I think #Microsoft have given themselves enough rope with #Recall. For Reasons, running anything like it would be flat out, no discussion, illegal in my org. As #CISO I’m sensitive to such things… :)

Sure we run a MSFT shop, and sure they theoretically have access to all that data anyhow - can’t [viably yet] process ciphertext, they see all the cleartext at some point.

The rope part is that argument. If MSFT argues that they see all data *anyway* so why not Recall, they burst our collective hallucination that various #GDPR agreements are actually worth a damn [Narrator: They’re not].

And then, my #infosec friends, I get to eject Microsoft - and coincidentally all other #US #cloud services as well as collateral damage - and finally build a full scale Linux/FOSS environment.

It’ll be more fun than I can #recall!

Are Encryption Backdoors Putting Your Organization at Risk?

In this clip, @sherridavidoff and @MDurrin explain why encryption backdoors are a nightmare for organizations, creating security gaps that cybercriminals can exploit.
Watch this full episode of Cyberside Chats to hear Sherri and Matt break down Apple’s battle against the UK’s demands for backdoor access, the worldwide backlash, and what it all means for cybersecurity professionals.

We'll cover:
Why backdoors are a double-edged sword for security
Historical backdoor failures that left organizations exposed
Pro tips to strengthen your security posture against evolving encryption policies

Watch the full video: https://youtu.be/5HhNKMIJkCQ
Listen to the podcast: https://www.chatcyberside.com/e/the-encryption-battle-security-savior-or-cyber-risk/

Someone send the CISO Musical to me. I kinda want to see it, ngl. It's hilarious .

#ciso #musical #cybersecurity

https://www.cisomusical.com/

New post: "The CISO's Communication Playbook"

Security isn't just technical—it's psychological. Learn how five evidence-based communication theories can transform your influence as a security leader.

Read the full article: https://discernibleinc.com/blog/ciso-communication-playbook

#Cybersecurity #CISO​​​​​​​​​​​​​​​​ #infosec #SecurityCommunications

Securing state agencies isn’t easy. Josh Kuntz, CISO in the state of Texas, shares insights on public sector cyber, AI threats, and why patching is still king after 25 years.

https://youtu.be/dyUGYYrbqg4

In der #Stellenausschreibung ist die Rede von „großzügiger #Homeoffice Regelung“.
Ich frage nach, was das heißt.
„Nach einem halben Jahr Einarbeitung in Präsenz 50% Homeoffice, also 2 Tage“ sagt mir die Dame vom #HR ganz stolz.

Okay Leute… hört einfach auf euch über #Fachkräftemangel zu beschweren. Glaubt ihr, irgendein #CISO #ISB #IT #Nerd findet 50% großzügig? #Stelle #Job #Jobsuche

"I will do all we can to enforce 100% OPSEC." - Pete Hegseth, March 14, 2025 in a Signal group chat to coordinate response plans to Houthis.

Group chat of 18 included JD Vance, Tulsi Gabbard, Marco Rubio, and... Jeffrey Goldberg (The Atlantic Editor-in-chief).

Every #CISO moves up one.

Ash Hunt (ex-#CISO Apex Group) stellt revolutionäres Modell vor. Statt subjektivem #TrafficLightScoring setzt er auf #MonteCarloSimulation für präzisere #CyberRisk-Analysen. Neue #SEC-Regeln fordern systematische & transparente Bewertung! #CyberSecurity #RiskManagement #InfoSec

Board-Cybersecurity gewinnt an Bedeutung! Neue Regulierungen fordern Cyber-Kompetenz in Vorständen. CISOs müssen Risiken klar kommunizieren & Strategien anpassen. #CyberRisk #CISO #BoardSecurity #Governance

Here are the key trends that cybersecurity leaders should keep in mind for our work in 2025: https://zeltser.com/ciso-mindset-2025/

The OWASP Hamburg Meeting said a couple of more good questions for their #CISO round-table on Feb 19, see https://www.meetup.com/owasp-hamburg-stammtisch/events/305772165 would be great.

Here's the form which doesn't require registration: https://docs.google.com/forms/d/e/1FAIpQLSfGq-4asIaQ6VX27APkc47LKRBK8BzhLfQbh61FGIh_S2Ve2g/viewform?usp=dialog

So, if you could think of one good AppSec question: shoot. ;-) (EN is fine, DE also)

Retoot could prevail laziness overall ;-)

Hi, yes, solo IT guy here again. Currently reviewing a potential client contract and its security stipulations. With these requirements (that I would no doubt be in charge of fulfilling), I feel like I am becoming a #CISO or IT director or something. It feels scary and super cool at the same time. That is all, thanks for reading :)

Als Konzernleitungs #CISO hat Mensch die Herausforderung, daß die Geschäftsfeld CISOs auch immer zügig und alligned mitziehen (sollten)

Ob solche #Compliance-Pur #Sammelsticker helfen könnte? ;)

•gamification•for•the•win•

A CISO Guide to Cyber Resilience: A How-To Guide for Every CISO to Build a Resilient Security Program by Debra Baker, 2024

Explore expert strategies to master cyber resilience as a CISO, ensuring your organization's security program stands strong against evolving threats.

@bookstodon
#books
#nonfiction
#cybersecurity
#CISO

Cyber CISO Marksmanship: Hitting the Mark in Cybersecurity Leadership by Ken Dunham & James Johnson & Joseph McComb & Jason Elrod, 2025

Cyber CISO Marksmanship is the only book of its kind authored by multiple highly experienced individuals to collectively bring together the “best of the best” on what works and what doesn’t, as a CISO, in a unique storytelling format.

@bookstodon
#books
#nonfiction
#cybersecurity
#CISO