self-destruct…

    This analysis will self-destruct…

    Chris Clements, VP of Solutions Consulting For as much catastrophe over AI’s potential for autonomous attacks, for right now the reality is more nuanced. Insights from the Crowdstrike 1H 2025 Threat Report https://go.crowdstrike.com/rs/281-OBQ-266/images/Threat-Hunt-Report-2025.pdf Here’s some very likely fragile temporal analysis of the data contained in Crowdstrike’s Threat Report:  For as much catastrophe over AI’s potential…

    Read More →

  • Humans Still Matter: Why AI Doesn’t Replace Analysts

    Humans Still Matter: Why AI Doesn’t Replace Analysts

    CISO Global AI Division Every demo promises that the AI is smarter, faster, and more reliable than humans. There’s a recurring fantasy in cybersecurity circles, the vision of an analyst-free SOC. AI will handle it all, they say. No more alert fatigue, no more ticket queues, no more “click fatigue.” Just intelligent systems that detect,…

    Read More →

  • The Unsung Heroes of Cybersecurity Success

    The Unsung Heroes of Cybersecurity Success

    Brandon Bonicard, Client Success Manager Cybersecurity is a business built on trust. Every client is different. That is where the Client Success Manager comes in. When most people think of cybersecurity firms, they imagine analysts monitoring threats, engineers hardening systems, and specialists responding to breaches. What often gets overlooked is the person quietly ensuring that…

    Read More →

  • AI Maturity Curve: Where Most Security Teams Actually Are

    AI Maturity Curve: Where Most Security Teams Actually Are

    CISO Global AI Division Real maturity doesn’t come until AI is integrated into the operational fabric AI Maturity Curve: Where Most Security Teams Actually Are There’s no shortage of vendors promising plug-and-play AI for cybersecurity. Dashboards light up. Detections appear smarter. The marketing says you’re now using “AI-driven defense.” But beneath the surface, most security…

    Read More →

  • Automation vs. AI: Dispelling Myths and Misconceptions

    Automation vs. AI: Dispelling Myths and Misconceptions

    CISO Global AI Division [AI] should be capable of learning, generalizing, or spotting patterns beyond what’s been explicitly coded It’s everywhere. Every security tool now supposedly has “AI” baked in, whether it’s a firewall, SIEM, email filter, or endpoint agent. It’s the badge of innovation. If your product doesn’t have it, or if your team…

    Read More →

  • Before the Breach: Why You Need an IR Retainer Like a Golfer Needs a Caddie

    Before the Breach: Why You Need an IR Retainer Like a Golfer Needs a Caddie

    Joe Knight, Senior Account Executive  An incident response retainer isn’t just a contract, it’s a relationship. It sets expectations, defines access methods, outlines pricing, and ensures your team and your IR partner are already speaking the same language. Partnership Over Products You don’t call in a caddie after the damage is done, you bring them…

    Read More →

  • Cybersecurity in 2025: The Perfect Storm (Part 3)

    Cybersecurity in 2025: The Perfect Storm (Part 3)

    Chris Clements, VP of Solutions Architecture CISO Global experts analyzed 15 leading cybersecurity vendor reports to distill the most critical insights, trends, and takeaways. Strategic Response Framework  In parts 1 and 2, we analyzed the converging cybersecurity threats of 2025. Now, let’s focus on practical solutions to address these critical challenges.  With attack breakout times…

    Read More →

  • Cybersecurity in 2025: The Perfect Storm (Part 2)

    Cybersecurity in 2025: The Perfect Storm (Part 2)

    Chris Clements, VP of Solutions Consulting CISO Global experts analyzed 15 leading cybersecurity vendor reports to distill the most critical insights, trends, and takeaways. In Part 1, we examined the acceleration of cyberattacks, the persistence of ransomware, and the evolving tactics of threat actors. Now, let’s explore three critical dimensions of today’s threat landscape: AI’s…

    Read More →

  • Artificial Intelligence (AI) in 2025: Spotting the Nefarious

    Artificial Intelligence (AI) in 2025: Spotting the Nefarious

    Sam Lewis, Senior Security Consultant AI can be entertaining and powerful, but it can also be exploited. Artificial Intelligence (AI) in computing was first predicted in the 1930s and formally born in 1951. That early AI program was created to play checkers (of all games) and could complete a full match “at a reasonable speed”…

    Read More →

  • Cybersecurity in 2025: The Perfect Storm (Part 1)

    Cybersecurity in 2025: The Perfect Storm (Part 1)

    Chris Clements, VP of Solutions Consulting CISO Global experts analyzed 15 leading cybersecurity vendor reports to distill the most critical insights, trends, and takeaways. Every year, cybersecurity vendors publish threat intelligence reports that promise to uncover the latest attack trends and guide defenders. These reports are often backed by billions of telemetry events, real-world incident…

    Read More →

  • Lessons from the SOC: Fix the Basics Before Chasing Buzzwords

    Lessons from the SOC: Fix the Basics Before Chasing Buzzwords

    Fernando Gomez Threat actors are persistent, creative, and sometimes well-resourced. It’s not a matter of if someone gets in, it’s whether you detect them before they cause damage. From inside a Security Operations Center (SOC), patterns emerge. Analysts sit at the crossroads of alerts, incidents, and consequences. Across industries and tech stacks, we keep seeing the same core problems…

    Read More →

  • ARGO: See the Risk. Command the Business

    ARGO: See the Risk. Command the Business

    Tigran Safari, Client Success Manager & Mark Crauwels, Account Executive Cyber Signals Are Everywhere Trapped in silos. Drowning in noise. Valuable insights are lost in a flood of disconnected systems. Critical information rarely reaches leadership in a form that begs action. That’s Where ARGO Comes In Built by CISO Global, ARGO is the business tool…

    Read More →

  • What to Look for When Selecting Your MSSP

    What to Look for When Selecting Your MSSP

    Gary Perkins, Chief Information Security Officer, CISO Global I’ve been in the security business, and specifically cybersecurity, for the majority of my adult life. Throughout my career, I’ve noticed trends of decision-making that organizations often follow, both good and detrimental for their security posture. Of these trends, I’ve found that choosing the right Managed Security…

    Read More →

  • Cyber-Debt: The Hidden Cost of Neglected Security

    Cyber-Debt: The Hidden Cost of Neglected Security

    Chris Clements, VP of Solutions Architecture at CISO Global Debt, with very few exceptions, is a liability. It causes stress, amplifies risks, and can spiral into perilous predicaments. Companies employ accountants to mitigate financial debt risks, but they often overlook a similar and equally dangerous risk: accumulating “Cyber-Debt.” Understanding Cyber-Debt You may be familiar with…

    Read More →

  • Understanding AI Maturity: Where Are You Today, and Where Do You Want to Be?

    Understanding AI Maturity: Where Are You Today, and Where Do You Want to Be?

    CISO Global AI Division By rating your present AI Maturity level and your desired future state, you can create a focused action plan to move forward confidently and securely. AI adoption doesn’t have to be overwhelming, it just requires a clear, intentional approach. Artificial Intelligence (AI) has become a transformative force across industries, offering businesses…

    Read More →

  • Risk and Exposure in Cybersecurity

    Risk and Exposure in Cybersecurity

    Senior Account Director at CISO Global While cybersecurity risk and exposure may be unavoidable in our present threat environment, proactive measures can significantly reduce the likelihood and impact of cyber attacks. Understanding these risks and implementing strong security controls ensures safer digital environments for individuals and organizations alike. In cybersecurity, risk refers to the potential…

    Read More →

  • The Critical Role of Secure Managed Services in Cybersecurity

    The Critical Role of Secure Managed Services in Cybersecurity

    Brian Yelm, CISO Global “Many organizations mistakenly believe that hiring an IR team after an incident is enough. The reality is that without a dedicated team to remediate vulnerabilities and reinforce security measures, businesses keep themselves at risk for repeat attack.“ With digital threats on the rise, businesses are becoming increasingly aware of the need…

    Read More →

  • Lessons from the Field, Part III: Why Backups Alone Won’t Save You

    Lessons from the Field, Part III: Why Backups Alone Won’t Save You

    James Keiser, Director of Secured Managed Services Southeast, CISO Global, Inc. It’s been a while since I’ve put some thoughts together for the CISO Blog, and with World Backup Day coming at the end of this month, the timing felt right. I’ve mentioned in the past that backups are crucial to keeping your data preserved…

    Read More →

  • CMMC is Here: Simplifying Compliance with Enclaves 

    CMMC is Here: Simplifying Compliance with Enclaves 

    A joint blog featuring CISO Global’s Compliance Team & PreVeil The long-anticipated CMMC rule (CFR 32) is now live, marking a crucial turning point for defense contractors. The Compliance Team at CISO Global recently passed our CMMC Audit and are well on the way to becoming a CMMC Certified Third-Party Assessor Organization, or C3PAO. Although…

    Read More →

  • New Guidelines: Cybersecurity Resilience in the Healthcare Industry

    New Guidelines: Cybersecurity Resilience in the Healthcare Industry

    Lou Morentin, VP of Compliance & Privacy There are a number of significant changes coming to Healthcare Cybersecurity requirements. While not all are finalized, they point the way towards Health and Human Services tightening the controls and requirements. Healthcare Cybersecurity: A Shift Towards Resilience The healthcare industry is facing an evolving threat landscape, with cyberattacks…

    Read More →

  • Love, Lies, and Loss: The Rise of Romance Scams

    Love, Lies, and Loss: The Rise of Romance Scams

    Gary Perkins, CISO at CISO Global While Valentine’s Day is a celebration of love, it’s also a time to be cautious. Scammers prey on our most vulnerable emotions, manipulating those longing for connection. It’s not just about money—it’s about trust, hope, and heartbreak. Protect yourself and your loved ones by staying informed, recognizing the warning…

    Read More →

  • Why 24/7 Security Monitoring Matters for Your Company

    Why 24/7 Security Monitoring Matters for Your Company

    Gary Perkins, CISO at CISO Global Cyber threats don’t take evenings or weekends off, and neither should your security team. Companies need peace of mind knowing that dedicated professionals are continuously monitoring their infrastructure and data, ensuring both proactive prevention and rapid response to potential incidents. The Role of Expert Analysts in Securing Your Company…

    Read More →

  • DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare

    DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare

    David Jemmett, CEO & Founder of CISO Global Unlike Western AI systems governed by privacy laws and ethical considerations, DeepSeek operates under a regime notorious for state-sponsored hacking, surveillance, and cyber espionage. With AI-driven automation at its disposal, China can rapidly scale its cyberattacks, embedding malware, manipulating financial markets, and eroding trust in global AI…

    Read More →

  • Did You Hire a Spy? Risks and Strategies for Securing Remote Workers

    Did You Hire a Spy? Risks and Strategies for Securing Remote Workers

    Former Military Intelligence Agents Turned Cybersecurity Experts at CISO Global In today’s high-stakes digital landscape, hiring remotely requires diligence and vigilance. Trust is important, but verifying that trust is non-negotiable. The consequences of negligence can extend beyond financial loss, affecting national security and the very foundations of an organization. By taking proactive measures, companies can…

    Read More →

  • Back to the Basics For 2025: Securing Your Business

    Back to the Basics For 2025: Securing Your Business

    Gary Perkins, CISO at CISO Global Cybersecurity may seem complex, but it boils down to consistent implementation of best practices. Disabling unnecessary services, securing cloud configurations, enforcing MFA, training employees, and adopting a proactive security mindset are crucial steps to safeguarding your business. In 2025, prioritize these basics to significantly reduce your exposure to threats…

    Read More →

  • CES 2025: Think Before Relying on Shiny New Solutions

    CES 2025: Think Before Relying on Shiny New Solutions

    Chris Clements, VP of Solutions Architecture Just as a $5,000 gaming PC won’t make someone a better gamer if they haven’t mastered the basic controls, a sophisticated security solution won’t protect an organization that hasn’t implemented fundamental security practices. Oh… Shiny! At CES this year, we’ll no doubt see dazzling new gadgets, AI-powered everything whether…

    Read More →

  • Protecting Your Heart and Wallet: A Guide to Safe Charitable Giving

    Protecting Your Heart and Wallet: A Guide to Safe Charitable Giving

    The holiday season brings out the best in people, with many feeling inspired to support worthy causes. Unfortunately, it also attracts scammers who prey on this generosity. Here’s how to ensure your donations reach legitimate charities while protecting your personal and financial information. Verify Before You Give Before opening your wallet, take these essential steps…

    Read More →

  • Mass Breaches in the Age of AI

    Mass Breaches in the Age of AI

    Targeted Scams & What to do About Them Chris Clements, VP of Solutions Architecture Companies that have suffered massive data breaches are quick to downplay the risks, but they’re ignoring the elephant in the room: the sheer volume of personal information that’s been exposed. Nothing to See Here, Folks! The age-old refrain of “don’t worry,…

    Read More →

  • Cyber Safe for the Holidays

    Cyber Safe for the Holidays

    The holiday season brings joy, festivities, and amazing deals – but it also attracts cybercriminals looking to take advantage of eager shoppers. Here’s how to protect yourself while hunting for the perfect gifts. After a day of feasting with family and friends, the holiday shopping season officially begins next Friday, November 29th! With more and…

    Read More →

  • The Benefits of Upgrading to XDR: Why MDR is No Longer Sufficient as 2024 Comes to a Close

    The Benefits of Upgrading to XDR: Why MDR is No Longer Sufficient as 2024 Comes to a Close

    Gary Perkins, Chief Information Security Officer, CISO Global Upgrading to XDR is not just a technological upgrade—it’s a strategic move toward future-proofing your cybersecurity posture against the ever-evolving landscape of cyber threats. Cybersecurity has never been as critical as it is today. With cyberattacks becoming more frequent, sophisticated, and pervasive, traditional security solutions like Managed…

    Read More →

  • The Global Effort to Maintain Supply Chain Security | Part Two

    The Global Effort to Maintain Supply Chain Security | Part Two

    Various Cybersecurity Experts, CISO Global A well-run kitchen requires a fully stocked pantry and a clear understanding of what’s on hand. In cybersecurity, your pantry is your asset inventory—every server, every piece of software, and even those firmware components lurking in the background. You wouldn’t want to cook without knowing exactly what ingredients are available,…

    Read More →

  • AI in Banking: No Longer Just for the Big Banks

    AI in Banking: No Longer Just for the Big Banks

    Tigran Safari, Client Success Manager AI isn’t some far-off sci-fi concept anymore. It’s here, and it’s coming to a bank near you! Listen to the latest from Tigran Safari and Chris Clements on this month’s Banking Podcast from The Kafafian Group We’ve spent a significant part of our journey working with investment, commercial, and community…

    Read More →

  • Cyber Scams & Why We Fall for Them

    Cyber Scams & Why We Fall for Them

    Gary Perkins, Chief Information Security Officer Social engineers rely on two key psychological triggers: urgency and empathy. When people feel rushed or that they are helping someone in need, their normal critical thinking is often overridden. Attackers don’t just hack systems; they hack people, and they’re exceptionally good at it. In today’s hyper-connected world, cybersecurity…

    Read More →

  • Is End-User Cybersecurity Training Useless? Spoiler Alert: It’s Not!

    Is End-User Cybersecurity Training Useless? Spoiler Alert: It’s Not!

    Chris Clements, VP of Solutions Architecture Because of the frequency of phishing attacks landing in user mailboxes and the severity of the consequences of a user falling for a lure, any improvement at all can make the difference between an organization suffering a breach.  Detrimental Best Practices One of my biggest pet peeves is compulsory…

    Read More →

  • Identity Under Siege: Responding to the National Public Data Breach

    Identity Under Siege: Responding to the National Public Data Breach

    Gary Perkins, Chief Information Security Officer, CISO Global While the scale of this data breach is alarming – with 277 gigabytes of data reportedly stolen – it’s important not to panic. Instead, focus on taking concrete steps to protect yourself. Stay informed, be proactive in safeguarding your personal information, and remainvigilant for any signs of…

    Read More →

  • A Treacherous Dinner Party: The Global Effort to Maintain Supply Chain Security

    A Treacherous Dinner Party: The Global Effort to Maintain Supply Chain Security

    Various Security Experts at CISO Global  …In the world of supply chain security, vigilance is your best friend. Stay informed, stay alert, and always prioritize security in your decisions. After all, in this interconnected digital world, we’re all in this together. Imagine you’re hosting a dinner party, and you’ve carefully planned every dish to accommodate…

    Read More →

  • Navigating the Shared Responsibility Model: Lessons Learned from the Snowflake Cybersecurity Incident

    Navigating the Shared Responsibility Model: Lessons Learned from the Snowflake Cybersecurity Incident

    Jerry Dawkins, PhD In the world of cybersecurity, the recent incident involving Snowflake has sparked a significant discussion around the shared responsibility between vendors and customers. The attacks, which targeted over 100 Snowflake customers, have highlighted vulnerabilities that arise not from the platform itself, but from how customers manage their security environments. A Bold Stance:…

    Read More →

  • Cyber Insurers Are Not Your Friend – Why a Warranty May Be a Better Option

    Cyber Insurers Are Not Your Friend – Why a Warranty May Be a Better Option

    Gary Perkins, Chief Information Security Officer In this landscape, organizations need a multi-faceted approach that includes prevention, detection, and response capabilities. A warranty tied to a comprehensive security solution supports this approach, providing both technological protection and financial assurance. The Trouble with Insurance Cyber insurers are increasingly being viewed with skepticism by organizations seeking protection…

    Read More →

  • Badge Life: The CISO Team Takes on DEF CON

    Badge Life: The CISO Team Takes on DEF CON

    The CISO Global Pen Testing Team Earlier this month, a group of our intrepid pen testers from our Readiness & Resilience team at CISO Global ventured into the heart of the hacking world at DEFCON 32 in Las Vegas. This annual pilgrimage to the mecca of cybersecurity (and more importantly, hacking) is more than just…

    Read More →

  • The Polar Bear in Your Kitchen: A Cybersecurity Analogy

    The Polar Bear in Your Kitchen: A Cybersecurity Analogy

    Chris Clements, VP of Solutions Architecture at CISO Global High-Tech Pest Control = Threat Detection & Response Imagine for a moment that your home has a rodent problem. To address this, you install a fancy system designed to automatically detect and trap animals before they can roam around your house and cause any damage. The…

    Read More →