Zayda Technologies’ Post

"#Cyber Incident Scapegoat Officers (#CISO'ss) and Personal Cyber Liability for Directors", click to get key #cybersecurity & #security industry insights from Bill Mew @BillMew in this article exclusively via Elnion. https://bit.ly/3TRBRga

"#Cyber Incident Scapegoat Officers (#CISO'ss) and Personal Cyber Liability for Directors", click to get key #cybersecurity & #security industry insights from Bill Mew @BillMew in this article exclusively via Elnion. https://bit.ly/3TRBRga

"#Cyber Incident Scapegoat Officers (#CISO'ss) and Personal Cyber Liability for Directors", click to get key #cybersecurity & #security industry insights from Bill Mew @BillMew in this article exclusively via Elnion. https://bit.ly/3TRBRga

CISOs are burned out – now they face personal liability too #Regulators worldwide are upping their scrutiny of corporate cybersecurity. With a precedent now set for individual #liability, is the #CISO role about to get much more dangerous? As the public grows more aware of the devastating impact of cyber incidents, regulatory agencies across the globe are tightening reporting requirements and strengthening penalties. In an effort to counterbalance the immense material risk posed by #data #breaches and #cyber attacks, regulators have set a new precedent for cybersecurity enforcement – personal liability. https://lnkd.in/eSgmBtPi #cybernews #cybersecurity

🔎 What every company in Florida should know to minimize Cyber Security Risk and Cyber breach costs. Learn more about the Florida House Bill 473 or also known as the Cybersecurity Incident Bill and get insights into how to stay compliant and minimize risks in your organization.    #AIGovernance #AI #AIforbusiness https://lnkd.in/dR6i5ni7

*Resisting Hindsight Bias: A Proposed Framework for #CISO #Liability* We propose that the SEC charges a CISO only when the CISO: (i) was affirmatively involved in alleged misconduct unrelated to the cybersecurity function; (ii) sought to mislead or obstruct an SEC investigation; or (iii) where there is a “wholesale failure” of the CISO “in carrying out responsibilities https://lnkd.in/dnQsgBry

#MSPs shouldn’t be intimidated by the idea of learning the ins and outs of multiple cybersecurity regulations. While you need to be the expert, requirements in each of these areas are quite similar. MSPs *don’t* need to start from scratch with each. You can often take security controls that serve one compliance framework and map them across the board. MSPs that capitalize on the opportunities presented by new and evolving compliance regulations can not only solidify their position in the market but better foster long-term client relationships. Beachhead Solutions' Cam Roberson writes for SmarterMSP about how MSPs can unlock business growth by navigating the compliance maze, with particular attention on FTC Safeguards, HIPAA, and CMMC 2.0 👇 https://lnkd.in/d2r8qaDD

MSPs' potential clients are recognizing the inadequacy of more basic security measures to mitigate increasingly complex cyberthreats and stand up to more stringent cybersecurity mandates. This is creating a crucial window for MSPs to demonstrate their value as trusted advisors, with 1) knowledge of the ins and outs of complex cybersecurity mandates, and 2) a comprehensive suite of services that address these ever-increasing compliance demands. See my article below, in SmarterMSP, on the growing compliance-related business opportunity for MSPs right now

Tim Brown’s recent call for global cybersecurity laws following his victory against the SEC highlights the urgent need for clearer regulations in the digital landscape. After facing personal liability for the 2020 SolarWinds breach, Brown’s case exposes the legal uncertainty that CISOs navigate as they defend critical infrastructure. As he pointed out, "When you don't have rules to follow, it's very hard to follow them," emphasizing the pressure this creates for cybersecurity leaders. Brown’s push for a cyber equivalent of the Sarbanes-Oxley Act underscores the necessity for global, standardized laws that address the rapidly evolving threats in cyberspace and offer better protections for companies and the professionals responsible for their security. CyberRisk Alliance | CyberRisk Collaborative | Cybersecurity Collaboration Forum #CyberSecurity #CISO #Leadership #TimBrown #SolarWinds #CyberLaws #DataBreach #DigitalTransformation

Is it the CISO’s fault if there is a breach? Interesting article from Raconteur | B Corp™ . With more regulations directly stimulating minimum security standards are reached, os it really down to the CISO if an incident occurs. ….I doubt it. (Acknowledging there are situations where they would be culpable) In a recent round table with a group of senior IT and IT security professionals the consensus was that communicating with the board to secure funding for cyber security measures was extremely difficult. Many also commented that they had little understanding of how to overcome this hurdle. It strikes me that most businesses that are inadequately managing their cyber security risks are probably doing through poor investment in mitigations, probably with an IT professional tearing his hair out after every board meeting! In this case a breach actualy represents the boards mismanagment of risk rather than incompetence of the CISO. Thoughts?