Request A Consultation
Abstract technology digital hi tech geometric concept background.

CISO Global Blog

Subscribe to receive the latest cybersecurity news
from the CISO Blog

subscribe
  • What to Look for When Selecting Your MSSP

    What to Look for When Selecting Your MSSP

    Gary Perkins, Chief Information Security Officer, CISO Global I’ve been in the security business, and specifically cybersecurity, for the majority of my adult life. Throughout my career, I’ve noticed trends of decision-making that organizations often follow, both good and detrimental for their security posture. Of these trends, I’ve found that choosing the right Managed Security…

    Read More →

  • Cyber-Debt: The Hidden Cost of Neglected Security

    Cyber-Debt: The Hidden Cost of Neglected Security

    Chris Clements, VP of Solutions Architecture at CISO Global Debt, with very few exceptions, is a liability. It causes stress, amplifies risks, and can spiral into perilous predicaments. Companies employ accountants to mitigate financial debt risks, but they often overlook a similar and equally dangerous risk: accumulating “Cyber-Debt.” Understanding Cyber-Debt You may be familiar with…

    Read More →

  • Understanding AI Maturity: Where Are You Today, and Where Do You Want to Be?

    Understanding AI Maturity: Where Are You Today, and Where Do You Want to Be?

    CISO Global AI Division By rating your present AI Maturity level and your desired future state, you can create a focused action plan to move forward confidently and securely. AI adoption doesn’t have to be overwhelming, it just requires a clear, intentional approach. Artificial Intelligence (AI) has become a transformative force across industries, offering businesses…

    Read More →

  • Risk and Exposure in Cybersecurity

    Risk and Exposure in Cybersecurity

    Senior Account Director at CISO Global While cybersecurity risk and exposure may be unavoidable in our present threat environment, proactive measures can significantly reduce the likelihood and impact of cyber attacks. Understanding these risks and implementing strong security controls ensures safer digital environments for individuals and organizations alike. In cybersecurity, risk refers to the potential…

    Read More →

  • The Critical Role of Secure Managed Services in Cybersecurity

    The Critical Role of Secure Managed Services in Cybersecurity

    Brian Yelm, CISO Global “Many organizations mistakenly believe that hiring an IR team after an incident is enough. The reality is that without a dedicated team to remediate vulnerabilities and reinforce security measures, businesses keep themselves at risk for repeat attack.“ With digital threats on the rise, businesses are becoming increasingly aware of the need…

    Read More →

  • Lessons from the Field, Part III: Why Backups Alone Won’t Save You

    Lessons from the Field, Part III: Why Backups Alone Won’t Save You

    James Keiser, Director of Secured Managed Services Southeast, CISO Global, Inc. It’s been a while since I’ve put some thoughts together for the CISO Blog, and with World Backup Day coming at the end of this month, the timing felt right. I’ve mentioned in the past that backups are crucial to keeping your data preserved…

    Read More →

  • CMMC is Here: Simplifying Compliance with Enclaves 

    CMMC is Here: Simplifying Compliance with Enclaves 

    A joint blog featuring CISO Global’s Compliance Team & PreVeil The long-anticipated CMMC rule (CFR 32) is now live, marking a crucial turning point for defense contractors. The Compliance Team at CISO Global recently passed our CMMC Audit and are well on the way to becoming a CMMC Certified Third-Party Assessor Organization, or C3PAO. Although…

    Read More →

  • New Guidelines: Cybersecurity Resilience in the Healthcare Industry

    New Guidelines: Cybersecurity Resilience in the Healthcare Industry

    Lou Morentin, VP of Compliance & Privacy There are a number of significant changes coming to Healthcare Cybersecurity requirements. While not all are finalized, they point the way towards Health and Human Services tightening the controls and requirements. Healthcare Cybersecurity: A Shift Towards Resilience The healthcare industry is facing an evolving threat landscape, with cyberattacks…

    Read More →

  • Love, Lies, and Loss: The Rise of Romance Scams

    Love, Lies, and Loss: The Rise of Romance Scams

    Gary Perkins, CISO at CISO Global While Valentine’s Day is a celebration of love, it’s also a time to be cautious. Scammers prey on our most vulnerable emotions, manipulating those longing for connection. It’s not just about money—it’s about trust, hope, and heartbreak. Protect yourself and your loved ones by staying informed, recognizing the warning…

    Read More →

  • Why 24/7 Security Monitoring Matters for Your Company

    Why 24/7 Security Monitoring Matters for Your Company

    Gary Perkins, CISO at CISO Global Cyber threats don’t take evenings or weekends off, and neither should your security team. Companies need peace of mind knowing that dedicated professionals are continuously monitoring their infrastructure and data, ensuring both proactive prevention and rapid response to potential incidents. The Role of Expert Analysts in Securing Your Company…

    Read More →

  • DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare

    DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare

    David Jemmett, CEO & Founder of CISO Global Unlike Western AI systems governed by privacy laws and ethical considerations, DeepSeek operates under a regime notorious for state-sponsored hacking, surveillance, and cyber espionage. With AI-driven automation at its disposal, China can rapidly scale its cyberattacks, embedding malware, manipulating financial markets, and eroding trust in global AI…

    Read More →

  • Did You Hire a Spy? Risks and Strategies for Securing Remote Workers

    Did You Hire a Spy? Risks and Strategies for Securing Remote Workers

    Former Military Intelligence Agents Turned Cybersecurity Experts at CISO Global In today’s high-stakes digital landscape, hiring remotely requires diligence and vigilance. Trust is important, but verifying that trust is non-negotiable. The consequences of negligence can extend beyond financial loss, affecting national security and the very foundations of an organization. By taking proactive measures, companies can…

    Read More →

  • Back to the Basics For 2025: Securing Your Business

    Back to the Basics For 2025: Securing Your Business

    Gary Perkins, CISO at CISO Global Cybersecurity may seem complex, but it boils down to consistent implementation of best practices. Disabling unnecessary services, securing cloud configurations, enforcing MFA, training employees, and adopting a proactive security mindset are crucial steps to safeguarding your business. In 2025, prioritize these basics to significantly reduce your exposure to threats…

    Read More →

  • CES 2025: Think Before Relying on Shiny New Solutions

    CES 2025: Think Before Relying on Shiny New Solutions

    Chris Clements, VP of Solutions Architecture Just as a $5,000 gaming PC won’t make someone a better gamer if they haven’t mastered the basic controls, a sophisticated security solution won’t protect an organization that hasn’t implemented fundamental security practices. Oh… Shiny! At CES this year, we’ll no doubt see dazzling new gadgets, AI-powered everything whether…

    Read More →

  • Protecting Your Heart and Wallet: A Guide to Safe Charitable Giving

    Protecting Your Heart and Wallet: A Guide to Safe Charitable Giving

    The holiday season brings out the best in people, with many feeling inspired to support worthy causes. Unfortunately, it also attracts scammers who prey on this generosity. Here’s how to ensure your donations reach legitimate charities while protecting your personal and financial information. Verify Before You Give Before opening your wallet, take these essential steps…

    Read More →

  • Mass Breaches in the Age of AI

    Mass Breaches in the Age of AI

    Targeted Scams & What to do About Them Chris Clements, VP of Solutions Architecture Companies that have suffered massive data breaches are quick to downplay the risks, but they’re ignoring the elephant in the room: the sheer volume of personal information that’s been exposed. Nothing to See Here, Folks! The age-old refrain of “don’t worry,…

    Read More →

  • Cyber Safe for the Holidays

    Cyber Safe for the Holidays

    The holiday season brings joy, festivities, and amazing deals – but it also attracts cybercriminals looking to take advantage of eager shoppers. Here’s how to protect yourself while hunting for the perfect gifts. After a day of feasting with family and friends, the holiday shopping season officially begins next Friday, November 29th! With more and…

    Read More →

  • The Benefits of Upgrading to XDR: Why MDR is No Longer Sufficient as 2024 Comes to a Close

    The Benefits of Upgrading to XDR: Why MDR is No Longer Sufficient as 2024 Comes to a Close

    Gary Perkins, Chief Information Security Officer, CISO Global Upgrading to XDR is not just a technological upgrade—it’s a strategic move toward future-proofing your cybersecurity posture against the ever-evolving landscape of cyber threats. Cybersecurity has never been as critical as it is today. With cyberattacks becoming more frequent, sophisticated, and pervasive, traditional security solutions like Managed…

    Read More →

  • The Global Effort to Maintain Supply Chain Security | Part Two

    The Global Effort to Maintain Supply Chain Security | Part Two

    Various Cybersecurity Experts, CISO Global A well-run kitchen requires a fully stocked pantry and a clear understanding of what’s on hand. In cybersecurity, your pantry is your asset inventory—every server, every piece of software, and even those firmware components lurking in the background. You wouldn’t want to cook without knowing exactly what ingredients are available,…

    Read More →

  • AI in Banking: No Longer Just for the Big Banks

    AI in Banking: No Longer Just for the Big Banks

    Tigran Safari, Client Success Manager AI isn’t some far-off sci-fi concept anymore. It’s here, and it’s coming to a bank near you! Listen to the latest from Tigran Safari and Chris Clements on this month’s Banking Podcast from The Kafafian Group We’ve spent a significant part of our journey working with investment, commercial, and community…

    Read More →

  • Cyber Scams & Why We Fall for Them

    Cyber Scams & Why We Fall for Them

    Gary Perkins, Chief Information Security Officer Social engineers rely on two key psychological triggers: urgency and empathy. When people feel rushed or that they are helping someone in need, their normal critical thinking is often overridden. Attackers don’t just hack systems; they hack people, and they’re exceptionally good at it. In today’s hyper-connected world, cybersecurity…

    Read More →

  • Is End-User Cybersecurity Training Useless? Spoiler Alert: It’s Not!

    Is End-User Cybersecurity Training Useless? Spoiler Alert: It’s Not!

    Chris Clements, VP of Solutions Architecture Because of the frequency of phishing attacks landing in user mailboxes and the severity of the consequences of a user falling for a lure, any improvement at all can make the difference between an organization suffering a breach.  Detrimental Best Practices One of my biggest pet peeves is compulsory…

    Read More →

  • Identity Under Siege: Responding to the National Public Data Breach

    Identity Under Siege: Responding to the National Public Data Breach

    Gary Perkins, Chief Information Security Officer, CISO Global While the scale of this data breach is alarming – with 277 gigabytes of data reportedly stolen – it’s important not to panic. Instead, focus on taking concrete steps to protect yourself. Stay informed, be proactive in safeguarding your personal information, and remainvigilant for any signs of…

    Read More →

  • A Treacherous Dinner Party: The Global Effort to Maintain Supply Chain Security

    A Treacherous Dinner Party: The Global Effort to Maintain Supply Chain Security

    Various Security Experts at CISO Global  …In the world of supply chain security, vigilance is your best friend. Stay informed, stay alert, and always prioritize security in your decisions. After all, in this interconnected digital world, we’re all in this together. Imagine you’re hosting a dinner party, and you’ve carefully planned every dish to accommodate…

    Read More →

  • Navigating the Shared Responsibility Model: Lessons Learned from the Snowflake Cybersecurity Incident

    Navigating the Shared Responsibility Model: Lessons Learned from the Snowflake Cybersecurity Incident

    Jerry Dawkins, PhD In the world of cybersecurity, the recent incident involving Snowflake has sparked a significant discussion around the shared responsibility between vendors and customers. The attacks, which targeted over 100 Snowflake customers, have highlighted vulnerabilities that arise not from the platform itself, but from how customers manage their security environments. A Bold Stance:…

    Read More →

  • Cyber Insurers Are Not Your Friend – Why a Warranty May Be a Better Option

    Cyber Insurers Are Not Your Friend – Why a Warranty May Be a Better Option

    Gary Perkins, Chief Information Security Officer In this landscape, organizations need a multi-faceted approach that includes prevention, detection, and response capabilities. A warranty tied to a comprehensive security solution supports this approach, providing both technological protection and financial assurance. The Trouble with Insurance Cyber insurers are increasingly being viewed with skepticism by organizations seeking protection…

    Read More →

  • Badge Life: The CISO Team Takes on DEF CON

    Badge Life: The CISO Team Takes on DEF CON

    The CISO Global Pen Testing Team Earlier this month, a group of our intrepid pen testers from our Readiness & Resilience team at CISO Global ventured into the heart of the hacking world at DEFCON 32 in Las Vegas. This annual pilgrimage to the mecca of cybersecurity (and more importantly, hacking) is more than just…

    Read More →

  • The Polar Bear in Your Kitchen: A Cybersecurity Analogy

    The Polar Bear in Your Kitchen: A Cybersecurity Analogy

    Chris Clements, VP of Solutions Architecture at CISO Global High-Tech Pest Control = Threat Detection & Response Imagine for a moment that your home has a rodent problem. To address this, you install a fancy system designed to automatically detect and trap animals before they can roam around your house and cause any damage. The…

    Read More →

  • The Cybersecurity Industry is Under Scrutiny Yet Again

    The Cybersecurity Industry is Under Scrutiny Yet Again

    Jerald Dawkins, PhD, Chief Technology Officer at CISO Global  In the weeks following the CrowdStrike global tech outage, cyber companies and their end-users alike are evaluating their incident response plans. It likely won’t be long until we see changes in cyber insurance eligibility requirements too… Unfortunately, the cybersecurity industry has been in the crosshairs once…

    Read More →

  • Visibility in Management: Navigating the Cybersecurity Landscape with Argo | Part II

    Visibility in Management: Navigating the Cybersecurity Landscape with Argo | Part II

    Jerald Dawkins, PhD, Chief Technology Officer at CISO Global  Imagine a world where combing siloed data reports is a thing of the past, freeing us to focus on risk management and actionable solutions rather than wrangling data… In today’s threat landscape, organizations need to be highly attuned to matters of cybersecurity, beginning with executive leadership…

    Read More →

  • The [Beatings] Ransoms Will Continue Until [Morale] Culture Improves

    The [Beatings] Ransoms Will Continue Until [Morale] Culture Improves

    Chris Clements, VP of Solutions Architecture at CISO Global Fundamental Problems As we near the halfway point of 2024, it is apparent that the epidemic of extortionary cyber attacks will continue unabated into the foreseeable future. Now more than ever, I believe that until organizations adopt cultural approaches to cybersecurity, breaches will continue to wreak…

    Read More →

  • Global Assets: Navigating the Cybersecurity Landscape with Argo | Part I

    Global Assets: Navigating the Cybersecurity Landscape with Argo | Part I

    Jerald Dawkins, PhD, Chief Technology Officer at CISO Global  In today’s digital age, organizations are often crippled by a cybersecurity environment that is fragmented and complex. The jumble of security data — from intrusion detection systems to vulnerability management platforms and more — scattered and isolated across various tools, hinders a unified approach to security.  …

    Read More →

  • Spring into Action: A Corporate Digital Spring Cleaning Plan

    Spring into Action: A Corporate Digital Spring Cleaning Plan

    James Keiser, Director of Secured Managed Services (SMS) at CISO Global  Spring cleaning is no longer just about spotless windows and gleaming floors. In the digital age, businesses need to consider the clutter accumulating in their virtual filing cabinets too. A corporate digital spring cleaning can breathe new life into your organization’s online presence and…

    Read More →

  • NIST CSF 2.0: A Deeper Dive into Middle-Earth 

    NIST CSF 2.0: A Deeper Dive into Middle-Earth 

    Samuel Lewis, Senior Security Consultant at CISO Global   Sequels, bah! Usually, they are never as good as the first. Do not even speak of prequels! This is less of a sequel, and rather should be considered a continuation of the first blog. In line with the original blog, there will be a few references to…

    Read More →

  • The Surveillance Invasion: IoT and Smart Devices Stealing Corporate Secrets

    The Surveillance Invasion: IoT and Smart Devices Stealing Corporate Secrets

    Chris Clements, VP of Solutions Architecture at CISO Global “Hey Alexa, are you stealing my company’s data?” In an age where manufacturers have decided that just about every device needs to be “smart,” it’s becoming difficult to avoid the data collection and privacy invasion that are often baked into these devices. We have come to…

    Read More →

  • The Argument for Enterprise-Wide Ad Blocking 

    The Argument for Enterprise-Wide Ad Blocking 

    Chris Clements, VP of Solutions Architecture at CISO Global The concept of enterprise-wide ad blocking always provokes a powerful response. Whenever I suggest, even casually, that the next step organizations should take to improve cybersecurity posture is implementing enterprise-wide ad blocking, I can hear the collective screams of sysadmins and help desk personnel everywhere —…

    Read More →

  • It Takes a Hacker to Catch a Hacker 

    It Takes a Hacker to Catch a Hacker 

    By Anonymous Hacker, Head of Incident Response   In a recent episode, 60 Minutes brought national attention to the growing threat of ransomware attacks, considered by many to be the greatest current threat to the United States and global economies. More than just informative, the narrative was a chilling glimpse into the depths of the cyber…

    Read More →

  • NIST CSF: A “Fellowship” for Your Cybersecurity Journey to 2.0 

    NIST CSF: A “Fellowship” for Your Cybersecurity Journey to 2.0 

    By Samuel Lewis, Senior Security Consultant   The National Institute of Standards and Technology (NIST) released version 2.0 of the Cybersecurity Framework (CSF) on February 26, 2024. The original version was released in 2014, one year after Executive Order 13636 was signed on February 12, 2013. This executive order was written to improve critical infrastructure cybersecurity,…

    Read More →

  • Cyber Insurance Reduces Risk: Five Ways to Lower Your Rates 

    Cyber Insurance Reduces Risk: Five Ways to Lower Your Rates 

    Mike Bucciero, Client Experience Director  Yep, it’s that time of year again. The moment when that dreaded questionnaire from your Cyber Insurer lands on your desk like a ton of digital bricks. Suddenly, panic mode kicks in, and you’re transported back to those school days, facing an exam that seemed more daunting than Mount Everest. …

    Read More →

  • Who You Gonna Call? For Incident Response

    Who You Gonna Call? For Incident Response

    Gary Perkins, Chief Information Security Officer  Globally, no organization is immune to attack. Cybersecurity threats are a reality and every organization, anywhere in the world, is a potential target, regardless of location or size. It’s not a question of if, but when an incident will affect your organization. Do you know who you will call…

    Read More →

  • The Weakest Link: Securing The Human Element From Cyber Attack 

    The Weakest Link: Securing The Human Element From Cyber Attack 

    By: Chris Clements, VP of Solutions Architecture The Problem  As humans, we tend to trust the people around us in most situations simply by default. We usually don’t assume that the cook in a restaurant will poison our food or that the pharmacist will intentionally swap our medications, and for good reason. One of humanity’s…

    Read More →

  • Balanced IT: Humanizing AI in Client Experience 

    Balanced IT: Humanizing AI in Client Experience 

    By: Tigran Safari, Client Experience Manager, Secured Managed Services How can we clear our minds of preconceived notions about Artificial Intelligence? How can we approach this ongoing technological revolution without apprehension? AI has integrated into our lives more swiftly than a lawyer’s “Objection, Your Honor!” in a surprise courtroom confession. We ask AI to do…

    Read More →

  • CMMC 2.0: Your Questions Answered

    CMMC 2.0: Your Questions Answered

    By: Tom Cupples, Ed.D., CISSP, CGRC, PMP, CAICO-PI, CCP, CCA, Sec+, Net+, Security Controls Assessor & Senior Cybersecurity Trainer at CISO Global, Inc. By now, you are likely aware that the Cybersecurity Maturity Model Certification (CMMC) Program Proposed Rule was published in the Federal Register on December 26, 2023. This set into motion a series…

    Read More →

  • Cybersecurity Risks and Vulnerabilities with Third-Party Vendors 

    Cybersecurity Risks and Vulnerabilities with Third-Party Vendors 

    By Chris Clements, Vice President of Solutions Architecture Third-party vendors, contractors, and partners are often an integral part of an organization’s operations. However, they can also pose significant security risks if not properly managed, with poor cybersecurity practices increasingly becoming a major contributing factor to supply chain disruptions. If your organization relies on third parties…

    Read More →

  • Mobile Matters: Keep Your Data Safe

    Mobile Matters: Keep Your Data Safe

    By Thomas Coffey, VP of Security at CISO Global Some of you may remember when phones were primarily used for making phone calls. In today’s rapidly evolving digital landscape, our smartphones and tablets have transformed into multifunctional devices, serving as mini-computers, high-resolution cameras, and indispensable companions in our daily lives. They seamlessly keep us connected…

    Read More →

  • Cybersecurity Warranties? Absolutely!

    Cybersecurity Warranties? Absolutely!

    By: Rob Hegedus, CHECKLIGHT® Program Director Insurance is for something that might happen (a question of probability). A warranty is for something that will happen (a question of time).  After thirteen years in the cybersecurity industry, I’ve come to one sobering conclusion: given enough time, everyone will suffer a data breach. It’s just a question of…

    Read More →

  • Back to the Basics: Security Must-Haves for 2024, Part II 

    Back to the Basics: Security Must-Haves for 2024, Part II 

    By: Gary Perkins, Chief Information Security Officer Welcome to Part II of the Basics of Security. If you missed the first part of the series, you can read it here. There is a tendency to be overwhelmed with the sheer volume of work that must be done in IT and security. While the experts debate…

    Read More →

  • Strengthening Cybersecurity in Local Government

    Strengthening Cybersecurity in Local Government

    By: Randy Griffith, Senior Security Consultant, Strategy and Risk How to Protect Networks Amid an Epidemic Many industries are dealing with an increase in cyber attacks. Earlier this year, one of my colleagues discussed a recent string of cyber attacks against credit unions. Hackers are also targeting local government agencies.   The scale and severity of…

    Read More →

  • OIRA Releases CMMC Proposed Rule 

    OIRA Releases CMMC Proposed Rule 

    By: Tom Cupples, Ed.D., CISSP, CGRC, PMP, CAICO-PI, CCP, CCA, Sec+, Net+, Security Controls Assessor & Senior Cybersecurity Trainer at CISO Global, Inc.   On December 26, 2023, the Office of Information and Regulatory Affairs (OIRA) released the 234-page Cybersecurity Maturity Model Certification (CMMC) proposed rule, available at FederalRegister.gov, and its documentation, available HERE. This kicked…

    Read More →

  • AI & Cybersecurity: Navigating the Digital Future

    AI & Cybersecurity: Navigating the Digital Future

    By: Gary Perkins, Chief Information Security Officer As we keep a close eye on trends impacting businesses this year, it is impossible to ignore the impacts of Artificial Intelligence and its evolving relationship with technology. One of the key areas experiencing this transformational change is cybersecurity. The integration of AI with cybersecurity practices is imperative,…

    Read More →