The title chief security officer (CSO) was first used principally inside the information technology function to designate the person responsible for IT security. At many companies, the term CSO is still used in this way. Chief information security officer (CISO) is perhaps a more accurate description of this position, and today the CISO title is becoming more prevalent for leaders with an exclusive information security focus. But the distinction is not necessarily clean cut, as we’ll see in a moment.
The CSO title is also used at some companies to describe the leader of the “corporate security” function, which includes the physical security and safety of employees, facilities, and assets. More commonly, this person holds a title such as vice president or director of corporate security. Historically, corporate security and information security have been handled by separate (and sometimes feuding) departments.
by Grant Gross Print this article Energy systems are vulnerable because a majority of the industrial control systems have been in place for decades and are just not equipped for the threats that exist today. (Graeme Jennings / Washington Examiner)
President Joe Biden s $2.3 trillion infrastructure proposal includes funding to encourage cybersecurity improvements to the nation s energy infrastructure, including electrical grids.
The so-called American Jobs Plan includes $20 billion for energy infrastructure modernization grants to state, local, and tribal governments, with the money tied to the use of and compliance with 21st century energy, technology, and security standards, the White House said in a statement.
American Airlines flight 718, a Boeing 737 Max, is seen parked at its gate at Miami International Airport as passengers board for a flight to New York on December 29, 2020 in Miami, Florida. A campaign of remote access trojans is targeting the aerospace and travel industries. (Photo by Joe Raedle/Getty Images)
Microsoft Security Intelligence earlier this week tweeted out that it has been tracking a campaign of remote access trojans (RATs) targeting the aerospace and travel industries with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AysncRAT.
As part of the tweet exchange it was pointed out that attackers use the RATs for data theft, follow-on activity and additional payloads, including Agent Tesla, which they use for data exfiltration. The loader is under active development and is dubbed Snip3 by Morphisec.
A set of flaws in a widely used network communication protocol that could affect millions of devices has been revealed by Forescout Research Labs and JSOF Research. The nine vulnerabilities discovered by security researchers dramatically increase the attack surface of at least 100 million Internet of Things devices, exposing them to potential attacks that could take the devices offline or to be hijacked by threat actors.