Skip to content
View in the app

A better way to browse. Learn more.
hosang I.T.

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

CSOonline

Members

  • Joined

  • Last visited

    Never
View Profile Find content

Everything posted by CSOonline

  1. 10 Anzeichen für einen schlechten CSO

    CSOonline posted a techarticle in Security
    Sind IT-Mitarbeiter unzufrieden, kann das an schlechten Führungskräften oder an einer unzureichenden IT-Strategie liegen. Foto: fizkes – shutterstock.com Unternehmen können die für sie allgemein schlechte Lage am Arbeitsmarkt kaum beeinflussen. Doch sie können einige Faktoren vermeiden, die zu Kündigungen durch Mitarbeitende führen. Dazu gehört insbesondere eine schlechte Führung, die fähige Fachkräfte vergrault. Hier sind die 10 wichtigsten Anzeichen, an denen Unternehmen erkennen können, ob ihr CSO eine gute Führungskraft ist. 1. Keine langfristige Strategie CISOs und CSOs müssen den Weg erkennen, auf dem das Team und die Systeme vom gegenwärtigen Status zum gewünschten künftigen Zustand gelangen. Schlechtes IT-Security-Management verfügt nicht über diese Fähigkeit und lässt sich an ständig veränderten Ausrichtungen und Zick-Zack-Kursen erkennen. Häufig werden Komplexität, Organisationsform und Kosten als Ausrede benutzt, nichts zu machen. Lesetipp: So überzeugen Sie Ihre Geschäftsführer von Security-Investitionen 2. Von einer Krise zur nächsten CSOs mit schlechtem Sicherheits-Management fehlt nicht nur das vorausschauende, strategische und methodische Vorgehen. Sie tun sich außerdem schwer, potenzielle Probleme zu erkennen oder Krisen vorherzusehen. Daher verbringen schlechte Security-Manager die meiste Zeit damit, von einer Krise zur nächsten zu hecheln – und hindern somit ihr Team daran, gezielt Fortschritte zu erreichen. 3. Nur Worte statt Taten Es ist leicht, über Probleme zu reden. Viel schwieriger ist es, sie zu verstehen, die Ursachen zu analysieren, einen Plan zu ihrer Lösung zu entwickeln und diesen Plan erfolgreich umzusetzen. Schlechte Security-Manager reden nur über Probleme, aber suchen nicht nach neuen Lösungen und beheben sie nicht. 4. Keine Dokumentation Besprochene Punkte sollten aufgeschrieben werden. Das bringt Gewissheit, Orientierung und Verantwortlichkeit für alle Beteiligten. Doch leider glauben viele Manager oft, dass die Aufzeichnungen irgendwann gegen sie verwendet werden. Wenn es jedoch keine schriftliche Vereinbarung gibt, die unterschiedliche Ansichten klärt, führt dies im Team häufig zu Unsicherheit und Verwirrung. 5. Schlechte Kommunikation Sicherheitsverantwortliche müssen Vertrauen bei Teammitgliedern, Führungskräften, Kunden, Partnern und anderen Beteiligten für ihre Pläne aufbauen. Dazu benötigen sie gute Kommunikationsfähigkeiten. Wer darüber nicht verfügt, kann kaum seine Ideen durchsetzen. Dies gefährdet die Sicherheitslage des Unternehmens. 6. Fragen bleiben unbeantwortet Schlechte Security-Manager befürchten, dass sie für Antworten auf schwierige Fragen zur Rechenschaft gezogen werden. Daher weichen sie ihnen aus, wechseln das Thema, schinden Zeit oder erfinden Ausreden. So schwindet das Vertrauen schnell. 7. Ausweichen vor schwierigen Entscheidungen Gerade schwierige Entscheidungen zeigen die Qualität einer Führungskraft. Wer versucht, diese auf andere abzuwälzen oder sich sonst davor drückt, sollte ersetzt werden. Denn ausbleibende Entscheidungen führen dazu, dass Security-Teams und -Systeme im alten Zustand bleiben und die Sicherheitslage des Unternehmens nicht verbessert wird. 8. Selbstfixierte Führungskräfte Gute Führungskräfte hören zu, bevor sie sprechen. Sie stellen ihr Team über sich selbst und kümmern sich um alles Notwendige, damit es erfolgreich ist. Schlechte Führungskräfte konzentrieren sich dagegen auf sich selbst. Sie berücksichtigen nicht die Bedürfnisse ihres Teams. So kommen Initiativen nicht voran, Frustration und Enttäuschung nehmen zu. 9. Unterdrückung von Talenten Jede Führungskraft sollte Talente fördern und einen vertrauensvollen Umgangston kultivieren. Wer Angst davor hat, dass junge Menschen schlauer oder besser sein könnten, ist fehl am Platz. Wenn gezielt Talente unterdrückt werden, kann sich eine Organisation nicht erfolgreich weiterentwickeln. Lesetipp: 10 Tipps, wie sie Top-Talente halten 10. Beansprucht Erfolge für sich Bei jedem Mitarbeitenden ist es ein schlechtes Zeichen, wenn er alle Erfolge für sich beansprucht, aber bei Problemen sofort mit dem Finger auf andere zeigt. Erst recht gilt dies für Führungskräfte. Dieses Verhalten lässt sich kaschieren, solange sie Verbündete besitzen, die sie decken. Doch eher früher als später sollten Unternehmen Konsequenzen ziehen. Die Führung wirkt sich auf die Sicherheit aus Die Fluktuation von Mitarbeitenden lässt sich zwar nicht vollständig vermeiden, aber bremsen. Ein wichtiger Hebel ist dabei das Erkennen schwacher Führungskräfte. Vor allem im Security-Bereich geht es dabei nicht nur um den internen Umgang miteinander, sondern auch um die Sicherheitslage des gesamten Unternehmens. So sollte ein unfähiges Security-Management umgehend verändert werden, um das Risiko für das gesamte Unternehmen und die Security-Abteilung zu verringern. Dann sind die Mitarbeitenden nicht mehr frustriert, demotiviert und demoralisiert, sondern können effektiv die Sicherheitslage ihres Unternehmens verbessern. (ms) View the full article

  2. SolarWinds, again: Critical RCE bugs reopen old wounds for enterprise security teams

    CSOonline posted a techarticle in Security
    SolarWinds is yet again disclosing security vulnerabilities in one of its widely-used products. The company has released updates to patch six critical authentication bypass and remote command execution vulnerabilities in its Web Help Desk (WHD) IT software. These flaws could allow attackers to bypass authentication, perform remote code execution (RCE), and access certain functionality that should be gated. Of the six, four are rated “critical” (9.8 out of 10 on the CVE severity scale), while the others are “high” (7.5 and 8.1 severity). Because WHD has been actively exploited in the past, admins are advised to patch their vulnerable servers immediately, by upgrading to Web Help Desk 2026.1. “We already know what happens if you compromise SolarWinds,” said David Shipley of Beauceron Security. “There’s a massive downstream risk. It’s critical that things are patched, updated, resolved as quickly as possible.” ‘RCE’: The three letters no security leader wants to hear SolarWinds says it has more than 300,000 customers around the world, including a large portion of the Fortune 500 and major government and defense agencies. The company’s WHD product is popular among these organizations. The vulnerabilities were discovered by independent researchers from watchTowr and Horizon3.ai. They include: Remote code execution and data deserialization vulnerabilities CVE-2025-40551 (critical) and CVE-2025-40553 (critical); Authentication and bypass security flaws CVE-2025-40552 (critical), CVE-2025-40554 (critical), CVE-2025-40536 (high), and CVE-2025-40537 (high). CVE-2025-40551 and CVE-2025-40553 make WHD susceptible to untrusted data deseralization that could allow attackers to run commands on the host machine. The flaw could be exploited without authentication. The other two critical vulnerabilities, CVE-2025-40552 and CVE-2025-40554, are authentication bypasses which, if exploited, could allow attackers to invoke specific actions within Web Help Desk that should have been automatically protected by authentication. “Those are three letters you never want to hear: ‘I got RCE’d’,” said Beauceron’s Shipley, noting that data deserialization can expose enterprise secrets. “That’s the worst. You really, really, really don’t want an RCE.” The four critical bugs are typically very reliable to exploit due to their deserialization and authentication logic flaws, noted Ryan Emmons, security researcher at Rapid7. “For attackers, that’s good news, because it means avoiding lots of bespoke exploit development work like you’d see with other less reliable bug classes.” Instead, attackers can use a standardized malicious payload across many vulnerable targets, Emmons noted. “If exploitation is successful, the attackers gain full control of the software and all the information stored by it, along with the potential ability to move laterally into other systems.” Meanwhile, the high-severity vulnerability CVE-2025-40536 would allow threat actors to bypass security controls and gain access to certain functionalities that should be restricted only to authenticated users. Finally, CVE-2025-40537 is a hardcoded credentials vulnerability that, “under certain situations,” could provide access to administrative functions. How enterprises should respond SolarWinds provides detailed instructions for upgrading vulnerable servers to Web Help Desk 2026.1. Security teams must be vigilant on this, analysts emphasize. Emmons advised that the most important things defenders can do right now are upgrade to the latest version on an emergency basis, and investigate any anomalous activity on servers that might have been targeted. “These are bugs that likely won’t take long to develop weaponized exploits for, so time is of the essence for the best outcome,” he emphasized. SolarWinds’ troubles just keep going on These vulnerabilities reflect an unfortunate pattern for SolarWinds, whose WHD has repeatedly been under attack. Most recently, in September, the software company addressed a second patch bypass (CVE-2025-26399) for a WHD RCE flaw that was flagged a year earlier by the Cybersecurity and Infrastructure Security Agency (CISA) as being actively exploited. Also in 2024, the federal agency called out a credential flaw hardcoded into WHD. “It’s like, ‘not again,’” said Shipley. “Everyone has this visceral, emotional reaction based on what happened to them five years ago.” Major breaches have a “brand blast radius, a brand half life,” he noted, and this may bring back “past traumas” for IT managers. SolarWinds is familiar to attackers, who realize it is a brand that could pay off. “It’s all about the rolling impact, the ROI side,” he said. Threat actors understand that they have a narrow attack window, and they want to maximize their chances for data exfiltration or ransom. And, if they’re nation-state state actors, the goal is to create “maximum havoc.” “It’s a perverse form of brand awareness that you never want,” said Shipley. While this incident is bad news, the good news is it’s not the same error, he noted. Also, in terms of RCEs, SolarWinds hasn’t been as impacted as Cisco and Fortinet, the latter of which has faced criticism over ‘silent’ patching. Vendors must get down past the symptom layer and address the root cause of vulnerabilities in programming logic, he said, pointing out, “they plug the hole, but don’t figure out why they keep having holes.” Ultimately, he said, “this is unsustainably bad for IT managers. We’re hitting the breaking point.” In the US, cybersecurity should be a regulatory priority; while it was an area of focus for the previous administration, there’s been a “complete U-turn” under the current regime. “The only way out of this mess is to have better code,” Shipley noted. But, “we are now doomed to the legacy code, [plus whatever vibe code adds to the mix]. The levees are going to break soon. We’re going to have our code Katrina moment,” he said. View the full article

  3. SolarWinds, again: Critical RCE bugs reopen old wounds for enterprise security teams

    CSOonline posted a techarticle in Security
    SolarWinds is yet again disclosing security vulnerabilities in one of its widely-used products. The company has released updates to patch six critical authentication bypass and remote command execution vulnerabilities in its Web Help Desk (WHD) IT software. These flaws could allow attackers to bypass authentication, perform remote code execution (RCE), and access certain functionality that should be gated. Of the six, four are rated “critical” (9.8 out of 10 on the CVE severity scale), while the others are “high” (7.5 and 8.1 severity). Because WHD has been actively exploited in the past, admins are advised to patch their vulnerable servers immediately, by upgrading to Web Help Desk 2026.1. “We already know what happens if you compromise SolarWinds,” said David Shipley of Beauceron Security. “There’s a massive downstream risk. It’s critical that things are patched, updated, resolved as quickly as possible.” ‘RCE’: The three letters no security leader wants to hear SolarWinds says it has more than 300,000 customers around the world, including a large portion of the Fortune 500 and major government and defense agencies. The company’s WHD product is popular among these organizations. The vulnerabilities were discovered by independent researchers from watchTowr and Horizon3.ai. They include: Remote code execution and data deserialization vulnerabilities CVE-2025-40551 (critical) and CVE-2025-40553 (critical); Authentication and bypass security flaws CVE-2025-40552 (critical), CVE-2025-40554 (critical), CVE-2025-40536 (high), and CVE-2025-40537 (high). CVE-2025-40551 and CVE-2025-40553 make WHD susceptible to untrusted data deseralization that could allow attackers to run commands on the host machine. The flaw could be exploited without authentication. The other two critical vulnerabilities, CVE-2025-40552 and CVE-2025-40554, are authentication bypasses which, if exploited, could allow attackers to invoke specific actions within Web Help Desk that should have been automatically protected by authentication. “Those are three letters you never want to hear: ‘I got RCE’d’,” said Beauceron’s Shipley, noting that data deserialization can expose enterprise secrets. “That’s the worst. You really, really, really don’t want an RCE.” The four critical bugs are typically very reliable to exploit due to their deserialization and authentication logic flaws, noted Ryan Emmons, staff security researcher at Rapid7. “For attackers, that’s good news, because it means avoiding lots of bespoke exploit development work like you’d see with other less reliable bug classes.” Instead, attackers can use a standardized malicious payload across many vulnerable targets, Emmons noted. “If exploitation is successful, the attackers gain full control of the software and all the information stored by it, along with the potential ability to move laterally into other systems.” Meanwhile, the high-severity vulnerability CVE-2025-40536 would allow threat actors to bypass security controls and gain access to certain functionalities that should be restricted only to authenticated users. Finally, CVE-2025-40537 is a hardcoded credentials vulnerability that, “under certain situations,” could provide access to administrative functions. How enterprises should respond SolarWinds provides detailed instructions for upgrading vulnerable servers to Web Help Desk 2026.1. Security teams must be vigilant on this, analysts emphasize. Emmons advised that the most important things defenders can do right now are upgrade to the latest version on an emergency basis, and investigate any anomalous activity on servers that might have been targeted. “These are bugs that likely won’t take long to develop weaponized exploits for, so time is of the essence for the best outcome,” he emphasized. SolarWinds’ troubles just keep going on These vulnerabilities reflect an unfortunate pattern for SolarWinds, whose WHD has repeatedly been under attack. Most recently, in September, the software company addressed a second patch bypass (CVE-2025-26399) for a WHD RCE flaw that was flagged a year earlier by the Cybersecurity and Infrastructure Security Agency (CISA) as being actively exploited. Also in 2024, the federal agency called out a credential flaw hardcoded into WHD. “It’s like, ‘not again,’” said Shipley. “Everyone has this visceral, emotional reaction based on what happened to them five years ago.” Major breaches have a “brand blast radius, a brand half life,” he noted, and this may bring back “past traumas” for IT managers. SolarWinds is familiar to attackers, who realize it is a brand that could pay off. “It’s all about the rolling impact, the ROI side,” he said. Threat actors understand that they have a narrow attack window, and they want to maximize their chances for data exfiltration or ransom. And, if they’re nation-state state actors, the goal is to create “maximum havoc.” “It’s a perverse form of brand awareness that you never want,” said Shipley. While this incident is bad news, the good news is it’s not the same error, he noted. Also, in terms of RCEs, SolarWinds hasn’t been as impacted as Cisco and Fortinet, the latter of which has faced criticism over ‘silent’ patching. Vendors must get down past the symptom layer and address the root cause of vulnerabilities in programming logic, he said, pointing out, “they plug the hole, but don’t figure out why they keep having holes.” Ultimately, he said, “this is unsustainably bad for IT managers. We’re hitting the breaking point.” In the US, cybersecurity should be a regulatory priority; while it was an area of focus for the previous administration, there’s been a “complete U-turn” under the current regime. “The only way out of this mess is to have better code,” Shipley noted. But, “we are now doomed to the legacy code, [plus whatever vibe code adds to the mix]. The levees are going to break soon. We’re going to have our code Katrina moment,” he said. View the full article

  4. Crooks are hijacking and reselling AI infrastructure: Report

    CSOonline posted a techarticle in Security
    For years, CSOs have worried about their IT infrastructure being used for unauthorized cryptomining. Now, say researchers, they’d better start worrying about crooks hijacking and reselling access to exposed corporate AI infrastructure. In a report released Wednesday, researchers at Pillar Security say they have discovered campaigns at scale going after exposed large language model (LLM) and MCP endpoints – for example, an AI-powered support chatbot on a website. “I think it’s alarming,” said report co-author Ariel Fogel. “What we’ve discovered is an actual criminal network where people are trying to steal your credentials, steal your ability to use LLMs and your computations, and then resell it.” “It depends on your application, but you should be acting pretty fast by blocking this kind of threat,” added co-author Eilon Cohen. “After all, you don’t want your expensive resources being used by others. If you deploy something that has access to critical assets, you should be acting right now.” Kellman Meghu, chief technology officer at Canadian incident response firm DeepCove Security, said that this campaign “is only going to grow to some catastrophic impacts. The worst part is the low bar of technical knowledge needed to exploit this.” How big are these campaigns? In the past couple of weeks alone, the researchers’ honeypots captured 35,000 attack sessions hunting for exposed AI infrastructure. “This isn’t a one-off attack,” Fogel added. “It’s a business.” He doubts a nation-state it behind it; the campaigns appear to be run by a small group. The goals: To steal compute resources for use by unauthorized LLM inference requests, to resell API access at discounted rates through criminal marketplaces, to exfiltrate data from LLM context windows and conversation history, and to pivot to internal systems via compromised MCP servers. Two campaigns The researchers have so far identified two campaigns: One, dubbed Operation Bizarre Bazaar, is targeting unprotected LLMs. The other campaign targets Model Context Protocol (MCP) endpoints. It’s not hard to find these exposed endpoints. The threat actors behind the campaigns are using familiar tools: The Shodan and Censys IP search engines. At risk: Organizations running self-hosted LLM infrastructure (such as Ollama, software that processes a request to the LLM model behind an application; vLLM, similar to Ollama but for high performance environments; and local AI implementations) or those deploying MCP servers for AI integrations. Targets include: exposed endpoints on default ports of common LLM inference services; unauthenticated API access without proper access controls; development/staging environments with public IP addresses; MCP servers connecting LLMs to file systems, databases and internal APIs. Common misconfigurations leveraged by these threat actors include: Ollama running on port 11434 without authentication; OpenAI-compatible APIs on port 8000 exposed to the internet; MCP servers accessible without access controls; development/staging AI infrastructure with public IPs; production chatbot endpoints (customer support, sales bots) without authentication or rate limiting. George Gerchow, chief security officer at Bedrock Data, said Operation Bizarre Bazaar “is a clear sign that attackers have moved beyond ad hoc LLM abuse and now treat exposed AI infrastructure as a monetizable attack surface. What’s especially concerning isn’t just unauthorized compute use, but the fact that many of these endpoints are now tied to the Model Context Protocol (MCP), the emerging open standard for securely connecting large language models to data sources and tools. MCP is powerful because it enables real-time context and autonomous actions, but without strong controls, those same integration points become pivot vectors into internal systems.” Defenders need to treat AI services with the same rigor as APIs or databases, he said, starting with authentication, telemetry, and threat modelling early in the development cycle. “As MCP becomes foundational to modern AI integrations, securing those protocol interfaces, not just model access, must be a priority,” he said. In an interview, Pillar Security report authors Eilon Cohen and Ariel Fogel couldn’t estimate how much revenue threat actors might have pulled in so far. But they warn that CSOs and infosec leaders had better act fast, particularly if an LLM is accessing critical data. Their report described three components to the Bizarre Bazaar campaign: the scanner: a distributed bot infrastructure that systematically probes the internet for exposed AI endpoints. Every exposed Ollama instance, every unauthenticated vLLM server, every accessible MCP endpoint gets cataloged. Once an endpoint appears in scan results, exploitation attempts begin within hours; the validator: Once scanners identify targets, infrastructure tied to an alleged criminal site validates the endpoints through API testing. During a concentrated operational window, the attacker tested placeholder API keys, enumerated model capabilities and assessed response quality; the marketplace: Discounted access to 30+ LLM providers is being sold on a site called The Unified LLM API Gateway. It’s hosted on bulletproof infrastructure in the Netherlands and marketed on Discord and Telegram. So far, the researchers said, those buying access appear to be people building their own AI infrastructure and trying to save money, as well as people involved in online gaming. Threat actors may not only be stealing AI access from fully developed applications, the researchers added. A developer trying to prototype an app, who, through carelessness, doesn’t secure a server, could be victimized through credential theft as well. Joseph Steinberg, a US-based AI and cybersecurity expert, said the report is another illustration of how new technology like artificial intelligence creates new risks and the need for new security solutions beyond the traditional IT controls. CSOs need to ask themselves if their organization has the skills needed to safely deploy and protect an AI project, or whether the work should be outsourced to a provider with the needed expertise. Mitigation Pillar Security said CSOs with externally-facing LLMs and MCP servers should: enable authentication on all LLM endpoints. Requiring authentication eliminates opportunistic attacks. Organizations should verify that Ollama, vLLM, and similar services require valid credentials for all requests; audit MCP server exposure. MCP servers must never be directly accessible from the internet. Verify firewall rules, review cloud security groups, confirm authentication requirements; block known malicious infrastructure. Add the 204.76.203.0/24 subnet to deny lists. For the MCP reconnaissance campaign, block AS135377 ranges; implement rate limiting. Stop burst exploitation attempts. Deploy WAF/CDN rules for AI-specific traffic patterns; audit production chatbot exposure. Every customer-facing chatbot, sales assistant, and internal AI agent must implement security controls to prevent abuse. Don’t give up Despite the number of news stories in the past year about AI vulnerabilities, Meghu said the answer is not to give up on AI, but to keep strict controls on its usage. “Do not just ban it, bring it into the light and help your users understand the risk, as well as work on ways for them to use AI/LLM in a safe way that benefits the business,” he advised. “It is probably time to have dedicated training on AI use and risk,” he added. “Make sure you take feedback from users on how they want to interact with an AI service and make sure you support and get ahead of it. Just banning it sends users into a shadow IT realm, and the impact from this is too frightening to risk people hiding it. Embrace and make it part of your communications and planning with your employees.” View the full article

  5. Crooks are hijacking and reselling AI infrastructure: Report

    CSOonline posted a techarticle in Security
    For years, CSOs have worried about their IT infrastructure being used for unauthorized cryptomining. Now, say researchers, they’d better start worrying about crooks hijacking and reselling access to exposed corporate AI infrastructure. In a report released Wednesday, researchers at Pillar Security say they have discovered campaigns at scale going after exposed large language model (LLM) and MCP endpoints – for example, an AI-powered support chatbot on a website. “I think it’s alarming,” said report co-author Ariel Fogel. “What we’ve discovered is an actual criminal network where people are trying to steal your credentials, steal your ability to use LLMs and your computations, and then resell it.” “It depends on your application, but you should be acting pretty fast by blocking this kind of threat,” added co-author Eilon Cohen. “After all, you don’t want your expensive resources being used by others. If you deploy something that has access to critical assets, you should be acting right now.” Kellman Meghu, chief technology officer at Canadian incident response firm DeepCove Security, said that this campaign “is only going to grow to some catastrophic impacts. The worst part is the low bar of technical knowledge needed to exploit this.” How big are these campaigns? In the past couple of weeks alone, the researchers’ honeypots captured 35,000 attack sessions hunting for exposed AI infrastructure. “This isn’t a one-off attack,” Fogel added. “It’s a business.” He doubts a nation-state it behind it; the campaigns appear to be run by a small group. The goals: To steal compute resources for use by unauthorized LLM inference requests, to resell API access at discounted rates through criminal marketplaces, to exfiltrate data from LLM context windows and conversation history, and to pivot to internal systems via compromised MCP servers. Two campaigns The researchers have so far identified two campaigns: One, dubbed Operation Bizarre Bazaar, is targeting unprotected LLMs. The other campaign targets Model Context Protocol (MCP) endpoints. It’s not hard to find these exposed endpoints. The threat actors behind the campaigns are using familiar tools: The Shodan and Censys IP search engines. At risk: Organizations running self-hosted LLM infrastructure (such as Ollama, software that processes a request to the LLM model behind an application; vLLM, similar to Ollama but for high performance environments; and local AI implementations) or those deploying MCP servers for AI integrations. Targets include: exposed endpoints on default ports of common LLM inference services; unauthenticated API access without proper access controls; development/staging environments with public IP addresses; MCP servers connecting LLMs to file systems, databases and internal APIs. Common misconfigurations leveraged by these threat actors include: Ollama running on port 11434 without authentication; OpenAI-compatible APIs on port 8000 exposed to the internet; MCP servers accessible without access controls; development/staging AI infrastructure with public IPs; production chatbot endpoints (customer support, sales bots) without authentication or rate limiting. George Gerchow, CSO at Bedrock Data and an IANS faculty member, said Operation Bizarre Bazaar “is a clear sign that attackers have moved beyond ad hoc LLM abuse and now treat exposed AI infrastructure as a monetizable attack surface. What’s especially concerning isn’t just unauthorized compute use, but the fact that many of these endpoints are now tied to the Model Context Protocol (MCP), the emerging open standard for securely connecting large language models to data sources and tools. MCP is powerful because it enables real-time context and autonomous actions, but without strong controls, those same integration points become pivot vectors into internal systems.” Defenders need to treat AI services with the same rigor as APIs or databases, he said, starting with authentication, telemetry, and threat modelling early in the development cycle. “As MCP becomes foundational to modern AI integrations, securing those protocol interfaces, not just model access, must be a priority,” he said. In an interview, Pillar Security report authors Eilon Cohen and Ariel Fogel couldn’t estimate how much revenue threat actors might have pulled in so far. But they warn that CSOs and infosec leaders had better act fast, particularly if an LLM is accessing critical data. Their report described three components to the Bizarre Bazaar campaign: the scanner: a distributed bot infrastructure that systematically probes the internet for exposed AI endpoints. Every exposed Ollama instance, every unauthenticated vLLM server, every accessible MCP endpoint gets cataloged. Once an endpoint appears in scan results, exploitation attempts begin within hours; the validator: Once scanners identify targets, infrastructure tied to an alleged criminal site validates the endpoints through API testing. During a concentrated operational window, the attacker tested placeholder API keys, enumerated model capabilities and assessed response quality; the marketplace: Discounted access to 30+ LLM providers is being sold on a site called The Unified LLM API Gateway. It’s hosted on bulletproof infrastructure in the Netherlands and marketed on Discord and Telegram. So far, the researchers said, those buying access appear to be people building their own AI infrastructure and trying to save money, as well as people involved in online gaming. Threat actors may not only be stealing AI access from fully developed applications, the researchers added. A developer trying to prototype an app, who, through carelessness, doesn’t secure a server, could be victimized through credential theft as well. Joseph Steinberg, a US-based AI and cybersecurity expert, said the report is another illustration of how new technology like artificial intelligence creates new risks and the need for new security solutions beyond the traditional IT controls. CSOs need to ask themselves if their organization has the skills needed to safely deploy and protect an AI project, or whether the work should be outsourced to a provider with the needed expertise. Mitigation Pillar Security said CSOs with externally-facing LLMs and MCP servers should: enable authentication on all LLM endpoints. Requiring authentication eliminates opportunistic attacks. Organizations should verify that Ollama, vLLM, and similar services require valid credentials for all requests; audit MCP server exposure. MCP servers must never be directly accessible from the internet. Verify firewall rules, review cloud security groups, confirm authentication requirements; block known malicious infrastructure. Add the 204.76.203.0/24 subnet to deny lists. For the MCP reconnaissance campaign, block AS135377 ranges; implement rate limiting. Stop burst exploitation attempts. Deploy WAF/CDN rules for AI-specific traffic patterns; audit production chatbot exposure. Every customer-facing chatbot, sales assistant, and internal AI agent must implement security controls to prevent abuse. Don’t give up Despite the number of news stories in the past year about AI vulnerabilities, Meghu said the answer is not to give up on AI, but to keep strict controls on its usage. “Do not just ban it, bring it into the light and help your users understand the risk, as well as work on ways for them to use AI/LLM in a safe way that benefits the business,” he advised. “It is probably time to have dedicated training on AI use and risk,” he added. “Make sure you take feedback from users on how they want to interact with an AI service and make sure you support and get ahead of it. Just banning it sends users into a shadow IT realm, and the impact from this is too frightening to risk people hiding it. Embrace and make it part of your communications and planning with your employees.” View the full article

  6. Critical bug in popular vm2 Node.js sandboxing library puts projects at risk

    CSOonline posted a techarticle in Security
    A critical vulnerability has been patched in vm2, a widely used library for the Node.js JavaScript runtime that allows untrusted code to be executed inside a sandbox within the same process as trusted application code. The flaw allows for a sandbox escape, which is as serious as it gets for a software component whose primary goal is enforcing a security boundary between trusted and untrusted code. The vm2 library, which is listed as a dependency by almost 900 other packages on NPM and many projects on GitHub, is not a stranger to sandbox escape vulnerabilities. In fact, in July 2023, its creator decided to stop maintaining the project and deprecate it after one such vulnerability. Despite the project being unmaintained, in the absence of good alternatives, people have kept using it, leading to millions of downloads every month. In October 2025, the original maintainer decided to resurrect the project after patching all past vulnerabilities and announcing plans to rewrite it in TypeScript. The new vulnerability patched this week is tracked as CVE-2026-22709 and affects versions older than 3.10.2. Users are advised to upgrade to the latest version as soon as possible. “In vm2 for version 3.10.0, Promise.prototype.then Promise.prototype.catch callback sanitization can be bypassed,” the official advisory reads. “This allows attackers to escape the sandbox and run arbitrary code.” Sandboxing is a cat-and-mouse game Sandboxes like vm2 are needed by web and other Node-based applications whose functionality enables users or tools to upload and execute scripts. Because user-controlled code is untrusted by nature, it cannot be allowed to execute in the same context as the application itself. Yet the host application needs to monitor and see what the code does. The vm2 library achieves this through a complex network of proxies that intercept and mediate interactions between the sandbox and the host environment. But the complexity of JavaScript means there will likely always be a way to trick this chain of proxies. The project is honest about this in its description: “Objects can be accessed through prototype chains, constructors can be reached via error objects, symbols provide protocol hooks, and async execution creates timing windows. The sheer number of ways to traverse from one object to another in JavaScript makes building an airtight in-process sandbox extremely difficult.” The maintainer clearly warns that new bypasses will likely be discovered in the future and while they will be patched, the cat-and-mouse game will continue. In his announcement about the project’s resurrection in October, he noted that he hopes AI-assisted vulnerability detection will help catch more of these issues in the future. There are other alternatives to isolate code that would provide stronger security guarantees, such as full process sandboxing, virtual machines, containers, and more. But they come with heavier performance costs or add other complexities and hurdles. Not to mention, those approaches are not vulnerability-free either. The maintainer advises that vm2 should only be used when: You need tight integration with host objects and fast synchronous communication The untrusted code comes from a relatively trusted source (e.g., internal tools, plugin systems with vetted authors) You combine vm2 with other security layers (network isolation, filesystem restrictions, resource limits) You accept the risk and actively monitor for security updates View the full article

  7. Palo Alto unveils Quantum-Safe Security to mitigate cryptographic risk

    CSOonline posted a techarticle in Security
    Palo Alto Networks unveiled its Quantum-Safe Security solution at the company’s virtual Quantum-Safe Summit Tuesday. The solution is designed to help organizations prepare for the post-quantum era by addressing the transition from current cryptography to quantum-resistant algorithms without disrupting business. Among the platform’s key features is its continuous, real-time cryptographic visibility. Quantum-Safe acts as a central intelligence layer, collecting telemetry and logs from network infrastructure — such as PAN-OS NGFW and Prisma Access — and enriching them with data from an ecosystem of third-party security tools, according to the company. The feature enables the discovery and cataloging of applications, systems, infrastructure, and IoT devices, and it facilitates analysis of cryptographic traffic behavior, including protocols, encryption algorithms, key exchange mechanisms, certificates, and libraries used. At the summit, Palo Alto CEO Nikesh Arora stressed that quantum computing is reaching a turning point similar to that of artificial intelligence. “It’s no longer a laboratory project, and its ability to solve problems at high speed is approaching production environments,” he said. According to Arora and other technology experts, the technology poses a critical security challenge. “Quantum computers will be able to break cryptographic keys much faster than current systems, putting everything from private communications to digital assets like Bitcoin at risk,” he explained. Due to the threat of “harvest now, decrypt later” techniques, in which encrypted data collected today could be decrypted more readily in the future with quantum computing, urgency to address post-quantum cryptography is rising. “Regulators and companies are already demanding quantum transition plans to protect critical infrastructure and ensure operational continuity,” Arora said. To that end, Palo Alto’s Quantum-Safe Security solution offers advanced cryptographic risk assessment and prioritization, correlating encryption strength with business criticality and data lifecycle. This identifies immediate exposures (“harvest now, decrypt later” risks) and high-value assets requiring priority migration, providing security teams with a clear, impact-based roadmap. Another key feature is its remediation approach, which guides the transition in several stages. The solution helps modernize infrastructures to achieve a “quantum ready” state, activate post-quantum or hybrid (quantum-safe) algorithms, and, in the case of legacy systems or devices that cannot be upgraded, apply virtual patching through encryption translation. This mechanism enables vulnerable traffic to be re-encrypted in real-time with secure quantum standards, without modifying existing applications or code. Quantum-Safe Security also incorporates a robust governance and ongoing compliance framework. It automates crypto hygiene management, maintains a dynamic cryptographic inventory (CBOM), and detects deviations or the use of weak ciphers in real-time. Furthermore, it facilitates regulatory compliance through automated reporting and audits aligned with global standards and regulations such as NIST, FIPS 140-3, and DORA. The solution is designed to integrate with existing security and operations systems, including SIEM, EDR, load balancers, and vulnerability management tools, enabling a scalable, gradual transition compatible with complex business environments. “Waiting for the hardware to be available to act could leave critical systems years behind, with serious risks to security and operational continuity,” Arora noted at the event. “The ability to break cryptography will force companies, governments, and regulators to anticipate, adapt, and protect critical data before this technology becomes fully operational. Those who act proactively will be able to mitigate risks and ensure business continuity in the new quantum era,” he said. View the full article

  8. Massives Datenleck bedroht rund 150 Millionen Benutzer

    CSOonline posted a techarticle in Security
    Digineer Station – shutterstock.com Der Cybersicherheitsforscher Jeremiah Fowler deckte kürzlich ein Datenleck mit 149 Millionen Login-Daten auf. Zu den Opfern zählen vor allem Nutzer großer Tech-und Streaming-Anbieter. Aber auch Finanzdienstleistungskonten, Krypto-Wallets oder Handelskonten, Bank- und Kreditkarten-Logins tauchten in den offengelegten Datensätzen auf. Benutzernamen, Passwörter und Login-URLs Laut Forschungsbericht enthält die Datenbank jedoch nicht nur Benutzernamen und Passwörter im Klartext, sondern oft auch die direkten Login-URLs. Besonders stark betroffen sind Gmail-Konten mit 48 Millionen Einträgen, gefolgt von 17 Millionen Facebook-Logins und 6,5 Millionen Instagram-Accounts. Dem Forscher zufolge wurden die Daten mit Hilfe von Keylogging und einer Infostealer-Malware gesammelt. Warnung vor möglichen Risiken Die öffentlich zugänglichen Informationen stellen laut Fowler ein potenziell ernstes Sicherheitsrisiko dar. „Da die Daten E-Mail-Adressen, Benutzernamen, Passwörter und die genauen Anmelde-URLs enthalten, könnten Kriminelle potenziell automatisierte Credential-Stuffing-Angriffe durchführen“, warnt der Security-Spezialist. Dies erhöhe die Wahrscheinlichkeit von Betrug, potenziellem Identitätsdiebstahl, Finanzkriminalität und Phishing-Kampagnen, die legitim erscheinen könnten, da sie sich auf echte Konten und Dienste beziehen. Lesetipp: Datenbank mit 4,3 Milliarden Datensätzen offen im Netz View the full article

  9. Massives Datenleck bedroht rund 150 Millionen Benutzer

    CSOonline posted a techarticle in Security
    Digineer Station – shutterstock.com Der Cybersicherheitsforscher Jeremiah Fowler deckte kürzlich ein Datenleck mit 149 Millionen Login-Daten auf. Zu den Opfern zählen vor allem Nutzer großer Tech-und Streaming-Anbieter. Aber auch Finanzdienstleistungskonten, Krypto-Wallets oder Handelskonten, Bank- und Kreditkarten-Logins tauchten in den offengelegten Datensätzen auf. Benutzernamen, Passwörter und Login-URLs Laut Forschungsbericht enthält die Datenbank jedoch nicht nur Benutzernamen und Passwörter im Klartext, sondern oft auch die direkten Login-URLs. Besonders stark betroffen sind Gmail-Konten mit 48 Millionen Einträgen, gefolgt von 17 Millionen Facebook-Logins und 6,5 Millionen Instagram-Accounts. Dem Forscher zufolge wurden die Daten mit Hilfe von Keylogging und einer Infostealer-Malware gesammelt. Warnung vor möglichen Risiken Die öffentlich zugänglichen Informationen stellen laut Fowler ein potenziell ernstes Sicherheitsrisiko dar. „Da die Daten E-Mail-Adressen, Benutzernamen, Passwörter und die genauen Anmelde-URLs enthalten, könnten Kriminelle potenziell automatisierte Credential-Stuffing-Angriffe durchführen“, warnt der Security-Spezialist. Dies erhöhe die Wahrscheinlichkeit von Betrug, potenziellem Identitätsdiebstahl, Finanzkriminalität und Phishing-Kampagnen, die legitim erscheinen könnten, da sie sich auf echte Konten und Dienste beziehen. Lesetipp: Datenbank mit 4,3 Milliarden Datensätzen offen im Netz View the full article

  10. Critical FortiCloud SSO zero‑day forces emergency service disablement at Fortinet

    CSOonline posted a techarticle in Security
    Fortinet has disclosed a critical authentication bypass zero-day vulnerability affecting its FortiCloud single sign-on feature after the company took the emergency step of temporarily disabling the cloud authentication service globally to stop active exploitation. The US Cybersecurity and Infrastructure Security Agency added the vulnerability to its Known Exploited Vulnerabilities catalog the same day. The vulnerability, tracked as CVE-2026-24858, is the second critical FortiCloud SSO flaw Fortinet has addressed in recent weeks. The company patched two similar authentication bypass vulnerabilities, CVE-2025-59718 and CVE-2025-59719, in December. CVE-2026-24858 allowed attackers to compromise FortiGate firewalls, FortiManager, and FortiAnalyzer devices even when those systems were running the latest available firmware. Customers first reported breaches on January 20 and 21, with attackers creating new local administrator accounts on fully patched devices, Fortinet said in its advisory. Fortinet has begun releasing patches for affected products, but most fixed versions are still listed as “upcoming” in the company’s advisory. The company released FortiOS 7.4.11 to address the vulnerability, with additional patched versions expected shortly. “This vulnerability was found being exploited in the wild by two malicious FortiCloud accounts, which were locked out on January 22,” the advisory added. How the vulnerability works CVE-2026-24858 is “an authentication bypass using an alternate path or channel vulnerability” affecting FortiOS, FortiManager, and FortiAnalyzer, according to Fortinet’s advisory. The flaw carries a CVSS score of 9.4. The vulnerability “may allow an attacker with a FortiCloud account and a registered device to log into other devices registered to other accounts, if FortiCloud SSO authentication is enabled on those devices,” Fortinet said in the advisory. While FortiCloud SSO is not enabled in factory default settings, it automatically activates when administrators register devices to FortiCare through the GUI unless they manually disable the “Allow administrative login using FortiCloud SSO” toggle during registration. Fortinet noted that while exploitation has only been observed through FortiCloud SSO, “this issue is applicable to all SAML SSO implementations.” Attack details and indicators Fortinet’s investigation into the exploitation revealed attackers used two specific FortiCloud accounts: “[email protected]” and “[email protected],” though the company warned “these addresses may change in the future.” Fortinet identified multiple IP addresses associated with the attacks, including several Cloudflare-protected addresses that attackers used to obscure their activities. “Following authentication via SSO, it has been observed that the actor creates a local admin account with one of the following names,” Fortinet warned, listing accounts including “audit,” “backup,” “itadmin,” “secadmin,” “support,” and “system.” The attackers’ main operations focused on downloading customer configuration files and creating persistent admin accounts. Emergency cloud-side shutdown In response to the active exploitation, Fortinet disabled FortiCloud SSO across its entire cloud infrastructure on January 26 to protect customers from further attacks. The feature was re-enabled 24 hours later with a critical safeguard. “It was re-enabled on January 27 and no longer supports login from devices running vulnerable versions. Consequently, customers must upgrade to the latest versions listed below for the FortiCloud SSO authentication to function,” Fortinet explained. This server-side blocking means organizations running vulnerable versions cannot use FortiCloud SSO until they upgrade to patched releases, even though most of those patches are not yet available. Affected products and patch status The vulnerability affects FortiOS, FortiManager, FortiAnalyzer, and FortiProxy versions 7.0 through 7.6. Version 6.4 releases are not affected. Fortinet said it is still investigating whether FortiWeb and FortiSwitch Manager are also vulnerable. Fortinet’s advisory lists most patched versions as “upcoming,” with FortiOS 7.4.11 appearing to be the only released fix so far. The company’s upgrade tool provides recommended upgrade paths once patches become available. Federal deadline and immediate actions CISA’s addition of CVE-2026-24858 to the KEV catalog means federal civilian executive branch agencies must patch affected systems by February 17, 2026, or discontinue use of vulnerable products. The agency said the vulnerability “is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.” The company noted that “disabling FortiCloud SSO login on client side is not necessary at the moment,” though organizations can disable the feature locally through System Settings or CLI commands if desired. View the full article

  11. Sicarii ransomware locks your data and throws away the keys

    CSOonline posted a techarticle in Security
    A newly observed Sicarii ransomware strain contains a critical encryption key handling defect that can leave encrypted data unrecoverable, even if a victim pays the ransom or uses a provided decryptor. Analysts at the Halcyon Ransomware Research Center found that Sicarii generates fresh RSA key pairs for each execution and then discards the private key, leaving no recoverable key material for the encrypted systems. Organizations affected by this variant cannot rely on ransom negotiation or third-party decryptors to restore files unless there is evidence that the underlying flaw has been fixed in the specific sample that infected them. “The issue appears to stem from poor encryption key management rather than deliberate design,” said Sakshi Grover, senior research manager, cybersecurity at IDC. “This reflects a broader trend in the ransomware ecosystem, where low barriers to entry and rapid monetization take precedence over technical robustness.” Sicarii was first disclosed in December 2025, and has only a small track record of claimed victims, but its unusual technical attributes have forced researchers to claim it could have been vibe coded. Encryption defect breaks standard RaaS model Ransomware typically encrypts files using a public-key scheme where the attacker retains the private key or can regenerate it later, enabling a decryptor to work if the ransom is paid. Sicarii deviates from this model. In Halcyon observed samples, it generates a new RSA key pair entirely on the victim system during each execution and immediately discards the private key once encryption completes. The victims end up with no viable path to recover encrypted data, even if they cooperate with attackers or use a published decryptor tool. According to a Halcyon alert, enterprises should assume failed recovery through ransom-related decryptors unless there is independent verification that the defect was eliminated in that strain. “A Sicarii ransomware represents a nightmare scenario where traditional ransomware response strategies fail entirely,” said Agnidipta Sarkar, chief evangelist at ColorTokens. “As no decryptor can reconstruct the discarded private keys, enterprises will stare at ‘assume total data destruction,’ amplifying financial, operational, and reputational damage.” Absence of a decryptor-based recovery forces organizations to plan for complete recovery through backups and alternate operational restoration methods, changing the cost-benefit analysis for them. This also heightens the importance of pre-existing, secure backup infrastructure and rapid isolation. Halcyon urged organizations to focus on immediate containment and restoration rather than ransom-based recovery. Affected systems should be isolated, the scope of infection identified, and operations restored only from known-good, offline, or immutable backups. “Enterprises must invest in proactive zero trust micro-segmentation that is designed to be adopted in hours, leveraging existing EDR, agents, agentless mechanisms to contain threats at the initial access point, preventing encryption from spreading,” Sarkar added. Unusual technical profile hints at vibe-coding One possible explanation for Sicarii’s broken encryption flow is immature or poorly implemented development practices. The ransomware’s failure to retain usable keys is inconsistent with established ransomware design and suggests it may have been assembled without rigorous testing or a clear understanding of operational consequences, or even vibe-coded. “Halcyon assesses with moderate confidence that the developers may have used AI-assisted tooling, which could have contributed to this implementation error,” the researchers said in the alert. A Check Point Research’s analysis earlier this month had also highlighted a set of unusual and internally inconsistent characteristics. According to the analysis, Sicarri incorporates Israeli and Jewish activity symbolism in its branding and messaging, yet much of its underground activity appears in Russian. Also, the Hebrew language used in the malware and communications contains errors indicative of non-native or automated translation. Beyond encryption, Check Point observed Sicarii performing credential harvesting, network reconnaissance, vulnerability scanning, and data exfiltration, indicating the operation includes tooling atypical to financially motivated ransomware. “Sicarii significantly raises the risk profile of ransomware incidents, shifting the impact from financial extortion to potential permanent data loss and prolonged business disruption,” Grover added. “In regulated industries, this can further escalate compliance, legal, and operational consequences.” View the full article

  12. Always-on privileged access is pervasive — and fraught with risks

    CSOonline posted a techarticle in Security
    Privileged access management (PAM) has always been about ensuring least privilege. But the nature of enterprise cybersecurity — on top of the complexity of system operations — has prompted far too many users to log in at the highest possible privilege and stay there, even when most of their tasks do not require it. One recent study put the percentage of end-users logging in at their highest level of privilege at 91%. Sanchit Vir Gogia, chief analyst at Greyhound Research, sees the widespread use of unnecessarily high privileges as the result of years of enterprise tech governance neglect. “Enterprises are running complex, interdependent technology estates where privileged access underpins stability, recovery, and continuity,” he says. “In many environments, privileged access was granted years ago to support systems that no longer have clear owners, clean documentation, or modern authentication paths. That access now props up integrations, batch jobs, recovery scripts, vendor tooling, and fragile automation chains.” Moreover, Gogia sees enterprises maintaining this status quo on privileges because reining it in “feels less like tightening security and more like introducing existential operational risk.” “They are choosing predictability over disruption,” he explains. “Always-on privilege becomes the safest option in environments where architectural certainty no longer exists. It accumulates quietly over time as systems evolve faster than governance models. Mergers, cloud migrations, outsourcing, platform layering, and emergency fixes all leave behind privileged identities that nobody revisits. Over years, this creates an estate where privilege is deeply embedded into how work gets done.” Because of that complexity, Gogia says, always-on becomes not just the easiest tactic, but the default one. “Enterprises often fall back to permanent privilege because it works,” he says. “It keeps pipelines running, integrations stable, and systems responsive. Vaulting credentials does not solve the problem if those credentials never expire. Zero trust principles are sound, but their implementation frequently assumes a cleanliness that enterprise estates simply do not have. This mismatch explains why many organizations buy PAM tools, deploy them partially, and quietly allow exceptions to proliferate until the exception becomes the norm.” As a result, PAM — and identity access management (IAM) — has become misaligned with how modern enterprise systems operate, Gogia says. “Many tools still assume relatively static infrastructure, limited identity volumes, and manual intervention points,” he notes. “Modern enterprises operate dynamic, ephemeral environments where workloads spin up and down constantly, identities are created programmatically, and access requirements change in real-time.” The perils of persistent privilege Robert Kramer, vice president and principal analyst for Moor Insights & Strategy, agrees that excessive credentials are caused by decades of lax IT governance. “They are stuck in legacy habits, stuck in their legacy operational ways,” Kramer says. “There should be a shift to more of a just-in-time model. Barely 1% of organizations have implemented that.” The executive overseeing the 91% report — Charles Chu, general manager for IT and developer products at CyberArk — said staying logged in at the highest level certainly has a cybersecurity risk, but it also introduces the IT risk of massive system damage. An accidental typo, for example, could cause massive damage if the typist is logged in at the highest level, Chu contends. “I could fat finger something and delete it by accident. Is it really so onerous to log in or out of something?” That last question is not rhetorical. Chu suggests that some PAM packages are indeed too difficult to use, therefore causing user friction. “If the PAM tool itself is onerous to use, [end-users] will find ways to bypass it.” JR Kunkle, president of Kunkle Consulting and former risk consultant with Deloitte & Touche, agrees about the typo risk. “Most interruptions in computers are due to errors or mistakes,” he says. “IT staff using an admin-level [privilege] can cause a production outage.” But Kunkle, who also worked as an IT manager with Limited Brands and Honda, says defaulting to high privilege access can also undermine legal, compliance, and privacy efforts. “If the admin looks at sensitive data [that the admin was not supposed to see], it’s pretty easy for them to cover their tracks by erasing the access logs.” Most observers, however, put the blame of excessive credentials on IT pros themselves. “It is negating the controls that they have put in place. You could take down an entire company through carelessness or fat-fingering,” says Justin Greis, CEO of consulting firm Acceligence and former head of the North American cybersecurity practice at McKinsey. “It’s just human nature to take the easy road” and cut corners when it comes to privileged access. Jason Sabin, CTO at DigiCert, is more blunt: “If an enterprise [IT worker] uses root, they are an idiot. You can screw up your world. You should never use root. Embrace least privilege. You should never use elevated privileges for ordinary mundane tasks.” Paradigm shift ahead Forrester analyst Geoff Cairns stresses the cybersecurity risks at play when organizations do not rein in excessive credential use. “Persistent standing privilege, yes, I think that is rampant,” he says. “It is something that attackers can target and then leverage to move laterally through systems and create havoc. The elevated privilege makes that all the more impactful.” Yet Cairns sees the hard road ahead in tackling this issue in modern enterprise environments. “It is a challenging problem to solve in a very complex IT landscape, with on-prem, cloud, SaaS” and it is going to get exponentially worse with “the explosion of non-human identities,” including autonomous agents, Cairns says. Greyhound Research’s Gogia agrees that non-human identities (NHIs) are going to make the problem of excess credential use far worse. “The center of gravity has shifted away from human administrators. The most dangerous and least governed privilege now sits with non-human identities. Service accounts, APIs, cloud roles, CI/CD pipelines, SaaS connectors, automation frameworks, and autonomous systems operate continuously with standing access,” he says. “These identities authenticate programmatically, at machine speed, often across environments, and frequently with broader permissions than any individual would ever be granted.” And the increasing proliferation of NHIs engaging with enterprise systems is pushing PAM and IAM toward a paradigm shift. “Traditional PAM and IAM models were designed for humans who log in, perform tasks, and log out. They struggle when identities never log out,” Gogia says. “Machine privilege is not an edge case,” he adds. “It is the majority case in modern environments. Enterprises attempting to apply human-style access reviews and approval workflows to these identities quickly discover that governance collapses under scale. This is where always-on privilege stops being a failure of discipline and becomes a failure of design assumptions.” View the full article

  13. Delegation is a risk decision every leader makes, not an ops choice

    CSOonline posted a techarticle in Security
    You make delegation decisions every day. Sometimes they look like management choices: who owns a workflow, which team runs a tool, how quickly something should ship. Other times, they barely register at all. You accept a default setting. You enable automation. You let a system act on your behalf because it saves time and seems low risk. What we tend not to account for is that we will often own the outcomes of those actions, even when they feel misaligned with our intent or unfair in hindsight. Most organizations still talk about delegation as an operational concern. It shows up in org charts, staffing models, workflow ownership, and efficiency debates about scale, speed, and cost. The underlying assumption is that delegation is a question of execution, not exposure. That framing no longer holds. The most consequential delegation decisions being made today are not primarily about people. They are about authority moving into systems. Judgment, execution, interaction, and follow-through are increasingly being handed to software that can act on an organization’s behalf, often across multiple functions and systems at once. In some cases, that transfer of authority is explicit. More often, it happens quietly through configuration settings, vendor defaults, and internal deployments that never trigger formal review because they appear narrow in scope or low risk. A customer support workflow gains the ability to issue credits. A finance system can initiate payments within limits. A productivity agent can move laterally across internal systems without human involvement. These decisions are still discussed as operational choices. Who owns the workflow, which team runs the tool, and how quickly it can be deployed remain the dominant questions. What gets lost in that framing is that these are not simply efficiency decisions. They are authority transfers, and authority always carries risk because it creates outcomes that persist even when intent, context, or oversight changes. Delegation, in this context, is not an ops choice. It is a risk decision. A concrete enterprise example Consider how many organizations automated refunds and credits during the COVID-19 travel disruptions. Airlines and booking platforms, overwhelmed by volume and operational pressure, delegated financial decision-making to automated systems that could issue credits, delay refunds, or apply preset rules at scale. In many cases, those systems operated exactly as configured. They stayed within internal thresholds, followed approved logic, and reduced immediate operational load. The problem surfaced later. Customers challenged outcomes. Regulators intervened. Audits examined controls. What became clear was not a lack of tooling or intent, but an ownership gap. Authority to make binding financial decisions had been delegated to systems without clear articulation of who had accepted the regulatory and consumer-protection risk embedded in those configurations. When enforcement followed, the question was not whether the systems worked, but who had authorized them to act that way on the organization’s behalf. What made this pattern durable was not the crisis itself, but how quickly emergency delegation became normalized infrastructure. The systems behaved as designed. The risk had simply never been owned explicitly. The quiet moment risk moves Every delegation decision implicitly answers a set of questions, whether leaders articulate them or not. Who is allowed to act, on whose behalf, under what constraints, and who ultimately absorbs the downside when outcomes diverge from intent. Risk moves at the moment authority moves. It does not wait for scale, visibility, or failure. Most organizations assume delegation is temporary and easily reversible. They expect to pilot, monitor, and adjust as they go. In practice, once authority has shifted into systems, it hardens quickly. Dependencies form. Teams adapt their workflows. Customers normalize the behavior. Control mechanisms lag behind operational reality. This is where risk ownership gaps emerge. Authority persists, but accountability fragments. Security as the first signal, not the whole story Security teams are often the first to surface delegation risk, not because everything is a breach, but because security is where authority is most formally encoded. Permissions, identities, scopes, and automated actions make delegated authority visible in ways other functions do not see as quickly. Automated remediation systems illustrate this clearly. These tools are designed to act quickly using valid permissions: disabling accounts, quarantining assets, blocking access, or triggering downstream workflows. When those systems act at scale, the actions are authorized and logged, yet the operational impact can be severe. Entire teams can be locked out of systems. Production workloads can be disrupted. Business-critical services can halt. There is no intrusion to investigate and no policy violation to point to. The question becomes whether the system was ever meant to hold that much authority without tighter constraints and broader alignment. Security surfaces the signal first because it deals in failure modes and observability. What follows, however, is not a security problem. It is an enterprise one. This is an enterprise risk decision Security risk is often the first visible signal, but it is rarely the full exposure. Delegation decisions create compound enterprise risk that spans operational resilience, financial integrity, legal accountability, reputation, and long-term strategy. No single function sees that full picture on its own. Operationally, automated actions scale faster than human oversight, allowing small misconfigurations to propagate widely before intervention is possible. Financially, systems increasingly touch revenue, pricing, credits, payments, and contractual obligations, meaning losses can accumulate quietly before they are recognized. From a legal and regulatory perspective, intent offers little protection when outcomes cause harm; regulators and courts expect demonstrable governance over automated decision-making. Reputationally, customers experience outcomes, not internal distinctions between human and automated action. Strategically, authority that is vaguely defined tends to calcify into infrastructure, limiting future flexibility and slowing the organization’s ability to adapt. This is why understanding delegation risk cannot sit with security alone. Meaningful risk assessment for AI deployments requires cross-functional coordination across security, product, legal, finance, compliance, operations, and leadership. Each function holds part of the risk surface, and none can define the organization’s exposure in isolation. Aligning AI deployment decisions to risk appetite is not about finding a universally correct answer. Different organizations will make different tradeoffs based on their goals, constraints, and tolerance for uncertainty. What matters is that those tradeoffs are made deliberately, with a shared understanding of the risks being taken. You cannot protect your investment, whether financial, reputational, or strategic, without understanding as much of the risk landscape as possible. Security teams often surface these issues first because they are trained to think in failure modes, but the consequences of delegation decisions are organizational, not technical. Delegation risk does not belong to security, product, or legal alone. It belongs to leadership because it reflects how the organization chooses to exercise power. When personal delegation becomes market risk This same delegation dynamic is already emerging at the individual level as personal agents and AI systems increasingly act on people’s behalf at work and at home. Individuals are delegating purchasing, scheduling, research, communication, and decision support to tools that operate across platforms with minimal friction. In isolation, these choices feel personal and low risk. Structurally, they mirror enterprise delegation decisions exactly. What changes at the individual level is not accountability, but awareness. When you delegate authority to a system in your job, responsibility is often traceable through roles, policies, and escalation paths. When you delegate authority to a personal agent, that same accountability collapses inward. The system may act autonomously, but outcomes still attach to the person who empowered it. Thinking clearly about delegation at work therefore sharpens judgment at home. The same questions apply in both contexts: what authority have I granted, under what constraints, and am I prepared to own the outcomes if they diverge from my intent? A visible example of this dynamic appeared when Instacart confirmed that it uses individualized pricing based on factors such as order history, demand, and market conditions. In effect, the system was delegated discretion over price negotiation at the individual level, without users having visibility into how that discretion was exercised. While the practice aligned with internal policy and commercial goals, many users experienced the outcomes as arbitrary or unfair because pricing authority operated without transparent constraints or explanation. No single human made those pricing decisions in real time. Yet the consequences were real for consumers, and the trust impact was immediate. The issue was not a breach or a policy violation. It was delegated authority operating without shared understanding. As personal agents begin interacting directly with enterprise agents in B2C environments, this pattern will intensify. Customer-side agents will negotiate, transact, and make requests directly with company-side systems, often without human awareness on either end. Misaligned assumptions, misunderstood intent, and automated escalation can occur at machine speed, with outcomes neither party explicitly anticipated. In that environment, responsibility becomes difficult to trace unless authority, constraints, and accountability were deliberately designed from the start. What looks like consumer convenience today becomes institutional exposure tomorrow. Wherever authority is delegated, whether by an organization or an individual, responsibility remains with the principal. Only the scale changes. Why this matters to you, regardless of role This is not only a leadership problem. It is an individual one. Employees at every level increasingly rely on AI systems to draft communications, make recommendations, trigger actions, and interface with other tools, often using personal or semi-approved systems inside professional environments. When those systems act in ways that create harm, confusion, or exposure, responsibility rarely stays with the software. It flows back to the human who relied on it, the manager who normalized its use, or the organization that failed to set boundaries. Understanding delegation as a risk decision is therefore not just about governance maturity. It is a form of professional self-protection in an environment where tools can act faster, farther, and more persistently than their users expect. In a world of agent-to-agent interaction, your tools do not simply reflect your intent. They can commit you to outcomes you did not explicitly choose. When individual delegation scales across a workforce or customer base, personal exposure becomes enterprise risk. The business case leaders recognize Closing the gap between delegation decisions and risk ownership is not about slowing innovation. It is about protecting core business fundamentals. From a P&L perspective, delegated systems directly influence revenue, cost, and margin. When authority is unclear, losses appear as leakage, remediation expense, customer churn, and operational rework. These costs compound over time and rarely surface as a single, contained incident. From an audit standpoint, informal delegation creates weaknesses in internal controls. Auditors expect clear ownership, documented authority, and effective oversight. When those elements are retrofitted after deployment, findings follow, confidence erodes, and leadership attention is diverted. Regulators increasingly expect organizations to demonstrate governance over automated and algorithmic decision-making, particularly where systems interact directly with consumers. Claims that a system was authorized or that no one anticipated a specific outcome do not meet that bar. Traceability, accountability, and documented risk ownership matter. At the executive and board level, delegation failures undermine credibility. In moments of stress, leadership is judged not on whether tools were innovative, but on whether risks were understood, owned, and managed. Ambiguity in those moments reads as negligence. Explicit delegation preserves strategic optionality. When authority is bounded and revisable, organizations retain the ability to adapt. When it is vague, it becomes permanent by default. When delegation becomes personal Delegation is happening around you and through you, whether or not you approve systems or set policy. Most of the time, nothing goes wrong. That is what makes the risk invisible. But when something does go wrong, the question will not be whether the system was efficient or well-intentioned. It will be who understood the risk, who accepted it, and who is prepared to own the outcome. Delegation does not remove responsibility. It redistributes it. Understanding that is no longer optional. This story was originally published on Command Line with Camille. View the full article

  14. Skills CISOs need to master in 2026

    CSOonline posted a techarticle in Security
    Three decades ago, when Steve Katz became the world’s first CISO at Citicorp/Citigroup, he quickly realized that his role was more than solving problems with tech. Katz had to communicate well, meet with C-level executives, and do anything in his power to reduce risk. “The basic philosophy that I’ve had is data security, information security, information risk is a business risk issue, not a technology issue,” he said in an interview. Katz realized that effective CISOs need a blend of technical and soft skills: they have to understand emerging technologies as well as business strategy. And in 2026, the story gets even more complicated, as CISOs operate in a difficult context, marked by tight budgets and geopolitical tensions. As the role evolved, some skills that once served CISOs are no longer differentiators. In their place, new capabilities are taking the spotlight, especially those tied to emerging tech. Today’s CISOs are navigating a world built on cloud-native infrastructure, facing AI-generated attacks, and shifting regulatory rules. In this context, the CISO needs to be an enabler of growth, not a blocker. “In 2026, the CISO who thrives will look much more like a business value and resilience executive than a technical gatekeeper,” says Darren Argyle, co-founder of Cyber Resilience and former group chief information security risk officer at Standard Chartered Bank. CISOs today are expected to influence strategy, secure investment, and guide transformation, not just protect the perimeter. And without the right mix of skills, doing all of that simply isn’t possible. Must-have skills for CISOs in 2026 Ask security professionals what makes a strong CISO in 2026, and three qualities come up time and again: a deep understanding of the business and the wider world, strong knowledge of AI, and the ability to shape and influence culture. That first one — understanding the business and the world it operates in — is foundational. CISOs who grasp the broader context are better equipped to spot emerging threats, align security with business goals, and make smarter decisions that build resilience and support growth. This knowledge also puts them in a position to shape key decisions before risks even surface, which is exactly where modern CISOs need to be. “CISOs must deliberately cultivate the ability to influence strategy, not just enforce controls,” says Richard Bird, CSO at Singulr AI. If CISOs operate as a “business translator,” framing security as a driver of value rather than just a cost, they can earn a comfortable seat at the leadership table. “A CISO who is seen to understand the business is accepted into the fold, rather than positioned as just a guardian at the gate,” says Christine Bejerasco, CISO at WithSecure. This collaboration is often useful to both sides. “As security becomes more deeply integrated into strategic decision-making, the ability to articulate value in both directions is essential,” adds Blake Entrekin, deputy CISO at HackerOne. But having social power and influence within an organization isn’t solely about access to the boardroom. It also comes from building trust and security awareness at all levels, which can be achieved by showing genuine interest in people’s day-to-day work. “Think about how you can embed security into different areas of the organization by leveraging the work of the people already there, and how you can train them just enough to weave security into their existing processes,” Bejerasco says. The second essential pillar of skills centers on artificial intelligence. CISOs need to understand the current state of AI and be up to date on the latest threats and misuse cases. This knowledge helps them “bring some sanity into an organization that’s often in a mad rush to incorporate AI into everything,” says Bejerasco. “You are no longer the detractor preventing the adoption of new technology. You become the saner voice in the room.” Understanding where AI systems excel and where they fall short allows CISOs to guide adoption. But technical knowledge isn’t enough. They also need to communicate it clearly, translating complex risks into business language that the board can understand. They can say something along the lines of: “Here’s the risk in financial, operational, and reputational terms, and here’s the investment trade-off,” Argyle says. “The irreplaceable CISOs will use AI as a force multiplier for business cost–benefit analysis but keep the judgment and storytelling firmly human. If you can’t credibly challenge the way your organization is using AI and data, you’re flying blind.” When it comes to training, Argyle recommends that CISOs take “reputable courses in AI governance, secure use of LLMs, data protection, and model risk,” ideally from universities or industry-recognized providers. A mistake CISOs can make is assuming they already know enough about AI to make informed decisions, when the field is evolving too quickly for static knowledge to suffice. “AI will continue to compress the time between reconnaissance and exploitation, requiring CISOs to anticipate how adversaries may use AI and how defenders can leverage the same tools to stay ahead,” Entrekin says. Lastly, in 2026, the third must-have is building a strong security culture across every level of the organization, because, as Argyle puts it, “cyber is 20% technology and 80% behaviour.” “The standout CISOs will be those who can shift the boardroom narrative to one of active support for culture change,” he says. “You know culture is taking hold when teams across the business apply secure-by-design principles as second nature.” Top technical skills In addition to strong knowledge of AI systems, today’s CISOs need a solid foundation in the technologies that define modern enterprise environments. The (ISC)² CISSP is still widely regarded as the gold standard for broad expertise in security architecture, risk management, and governance. “Regulators will expect this, and it still appears in pretty much all CISO jobs,” Argyle says. The Cyber Leadership Program from the Cyber Leadership Institute is also highly valued. This program focuses on the leadership and influence skills CISOs need to shape strategy and secure investment. Other useful certifications are those connected to cloud security architecture, such as CCSP. “If you don’t have an understanding of cloud security, these courses can help you understand shared responsibility models, identity-driven security, and how modern infrastructure operates at scale,” says Bejerasco. Finally, Bird emphasizes the growing importance of financial fluency in cybersecurity leadership. “A modern risk quantification or cyber economics course is critical, since boards increasingly expect CISOs to express risk in financial terms rather than technical scores,” he says. Top soft skills Apart from technical skills, CISOs are also judged on how they strategize, communicate and lead. In 2026, they are expected to face pressure from all sides, including boards, regulators and vendors, not just attackers. “Strategic judgment is foundational,” says Bird. “Especially knowing when not to act as much as when to intervene.” Sharpening strategic judgment starts with pattern recognition — connecting the dots between incidents, threat intelligence, and the company’s broader business context. Then, CISOs need to distil that complexity into a few clear, actionable choices, each with defined risks, benefits and costs. “That’s how you move from doom report to strategic advisor,” says Argyle. Strategic thinking will have a growing ethical dimension in 2026. One of the clearest tests, Bird says, will come in AI-driven environments, where CISOs must navigate complex decisions in the absence of clear legal guardrails. It’s the kind of area, he argues, that can “separate leaders from operators, notably when legal guidance lags behind technological reality.” Critical decisions sometimes have to be made in the heat of the moment if disaster strikes. In those situations, the ability to stay calm under pressure is essential. “The CISO’s job in the first 72 hours is to lower the temperature, create clarity from ambiguity, and protect trust with the boardroom, authorities, regulators, customers and staff,” says Argyle. Another soft skill to master in 2026 is the ability to build coalitions and negotiate well with product, data, legal, HR, finance, procurement and external partners. This means CISOs need to learn how to influence without having direct authority. “Security cannot operate in isolation,” says Entrekin. “Influence and collaboration are key.” Closely linked to this is the ability to communicate well, to speak regulatory language and move fluently between technical, legal and business worlds. “Being able to talk to the board in business terms reduced my required three times a year board reporting to two times a year,” Bejerasco says. “They understood and got confident that they understood that I had it covered. That was helpful for both me and for them as well.” All these skills have to be passed on to others in the team. A key part of the CISO’s role is to mentor, create opportunities for growth, and help team members gradually step into leadership themselves. “Investing in people ensures continuity, resilience, and long-term organizational capability,” says Entrekin. Low-cost strategies for gaining top skills Many CISOs and fractional CISOs want to keep learning, but there isn’t always a budget to match that ambition. Formal courses and certifications can run into the thousands of dollars, plus time away from the job. Yet the experts argue that there are low-cost solutions to this. One of these is tapping into regional CISO communities. This can mean joining peer groups and roundtables where professionals compare playbooks and swap incident stories. CISOs can also find mentors or mentor younger professionals in turn, strengthening their skills while giving back to the community. “Regional CISOs communities can offer shared knowledge, peer support, and access to collective expertise at little or no cost,” Entrekin says. Vendors, cloud providers, and partners also tend to have free training, as well as reference architectures and playbooks. “A smart CISO will negotiate learning access and workshops as part of contracts,” Argyle says. Another low-cost strategy is to use large language models to explore emerging topics. These tools can summarize papers or threat intelligence reports, generate practice scenarios and act as a “sparring partner” for strategies. AI subscriptions are relatively affordable, and executives can repurpose decommissioned hardware from within the organization. This kind of setup allows CISOs to explore AI capabilities, limitations, and risks firsthand, without needing a large budget or a formal program. Bejerasco also recommends reading books: “Books on negotiation, leadership, decision-making, and strategy are especially helpful and directly applicable to the CISO role, often more so than formal training.” But another overlooked resource is the CISO’s own team. Argyle suggests creating internal “learning loops”: short, low-cost brown-bag sessions where risk experts, engineers, architects and product owners teach each other. “Lack of budget is a constraint, but it’s not an excuse,” he says. “The best CISOs I know have always been self-directed learners. Less relevant courses Not all courses and certifications add value to a CISO’s résumé. Credentials that are useful early in a cybersecurity career can become far less relevant by the time a security professional reaches an executive role. Examples include generic, entry-level security certifications, as well as tool-specific credentials that focus on button-clicking rather than system architecture. “They are not useless, but they should no longer be treated as signals of senior security leadership,” Bird says. Other credentials that are less useful as differentiators for CISOs in 2026 include single-vendor, product-specific certifications. Deep expertise in one specific firewall or endpoint solution might have been valuable in the past, but for someone in a CISO role, it just doesn’t carry a lot of weight. “At the CISO level, it’s rarely decisive now, architectures are heterogeneous, and we’re increasingly buying platform outcomes, not hero products,” Argyle says. “These certs are fine for specialists, but they don’t move the needle much for an executive.” Courses that focus purely on memorizing standards and passing exams — without requiring participants to grapple with real-world trade-offs — are also of diminishing value at the executive level. “As a CISO you’re expected to turn compliance into outcomes, not just recite clauses from a standard,” Argyle says. For CISOs, though, certifications are necessary but not sufficient. They need to be backed by experience. Employers are looking for leaders who can run security programmes end-to-end, make tough trade-offs under pressure, manage incidents with confidence, and engage with the board with confidence. In a competitive job market, a long list of certifications won’t get anyone far unless it’s backed by real-world experience. View the full article

  15. Diese Unternehmen hat es schon erwischt

    CSOonline posted a techarticle in Security
    Roman Samborskyi | shutterstock.com Sie denken, Ihre Sicherheitsmaßnahmen können Sie langfristig vor Cyberangriffen schützen? Oder dass Ihr Unternehmen zu klein und damit uninteressant für Hacker ist? Egal, ob Sie dem Mittelstand angehören, an der Börse gelistet sind oder zu den kritischen Infrastrukturen gehören: Jedes Unternehmen hat Daten, die Cyberkriminelle stehlen möchten. Im Jahr 2025 wurden viele deutsche Unternehmen Opfer einer Cyberattacke. Die Folgen der Angriffe, die meist mittels Ransomware erfolgten, waren Betriebsstörungen gefolgt von Umsatzeinbußen, hohe Kosten für die Datenwiederherstellung sowie Reputationsschäden. Auch für 2026 ist die Gefahr durch Cyberkriminelle hoch. Diese deutschen Unternehmen wurden bisher attackiert: UnternehmenWannWasQuelleHanseMerkurJanuar 2026RansomwareDSGVO-PortalConceptnetJanuar 2026RansomwareCSOVerkehrsgesellschaft Main-TauberJanuar 2026RansomwareCSO Diese Unternehmen wurden im Jahr 2025 von einer Cyberattacke getroffen: UnternehmenWannWasQuelleHascoDezember 2025Ransomwarewww.ransomware.liveMombergerDezember 2025CSOMusic StoreOktober 2025CSONickelhütte AueOktober 2025RansomwareCSOGeiger AntriebstechnikOktober 2025RansomwareCSOGubse AGOktober 2025CSOKWG SenftenbergSeptember 2025www.kwg-senftenberg.deHEM ExpertSeptember 2025DatendiebstahlCSOSchuler Service GroupSeptember 2025Ransomwarewww.ransomware.livedecor metallAugust 2025Ransomwarewww.ransomware.liveBüchnerBarellaAugust 2025CSOHeim & Haus Juli 2025RansomwareCSOKolbusJuni 2025Ransomwarewww.ransomware.liveSiloking Mayer MaschinenbauJuni 2025RansomwareCSOLeymann BaustoffeJuni 2025CSOMedia Broadcast Satellite GmbHJuni 2025Ransomwarewww.digitalfernsehen.deUnterwegs Outdoor ShopJuni 2025CSOWellteamMai/Juni 2025CSOVolkswagen GroupJuni 2025RansomwareCSOFunktel GmbHJuni 2025Ransomwarewww.ransomware.liveFasana GmbHMai/Juni 2025RansomwareCSOArcona Hotels & Resorts-GruppeMai 2025RansomwareCSOAdidasMai 2025CSOArla Foods Deutschland Mai 2025CSOROS RollentechnikMai 2025Ransomwarewww.ransomware.liveAutohaus JürgenMai 2025come-on.deRichard Scholz GmbH (BVG-Dienstleister)April/Mai 2025Datendiebstahl (BVG-Kundendaten)CSOReutlinger General-AnzeigerMai 2025Reutlinger General-AnzeigerOettingerApril 2025RansomwareCSOguenstiger.deApril 2025RansomwareCSOJ. Dahmen GmbH & Co. KG (JDC)April 2025DSGV-PortalRheinmetallApril 2025Ransomwarewww.ransomware.liveFAKO-M GetränkeApril 2025FAKO-M GetränkeSamsung Deutschland April 2025Datendiebstahl (Angriff über IT-Dienstleister Spectos)CSOHofmann Fördertechnik März 2025Ransomware?CSOHeilbronn MarketingMärz 2025RansomwareCSOFKM ElementeMärz 2025Ransomwarewww.ransomware.liveSozial-Holding MönchengladbachMärz 2025RansomwareCSOAerticketMärz 2025Ransomware?CSOQ railingMärz 2025Ransomwarewww.ransomware.liveStadtwerke SchwerteMärz 2025CSOWillms FleischFebruar 2025RansomwareCSOSüdkabelFebruar 2025suedkabel.deMETA E²F OperationsFebruar 2025RansomwareDSGVO-PortalAutohaus KießlingFebruar 2025RansomwareFalconFeeds.ioStürmer MaschinenFebruar 2025RansomwareCSOInSystFebruar 2025RansomwareCSOPamyraFebruar 2025RansomwareDSGVO-PortalVorwerkFebruar 2025DatendiebstahlCSOEscadaFebruar 2025RansomwareCSOEckert & ZieglerFebruar 2025www.ezag.com3 Screen SolutionsFebruar 2025UndercodenewsHEMIFebruar 2025RansomwareDSGVO-PortalAlltoursFebruar 2025AlltoursNeovita CosmeticsJanuar 2025RansomwareDSGVO-PortalWürttemberger MedienJanuar 2025RansomwareDSGVO-PortalSchauinsland ReisenJanuar 2025CSOGrohe AGJanuar 2025RansomwareCSOD-TrustJanuarZugriff auf DatenCSOTelering MarketingJanuar 2025RansomwareRansomware.liveWeininger Metall SystemJanuar 2025RansomwareCSO Diese Unternehmen wurden im Jahr 2024 Opfer einer Cyberattacke: UnternehmenWannWasQuelleVosskoNovember 2024RansomwareCSOAEPOktober 2024RansomwareCSOIDEAOktober 2024RansomwareCSOSchweiger TransportOktober 2024RansomwareRansomware.liveHuber GroupOktober 2024 Celleheute.deSchäfer dein BäckerSeptember 2024RansomwareCSODiehl DefenceSeptember 2024SpywareCSOSchumag AGSeptember CSOClatronic InternationalSeptember 2024RansomwareRansomware.liveCBTSeptember 2024RansomwareRansomware.liveSybitAugust 2024PhishingCSOOptibeltAugust 2024 CSOMelchersJuli 2024RansomwareCSOSunExpressJuli 2024 CSOMittelbadische Entsorgungs- und Recyclingbetriebe (MERB)Juli 2024 CSOEurostrandJuli 2024Ransomware?CSOTÜV Rheinland AkademieJuli 2024RansomwareCSOLambertzJuni 2024RansomwareCSOMeiller KipperJuni 2024 https://www.meiller.com/de/wichtige-information/DG Immobilien ManagementJuni 2024 CSOWestfälische StahlgesellschaftJuni 2024Ransomwarehttps://www.ws-stahl.de/faq-zum-cyberangriff-vom-9-juni-2024/HoppeckeAnfang Juni 2024RanomwareCSOLemkenMai 2024 CSODeutsche TelekomMai 2024Ransomware?CSOMelting MindApril 2024RansomwareCSOMax WildApril 2024 https://www.maxwild.com/unternehmen/news/cyberangriff-auf-max-wild-gmbh/Bieler + LangApril 2024 bieler-lang.deHospitaltechnik PlanungsgesellchaftApril 2024 https://www.ht-hospitaltechnik.de/news/391-aktueller-cybervorfall-bei-der-ht.htmlGBI-Genios Deutsche WirtschaftsdatenbankApril 2024 CSOThyssenkruppFebruar 2024 CSOPSI SoftwareFebruar 2024 CSOKind HörgeräteFebruar 2024 CIOVartaFebruar 2024 CSOAnydeskFebruar 2024 CSOUnfallkasse ThüringenDezember 2023/ Januar 2024RansomwareCSOODAV AGJanuar 2024 CSOTransdevJanuar 2024 CIO Diese Unternehmen wurden im Jahr 2023 Opfer eines Hackerangriffs: UnternehmenWannWasQuelleJunghans-Wolle/ Pro IdeeDezember 2023RansomwareCSOAllgaier AutomotiveDezember 2023 filstalwelle.deErfo BekleidungswerkDezember 2023RansomwareCSOKaDeWeNovember 2023RansomwareCSOBauer AG CIOSüdwestfalen ITOktober 2023RansomwareCSOMotel OneOktober 2023RansomwareCSOHäffnerOktober 2023RansomwareExplodingsecurityHochsauerlandWasser, Hochsauerland EnergieSeptemberr/Oktober 2023RansomwareCSOdegenia Versicherungsdienst AGSeptember/Oktober 2023 CSOMedgateAugust/September 2023 MedgateKendrion Kuhnke MalenteAugust 2023 CSOTrinkwasserverband StadeAugust 2023 CSOWildeboerJuli 2023RansomwareCSOSoftProjektJuli 2023RansomwareSoftProjektIT-Dienstleister der BarmerJuni 2023Software-SchwachstelleCSOVerivoxJuni 2023Software-SchwachstelleCSOMedizinischer DienstJuni 2023 CSODeutsche LeasingJuni 2023 CSOVerlagsgruppe VRMEnde Mai 2023 CSOHosting-Dienstleister von DenaMai 2023RansomwareCSOUnited HosterMai 2023RansomwareCSODienstleister von Heineking MediaMai 2023 CSOBlack Cat NetworksMai 2023RansomwareCSOGITAIMai 2023RansomwareCSOMaxim GroupAnfang Mai2023RansomwareCSOLux Automation RansomwareCSOBilstein GruppeEnde April 2023RansomwareCSOStürtz Maschinenbau22. April 2023RansomwareDSGVO PortalBadische Stahlwerke20. April 2023 CSOJobrad RansomwareCSOBitmarckApril 2023 CSOLürssenApril 2023RansomwareCSOEvotec6. April 2023 CIOÜstra31. März 2023 CSOBIG direkt28. März 2023 Ruhr NachrichtenMaterna25. März 2023 CSOSAF HollandMärz 2023 CIOMatthäi17. März 2023RansomwareCSOEnergieversorgung Filstal13. März 2023DDoSCSORheinmetall, NW7. März 2023DDoSCIOSteico, BY1. März 2023n.a.CSOSmart InsurTech, BE10. Februar 2023n.a.Smart InsurTechAlbert Ziegler, BW9. Februar 2023n.a.CSOUnternehmen in Bayern, BY6. Februar 2023RansomwarePolizei BayernKapellmann und Partner Rechtsanwälte, NW3. Februar 2023RansomwareKapellmannHäfele, BW2. Februar 2023RansomwareCSOStadtwerke Karlsruhe, BW1. Februar 2023RansomwareCSODürr, BWFebruar 2023n.a.CSOBayerischer Rundfunk, BYFebruar 2023PhishingCSOGeze, BWFebruar 2023n.a.GezeWisag Dienstleistungsholding, HEFebruar 2023n.a.Frankfurter Allgemeine ZeitungFlughafen Hamburg, HH25. Januar 2023DDoSHamburger AbendblattPlüsch-Tierheim, NW24. Januar 2023n.a.CSOSky Deutschland, BY21. Januar 2023n.a.Digital FernsehenBitmarck, NW19. Januar 2023n.a.CSOFritzmeier Group, BY17. Januar 2023n.a.CSOAdesso, NW11. Januar 2023n.a.CSOUnternehmen in Kaiserslautern, RPJanuar 2023Social EngineeringCSO Diese Unternehmen wurden im Jahr 2022 Opfer einer Cyberattacke: UnternehmenWannWasQuelleIBB Business Team, BE27. Dezember 2022RansomwareIBB Business TeamSSI Schäfer Shop, RP23. Dezember 2022n.a.Schäfer Shop LinkedInThyssenkrupp, NRW 20. Dezember 2022n.a.CSOH-Hotels, HE11. Dezember 2022n.a.H-HotelsMeyer & Meyer, NI6. Dezember 2022n.a.CSORosenschon Partnerschaft, BY5. Dezember 2022n.a.Bayreuter TagblattDeutsche Klassenlotterie Berlin, BEDezember 2022n.a.Berliner KurierLand Brandenburg Lotto, BBDezember 2022n.a.RBB 24Lotto-Toto Sachsen-Anhalt, STDezember 2022n.a.MDRNordwest Lotto Schleswig-Holstein, SHDezember 2022n.a.FocusLotto Rheinland-Pfalz, RPDezember 2022n.a.SWRTechnolit, HEDezember 2022n.a.Technolit FacebookT-Mobile, NW25. November 2022n.a.CSOLandau Bedia, BE25. November 2022n.a.Landau MediaBisping & Bisping, BY17. November 2022n.a.Nürnberger NachrichtenRichard Wolf, BW3. November 2022RansomwareRichard WolfProphete, NWNovember 2022n.a.CSOOase, NRW29. Oktober 2022n.a.OaseAurubis, HH28. Oktober 2022n.a.CIOEnercity, NI26. Oktober 2022n.a.CIODeutsche Presse Agentur, HH17. Oktober 2022RansomwareCSOMetro, NRW17. Oktober 2022n.a.CSOHeilbronner Stimme, BW14. Oktober 2022RansomwareCIOWilken Software Group, BW12. Oktober 2022RansomwareCSOConvista, NRW10. Oktober 2022Zero DayConvistaHipp, BY5. Oktober 2022n.a.BR24Caritasverband München und Freising, BY11. September 2022RansomwareCSOElabs, HE8. August 2022n.a.ElabsMedi, BY7. August 2022n.a.CSOIHK, deutschlandweit4. August 2022DDoSCSOSemikron, BY1. August 2022RansomwareCSOContinental, NIAugust 2022n.a.CIOAutodoc, BEAugust 2022n.a.Skoda CommunitySaller-Bau, THAugust 2022n.a.Thüringer AllgemeineIsta, NW27. Juli 2022n.a.CSOASG, NI26. Juli 2022n.a.CSOWeidmüller, NW18. Juli 2022n.a.Neue WestfälischeHelinet, NW7. Juli 2022DDoSWestfälischer AnzeigerKnauf, BY29. Juni 2022n.a.KnaufBizerba, BW27. Juni 2022n.a.Schwarzwälder BoteApetito, NW26. Junin.a.CSOCount + Care, HE12. JuniRansomwareWissenschaftsstadt DarmstadtBauverein, HE12. JuniRansomwareFrankfurter RundschauHeag und Heag Mobilo, HE12. Juni 2022RansomwareFrankfurter RundschauFES, HE12. Juni 2022RansomwareCIOEntega, HE12. Juni 2022RansomwareCSOStadtreinigung Kassel, HE2. Juni 2022n.a.WeltSDZ Druck und Medien, BW31. Mai 2022n.a.Schwäbische PostJakob Becker, RP24. Mai 2022RansomwareCSOPosteo, BE17. Mai 2022DDoSCSOAGCO, BY5. Mai 2022RansomwareAGCOLudwig Freytag,NIMai 2022RansomwareNDRCWS, NWMai 2022n.a.Westfalen BlattSixt, BY29. April 2022n.a.CSODonau Stadtwerke Dillingen-Lauingen, BY18. April 2022n.a.Augsburger AllgemeineReitzner, BY18. April 2022n.a.Augsburger AllgemeineAHS, HH17. April 2022n.a.AirlinersIMA Schelling Group, NW15. April 2022n.a.Neue WestfälischeDeutsche Windtechnik, HB12. April 2022RansomwareCSOPerbit, NW7. April 2022RansomwareCSOKSB, ST7. April 2022n.a.MDRFraunhofer-Institut, STApril 2022RansomwareCSOTÜV Nord Group, NIApril 2022n.a.TÜV Nord GroupNordex, HH31. März 2022n.a.NordexWelcome Hotels, HE12. März 2022n.a.Welcome HotelsStollwerck, TH11. März 2022n.a.MDRElobau, BW4. März 2022RansomwareElobauBauking, NW3. März 2022RansomwareWestfalenpostRosneft, BEMärz 2022n.a.WeltTST, RPMärz 2022n.a.SWRTrützschler, NWMärz 2022RansomwareWDRFunke Mediengruppe, NW25. Februar 2022BotsDie ZeitKlopotek, BE18. Februar 2022RansomwareCSOSchultze & Braun Rechtsanwaltsgesellschaft, BW16. Februar 2022Zero DaySchultze & BraunOtto Dörner, HHFebruar 2022RansomwareSVZWisag Dienstleistungsholding, HE27. Januar 2022n.a.WisagGolfclub Hofgut Praforst, HE23. Januar 2022Ransomware­­­Osthessen NewsThalia Bücher, NW20. Januar 2022Brute ForceTarnkappeUnfallkasse Thüringen, TH4. Januar 2022RansomwareUnfallkasse ThüringenOiltanking GmbH, HHJanuar 2022n.a.Handelsblatt Die Redaktion wird diese Listen regelmäßig aktualisieren. Jedoch erheben wir keinen Anspruch auf Vollständigkeit. View the full article

  16. AI-powered polymorphic attack lures victims to phishing webpages

    CSOonline posted a techarticle in Security
    AI-fueled attacks can transform an innocuous webpage into a customed phishing page. The attacks, revealed in a research from Palo Alto Networks’ Unit 42, are clever in how they combine various obfuscation techniques. The combination though can be lethal, difficult to discover, and represent yet another new offensive front in the use of AI by bad actors to compromise enterprise networks. The attack starts with an original and ordinary webpage then attackers add client-side API calls to LLMs that can dynamically generate malicious JavaScript code in real time. This polymorphic technique is dangerous for several reasons. First, it can bypass any built-in AI model security guardrails. Second, because it delivers its malware from a trusted LLM domain it may bypass typical network analysis. Without any runtime behavioral analysis screening, it won’t easily be discovered or blocked, because the assembly of the final malware code happens inside a client’s browser and leaves no static payload residue anywhere else in the process. The analysts at Unit 42 wrote a proof-of-concept code that calls popular LLMs such as DeepSeek and Google’s Gemini into returning the malicious JavaScript. The key step is to use separate prompts to craft AI prompts that translate the malware and describe its functionality as plain text, which then generate different pieces of the actual malware code. The AI model can generate a variety of phishing code content and then assemble the various pieces, both of which make detection more difficult. The assembly, as mentioned, is happening at the very end of this malware supply chain, what SquareX calls a last mile reassembling attack. While this attack isn’t exactly novel, what is new is the type of code pieces that are generated by the AI that are more difficult to detect. The example used in the PoC described four code fragments in its prompting instructions, each fragment involving a different step in the malware’s operations. Each prompt would return a syntactically unique yet functionally identical variant of the malicious code, according to the analysts. Think of this as the AI version of custom-coded malware that was first invented decades ago by attackers looking to evade static signature detection algorithms. There are several ways the final malware assembly can be accomplished, including using a backend proxy server or a content delivery network to further hide the malware’s true nature by providing trusted domains to deliver the goods. “Unfortunately, at least some of this comes back to having the user as the last line of defense,” Allie Mellen, Forrester principal analyst, security and risk, told CSO. “This attack prevents the vendors from using some phishing detection techniques, but many of the core phishing detection capabilities are still relevant here.” Jess Burn, a Forrester analyst for email security, agrees that there is some protection with existing defensive technologies. However, “even though this attack uses the browser and an LLM to build the phishing page on the fly, the issue is still how users got to that page in the first place. Well-tuned email and collaboration security tools that spot suspicious links, newly registered domains, look‑alike brands, and unusual sender behavior can still stop many of these campaigns at the message layer so the user never clicks through to the ‘magic’ page that turns malicious at runtime.” Unit 42 of course recommends Palo Alto Networks’ products to help defend against this attack. Other solutions include using secure web gateways as well as secure enterprise browsers that can prevent last mile attacks. View the full article

  17. Fixes released for a serious Microsoft Office zero-day flaw

    CSOonline posted a techarticle in Security
    Microsoft is warning admins of an Office security bypass zero day vulnerability that can be triggered simply by a user opening a document. The flaw is currently being actively exploited. “The vulnerability is serious,” said Johannes Ullrich, dean of research at the SANS Institute. “The root cause is that Microsoft Office still supports the older OLE document format, which provides access to various OLE components. The effect is similar to what an attacker could do with Office Macros. But Office Macros are typically blocked for documents downloaded from the internet. Microsoft implemented similar protections for OLE components, but this recent exploit found a way to bypass them.” Despite efforts by Microsoft and email gateway vendors, emails with malicious attachments are still a significant attack vector, he added. “It is important that organizations roll up this update quickly. Until it has been applied, filters on email gateways or endpoint protection signatures may help mitigate the threat.” Fortunately the vulnerability, CVE-2026-21509, which has a CVSS score of 7.8, is fixed automatically in Office 2021 and up, however, admins should note that these applications need a restart for the patch to take effect. For Office 2016 and Office 2019, there’s a separate patch. Jack Bicer, director of vulnerability research at Action1, said that for security teams and CISOs “the urgency is real: don’t wait, prioritize this update immediately, and ensure all Office applications are restarted so the protections take effect without delay.” The flaw is exploited by sending malicious Office documents and convincing users to open them, “a classic technique that emphasizes the ongoing effectiveness of social engineering in real-world attacks,” he said. The US Cybersecurity and Infrastructure Security Agency (CISA) has added the hole to its catalogue of known exploited vulnerabilities. Vulnerabilities in the catalogue must be remediated by federal civilian executive branch agencies by a specified date. Asked for comment, a Microsoft spokesperson said the company recommends impacted customers follow the guidance on its CVE page. It also points out that Microsoft Defender has detections in place to block exploitation, and Office’s default Protected View setting provides an extra layer of protection by blocking malicious files from the internet. “As a security best practice, we encourage users to exercise caution when downloading and enabling editing on files from unknown sources, as indicated in security warnings,” the spokesperson added. This article originally appeared on Computerworld. View the full article

  18. 4 Probleme, die CISOs behindern

    CSOonline posted a techarticle in Security
    alphaspirit.it – shutterstock.com Viele Sicherheitsverantwortliche glauben, dass ein Cybervorfall unvermeidlich ist – unklsar ist lediglich der Zeitpunkt. Diese Überzeugung spiegelt sich in der gängigen Redewendung wider, dass es nicht darum geht, „ob“, sondern „wann“ ein Angriff erfolgt. Eine wachsende Zahl von CISOs rechnet jedoch eher früher als später mit einem Vorfall: Im Voice of the CISO Report 2025 von Proofpoint gaben rund 76 Prozent der Befragten an, dass sie sich in den nächsten 12 Monaten einem erheblichen Cyberangriff ausgesetzt sehen. Im Vorjahr lag dieser Wert noch bei 70 Prozent. Zudem glauben 58 Prozent der befragten CISOs, dass ihr Unternehmen nicht darauf vorbereitet ist. Neben dem allgemeinen Gefühl, dass ein Angriff fast unvermeidlich ist, räumen die Sicherheitschefs ein, dass verschiedene Herausforderungen sie bei ihren Aufgaben behindern. In erster Linie sehen sie bei ihrer Arbeit vier Probleme: 1. Teammitglieder werden nicht ausreichend befähigt, nach Prioritäten zu handeln Viele CISOs geben offen zu, dass ihre Sicherheitsteams mehr Arbeit haben, als sie bewältigen können. Das führt zu viel Stress: Im 2025 CISO Pressure Index von Nagomi Security bekundeten rund 80 Prozent der CISOs, dass sie derzeit unter hohem oder extremem Druck stünden , BBei 87 Prozent hat der Druck bei in den vergangenen 12 Monaten zugenommen. Darüber hinaus geben 67 Prozent Befragten an, wöchentlich oder täglich ausgebrannt zu sein. „Jeder CISO fühlt sich stark überfordert“, bestätigt Omar Khawaja, Leiter des Bereichs Field Security bei Databricks. „Um damit fertig zu werden, haben die CISOs gelernt, Prioritäten zu setzen.“ Bei den meisten stehe ganz oben auf ihrer Liste, die größten Risiken für das Unternehmen zu reduzieren, so Khawaja. „Allzu oft schulen CISOs ihre Teammitglieder jedoch nicht, damit sie kompetente Entscheidungen treffen und Maßnahmen ergreifen können, die mit diesen Prioritäten übereinstimmen“, so der ehemalige CISO bei Highmark Health.Dadurch müssten Führungskräfte weiterhin alle Prioritätsentscheidungen treffen, was das gesamte Team verlangsamen würde. CISOs sollten darauf hinarbeiten, dass ihre Teammitglieder wissen, wann und wie sie Prioritäten für ihre eigenen Arbeitsbereiche setzen müssen, „damit sich jedes einzelne Team auf die wichtigsten Dinge konzentriert“, fügt Khawaja hinzu. „Dazu müssen Sie klare Mechanismen und Anweisungen für die Entscheidungsunterstützung schaffen“, erklärt er. „Es sollte Kriterien oder Faktoren geben, die festlegen, ob etwas vom Sicherheitsteam eine hohe, mittlere oder niedrige Priorität hat. Denn dann kann jedes Teammitglied jede Anfrage, die bei ihm eingeht, prüfen und sie sicher und effektiv priorisieren.“ 2. Mit der Innovation und Einführung von KI nicht Schritt halten Führungskräfte und Mitarbeiter haben sich gleichermaßen beeilt, künstliche Intelligenz einzusezten, angelockt von der Erwartung, dass KI Arbeitsabläufe verändern und Zeit, Geld sowie Aufwand sparen wird. Die meisten CISOs haben jedoch mit der Geschwindigkeit der KI-Einführung durch ihre Geschäftskollegen nicht Schritt gehalten. Laut einer Umfrage unter 921 IT- und Cybersicherheitsexperten im Rahmen des 2025 State of AI Data Security Report von Cyera nutzen 83 Prozent der Unternehmen KI. Aber nur 13 Prozent haben einen guten Überblick darüber, inwieweitdiese Systeme auf sensible Daten zugreifen oder wie sie mit ihnen umgehen; lediglich 16 Prozent behandeln KI als eigenständige Identität; nur elf Prozent der Unternehmen können riskante KI-Aktivitäten automatisch blockieren; und nur sieben Prozent verfügen über ein spezielles KI-Governance-Team. „Die meisten CISOs kämpfen mit der Frage, wie sie die KI-Nutzung absichern können”, betont Robert T. Lee, Chief AI Officer und Forschungsleiter bei SANS. Laut Lee verbieten viele CISOs aufgrund von Sicherheitsbedenken immer noch vorgeschlagene KI-Anwendungsfälle – was er als „Security Framework of No” bezeichnet – oder verlangsamen die Einführung, während sie die Sicherheit der KI bewerten. „Es herrscht ein allgemeiner Mangel an Wissen darüber, wie man mit KI umgehen soll“, so Lee. „Fairerweise muss man sagen, dass die Unternehmen den CISOs hier nicht immer helfen“, bemerkt der Experte. Ein anderer Punkt ist die häufig wechselnde KI-Strategie in vielen Unternehmen. „Eine neue KI-Version kommt heraus, und schon ändert sich die Agenda, und einen Monat später kommt etwas Neues heraus, und schon ändert sie sich wieder. Es ist also ein bewegliches Ziel, das das Sicherheitsteam schützen soll“, erklärt Lee. Unabhängig davon ist es laut Lee klar, dass die Unfähigkeit des Sicherheitsteams, mit den KI-Innovationen Schritt zu halten, und der Wunsch des Unternehmens nach einer schnellen Einführung problematisch sind. „Indem es die Transformation verlangsamt, behindert dies nicht nur die Agenda des Unternehmens“,so der KI-Experte. „Es verhindert auch den Erfolg der Sicherheitsabteilung, da das Unternehmen oft die Security komplett umgeht, anstatt seine KI-Entwicklung zu verlangsamen oder zu stoppen.“ Infolgedessen sähen sich CISOs und ihre Unternehmen letztendlich mit Schatten-KI, unkontrollierten Agenten und undurchsichtigen Datenflüssen konfrontiert, die zu einem schlecht gesicherten, erweiterten Angriff führen, fügt Lee hinzu. Natürlich besteht nach wie vor die Notwendigkeit, KI-Implementierungen angemessen zu bewerten und zu sichern, betont er und ergänzt, dass Unternehmen nicht einfach die Zusicherungen der Anbieter akzeptieren sollten, dass ihre KI-Komponenten sicher sind. Nach Ansicht von Lee verfolgen CISOs, die mit der KI-Strategie ihrer Organisation Schritt halten, einen ganzheitlichen Ansatz, anstatt von Einsatz zu Einsatz zu arbeiten. Sie erstellen ein Risikoprofil für bestimmte Daten, sodass die Sicherheitsabteilung nicht viel Zeit mit der Bewertung von KI-Implementierungen verbringen muss und sich stattdessen auf KI-Anwendungsfälle konzentrieren kann, die Daten mit mittlerem oder hohem Risiko erfordern. Außerdem würden sie einzelnen Abteilungen Sicherheitsmitarbeiter zuweisen, um den KI-Bedarf im Blick zu behalten. Zudem würden Sicherheitsteams in den Fähigkeiten geschult, die zur Bewertung und Sicherung von KI-Initiativen erforderlich sind. 3. Begrenzte Einführung von KI für Sicherheitsmaßnahmen Wie ihre Kollegen aus dem Business setzen auch einige CISOs auf KI, um ihre Abläufe zu transformieren – doch trotz der Vorteile, die diese Technologie für die Cybersicherheit mit sich bringt, scheinen sie bei weitem nicht die Mehrheit zu bilden. Die 2025 ISC2 Cybersecurity Workforce Study zeigt, dass nur 28 Prozent der 16.000 befragten Unternehmensleiter KI-Tools in ihre Sicherheitsabläufe integriert hatten. Die Studie ergab, dass 19 Prozent sie testeten und 22 Prozent sich in der frühen Evaluierungsphase befanden. „CISOs haben etwas Aufholbedarf, wenn es darum geht, KI mit der gleichen Geschwindigkeit wie das Business einzusetzen“, betont Jon France, CISO von ISC2, einer Organisation für Cybersicherheitsschulungen und -zertifizierungen. Dieses langsame Tempo bestehe fort, obwohl sich der Einsatz von KI in Sicherheitsabläufen als vorteilhaft erweist, fügt France hinzu und merkt an, dass 63 Prozent derjenigen, die KI-Sicherheitstools einsetzen, von einer deutlichen Steigerung ihrer Produktivität berichten. In der ISC2-Studie gaben 40 Prozent der CISOs an, dass KI in kürzester Zeit den größten Einfluss auf Cybersicherheitsmaßnahmen haben wird, gefolgt von Sicherheitsmaßnahmen und Sicherheitstests (beide 30 Prozent), Schwachstellenmanagement (29 Prozent), Bedrohungsmodellierung und Endpunktschutz (beide 28 Prozent). 4. Mangel an benötigten Talenten und erforderlichen Fähigkeiten CISOs berichten zwar schon seit langem von Schwierigkeiten bei der Einstellung ausreichend qualifizierter Sicherheitsmitarbeiter. Inzwischen sehen sie dieses Problem jedoch zunehmend als zentrales Hindernis für die Umsetzung ihrer Sicherheitsagenda. In der Studie „2025 State of Cybersecurity Resilience” von Accenture identifizierten 83 Prozent der IT-Führungskräfte den Mangel an Cybertalenten „als großes Hindernis für die Erreichung einer starken Sicherheitslage”. Das Problem ist dabei laut ISC2-Studie zweigeteilt: Zunächst ist da der Fachkräftemangel: 63 Prozent der Befragten gaben 2025 an, dass sie einen leichten oder erheblichen Mangel an Cybersicherheitskräften haben, immerhin eine leichte Verbesserung gegenüber den 68 Prozent im Vorjahr. Zweitens wächst die Qualifikationslücke. Dem Bericht zufolge haben 59 Prozent im Jahr 2025 einen kritischen oder erheblichen Bedarf an bestimmten Fähifkeiten (2024: 44 Prozent). 95 Prozent berichten von mindestens einem Skill-Bedarf – 5 Prozent mehr als im Vorjahr. Als dringendste Kompetenz nannten die Befragten KI-Know-how (41 Prozent), gefolgt von Cloud-Sicherheit (36 Prozent), Risikobewertung (29 Prozent), Anwendungssicherheit (28 Prozent), Sicherheitstechnik und Governance (27 Prozent) sowie Risiko und Compliance (ebenfalls 27 Prozent). „Wir brauchen Menschen, die in der Lage sind, die Aufgaben von modernen Sicherheitsfunktionen zu erfüllen“, so France. Auch Khawaja nennt den Mangel an „den richtigen Fähigkeiten im Sicherheitsteam“ als Hindernis für den Erfolg von CISOs. Er sieht die Herausforderung jedoch weniger im Fehlen von technischen Fähigkeiten oder sogar Soft Skills, sondern in sogenannten „Middle Skills“, etwa Risikomanagement und Change Management. Diese Fähigkeiten werden nach Meinung von Khawaja immer wichtiger, um die Sicherheit besser mit dem Business zu verzahnen, die Benutzer zur Akzeptanz von Sicherheitsprotokollen zu bewegen und letztendlich die Sicherheitslage des Unternehmens zu verbessern. „Fehlen diese Fähigkeiten, kann das Sicherheitsteam nur begrenzt etwas ausrichten.” Obwohl CISOs mit Arbeitsmarktbedingungen zu kämpfen haben, die weit außerhalb ihrer direkten Kontrolle und ihres Einflussbereichs liegen, gibt es laut Khawaja andere Maßnahmen, mit denen sie dem Mangel an Talenten und Fähigkeiten begegnen können. „Eine klare Talentstrategie, die sich auf die Einstellung von Mitarbeitern mit bestimmten Fähigkeiten und Kompetenzen konzentriert, kann CISOs dabei helfen, das zu bekommen, was sie zur Umsetzung ihrer Sicherheitsagenda benötigen.“ (jm) View the full article

  19. 4 Probleme, die CISOs behindern

    CSOonline posted a techarticle in Security
    alphaspirit.it – shutterstock.com Viele Sicherheitsverantwortliche glauben, dass ein Cybervorfall unvermeidlich ist – unklsar ist lediglich der Zeitpunkt. Diese Überzeugung spiegelt sich in der gängigen Redewendung wider, dass es nicht darum geht, „ob“, sondern „wann“ ein Angriff erfolgt. Eine wachsende Zahl von CISOs rechnet jedoch eher früher als später mit einem Vorfall: Im Voice of the CISO Report 2025 von Proofpoint gaben rund 76 Prozent der Befragten an, dass sie sich in den nächsten 12 Monaten einem erheblichen Cyberangriff ausgesetzt sehen. Im Vorjahr lag dieser Wert noch bei 70 Prozent. Zudem glauben 58 Prozent der befragten CISOs, dass ihr Unternehmen nicht darauf vorbereitet ist. Neben dem allgemeinen Gefühl, dass ein Angriff fast unvermeidlich ist, räumen die Sicherheitschefs ein, dass verschiedene Herausforderungen sie bei ihren Aufgaben behindern. In erster Linie sehen sie bei ihrer Arbeit vier Probleme: 1. Teammitglieder werden nicht ausreichend befähigt, nach Prioritäten zu handeln Viele CISOs geben offen zu, dass ihre Sicherheitsteams mehr Arbeit haben, als sie bewältigen können. Das führt zu viel Stress: Im 2025 CISO Pressure Index von Nagomi Security bekundeten rund 80 Prozent der CISOs, dass sie derzeit unter hohem oder extremem Druck stünden , BBei 87 Prozent hat der Druck bei in den vergangenen 12 Monaten zugenommen. Darüber hinaus geben 67 Prozent Befragten an, wöchentlich oder täglich ausgebrannt zu sein. „Jeder CISO fühlt sich stark überfordert“, bestätigt Omar Khawaja, Leiter des Bereichs Field Security bei Databricks. „Um damit fertig zu werden, haben die CISOs gelernt, Prioritäten zu setzen.“ Bei den meisten stehe ganz oben auf ihrer Liste, die größten Risiken für das Unternehmen zu reduzieren, so Khawaja. „Allzu oft schulen CISOs ihre Teammitglieder jedoch nicht, damit sie kompetente Entscheidungen treffen und Maßnahmen ergreifen können, die mit diesen Prioritäten übereinstimmen“, so der ehemalige CISO bei Highmark Health.Dadurch müssten Führungskräfte weiterhin alle Prioritätsentscheidungen treffen, was das gesamte Team verlangsamen würde. CISOs sollten darauf hinarbeiten, dass ihre Teammitglieder wissen, wann und wie sie Prioritäten für ihre eigenen Arbeitsbereiche setzen müssen, „damit sich jedes einzelne Team auf die wichtigsten Dinge konzentriert“, fügt Khawaja hinzu. „Dazu müssen Sie klare Mechanismen und Anweisungen für die Entscheidungsunterstützung schaffen“, erklärt er. „Es sollte Kriterien oder Faktoren geben, die festlegen, ob etwas vom Sicherheitsteam eine hohe, mittlere oder niedrige Priorität hat. Denn dann kann jedes Teammitglied jede Anfrage, die bei ihm eingeht, prüfen und sie sicher und effektiv priorisieren.“ 2. Mit der Innovation und Einführung von KI nicht Schritt halten Führungskräfte und Mitarbeiter haben sich gleichermaßen beeilt, künstliche Intelligenz einzusezten, angelockt von der Erwartung, dass KI Arbeitsabläufe verändern und Zeit, Geld sowie Aufwand sparen wird. Die meisten CISOs haben jedoch mit der Geschwindigkeit der KI-Einführung durch ihre Geschäftskollegen nicht Schritt gehalten. Laut einer Umfrage unter 921 IT- und Cybersicherheitsexperten im Rahmen des 2025 State of AI Data Security Report von Cyera nutzen 83 Prozent der Unternehmen KI. Aber nur 13 Prozent haben einen guten Überblick darüber, inwieweitdiese Systeme auf sensible Daten zugreifen oder wie sie mit ihnen umgehen; lediglich 16 Prozent behandeln KI als eigenständige Identität; nur elf Prozent der Unternehmen können riskante KI-Aktivitäten automatisch blockieren; und nur sieben Prozent verfügen über ein spezielles KI-Governance-Team. „Die meisten CISOs kämpfen mit der Frage, wie sie die KI-Nutzung absichern können”, betont Robert T. Lee, Chief AI Officer und Forschungsleiter bei SANS. Laut Lee verbieten viele CISOs aufgrund von Sicherheitsbedenken immer noch vorgeschlagene KI-Anwendungsfälle – was er als „Security Framework of No” bezeichnet – oder verlangsamen die Einführung, während sie die Sicherheit der KI bewerten. „Es herrscht ein allgemeiner Mangel an Wissen darüber, wie man mit KI umgehen soll“, so Lee. „Fairerweise muss man sagen, dass die Unternehmen den CISOs hier nicht immer helfen“, bemerkt der Experte. Ein anderer Punkt ist die häufig wechselnde KI-Strategie in vielen Unternehmen. „Eine neue KI-Version kommt heraus, und schon ändert sich die Agenda, und einen Monat später kommt etwas Neues heraus, und schon ändert sie sich wieder. Es ist also ein bewegliches Ziel, das das Sicherheitsteam schützen soll“, erklärt Lee. Unabhängig davon ist es laut Lee klar, dass die Unfähigkeit des Sicherheitsteams, mit den KI-Innovationen Schritt zu halten, und der Wunsch des Unternehmens nach einer schnellen Einführung problematisch sind. „Indem es die Transformation verlangsamt, behindert dies nicht nur die Agenda des Unternehmens“,so der KI-Experte. „Es verhindert auch den Erfolg der Sicherheitsabteilung, da das Unternehmen oft die Security komplett umgeht, anstatt seine KI-Entwicklung zu verlangsamen oder zu stoppen.“ Infolgedessen sähen sich CISOs und ihre Unternehmen letztendlich mit Schatten-KI, unkontrollierten Agenten und undurchsichtigen Datenflüssen konfrontiert, die zu einem schlecht gesicherten, erweiterten Angriff führen, fügt Lee hinzu. Natürlich besteht nach wie vor die Notwendigkeit, KI-Implementierungen angemessen zu bewerten und zu sichern, betont er und ergänzt, dass Unternehmen nicht einfach die Zusicherungen der Anbieter akzeptieren sollten, dass ihre KI-Komponenten sicher sind. Nach Ansicht von Lee verfolgen CISOs, die mit der KI-Strategie ihrer Organisation Schritt halten, einen ganzheitlichen Ansatz, anstatt von Einsatz zu Einsatz zu arbeiten. Sie erstellen ein Risikoprofil für bestimmte Daten, sodass die Sicherheitsabteilung nicht viel Zeit mit der Bewertung von KI-Implementierungen verbringen muss und sich stattdessen auf KI-Anwendungsfälle konzentrieren kann, die Daten mit mittlerem oder hohem Risiko erfordern. Außerdem würden sie einzelnen Abteilungen Sicherheitsmitarbeiter zuweisen, um den KI-Bedarf im Blick zu behalten. Zudem würden Sicherheitsteams in den Fähigkeiten geschult, die zur Bewertung und Sicherung von KI-Initiativen erforderlich sind. 3. Begrenzte Einführung von KI für Sicherheitsmaßnahmen Wie ihre Kollegen aus dem Business setzen auch einige CISOs auf KI, um ihre Abläufe zu transformieren – doch trotz der Vorteile, die diese Technologie für die Cybersicherheit mit sich bringt, scheinen sie bei weitem nicht die Mehrheit zu bilden. Die 2025 ISC2 Cybersecurity Workforce Study zeigt, dass nur 28 Prozent der 16.000 befragten Unternehmensleiter KI-Tools in ihre Sicherheitsabläufe integriert hatten. Die Studie ergab, dass 19 Prozent sie testeten und 22 Prozent sich in der frühen Evaluierungsphase befanden. „CISOs haben etwas Aufholbedarf, wenn es darum geht, KI mit der gleichen Geschwindigkeit wie das Business einzusetzen“, betont Jon France, CISO von ISC2, einer Organisation für Cybersicherheitsschulungen und -zertifizierungen. Dieses langsame Tempo bestehe fort, obwohl sich der Einsatz von KI in Sicherheitsabläufen als vorteilhaft erweist, fügt France hinzu und merkt an, dass 63 Prozent derjenigen, die KI-Sicherheitstools einsetzen, von einer deutlichen Steigerung ihrer Produktivität berichten. In der ISC2-Studie gaben 40 Prozent der CISOs an, dass KI in kürzester Zeit den größten Einfluss auf Cybersicherheitsmaßnahmen haben wird, gefolgt von Sicherheitsmaßnahmen und Sicherheitstests (beide 30 Prozent), Schwachstellenmanagement (29 Prozent), Bedrohungsmodellierung und Endpunktschutz (beide 28 Prozent). 4. Mangel an benötigten Talenten und erforderlichen Fähigkeiten CISOs berichten zwar schon seit langem von Schwierigkeiten bei der Einstellung ausreichend qualifizierter Sicherheitsmitarbeiter. Inzwischen sehen sie dieses Problem jedoch zunehmend als zentrales Hindernis für die Umsetzung ihrer Sicherheitsagenda. In der Studie „2025 State of Cybersecurity Resilience” von Accenture identifizierten 83 Prozent der IT-Führungskräfte den Mangel an Cybertalenten „als großes Hindernis für die Erreichung einer starken Sicherheitslage”. Das Problem ist dabei laut ISC2-Studie zweigeteilt: Zunächst ist da der Fachkräftemangel: 63 Prozent der Befragten gaben 2025 an, dass sie einen leichten oder erheblichen Mangel an Cybersicherheitskräften haben, immerhin eine leichte Verbesserung gegenüber den 68 Prozent im Vorjahr. Zweitens wächst die Qualifikationslücke. Dem Bericht zufolge haben 59 Prozent im Jahr 2025 einen kritischen oder erheblichen Bedarf an bestimmten Fähifkeiten (2024: 44 Prozent). 95 Prozent berichten von mindestens einem Skill-Bedarf – 5 Prozent mehr als im Vorjahr. Als dringendste Kompetenz nannten die Befragten KI-Know-how (41 Prozent), gefolgt von Cloud-Sicherheit (36 Prozent), Risikobewertung (29 Prozent), Anwendungssicherheit (28 Prozent), Sicherheitstechnik und Governance (27 Prozent) sowie Risiko und Compliance (ebenfalls 27 Prozent). „Wir brauchen Menschen, die in der Lage sind, die Aufgaben von modernen Sicherheitsfunktionen zu erfüllen“, so France. Auch Khawaja nennt den Mangel an „den richtigen Fähigkeiten im Sicherheitsteam“ als Hindernis für den Erfolg von CISOs. Er sieht die Herausforderung jedoch weniger im Fehlen von technischen Fähigkeiten oder sogar Soft Skills, sondern in sogenannten „Middle Skills“, etwa Risikomanagement und Change Management. Diese Fähigkeiten werden nach Meinung von Khawaja immer wichtiger, um die Sicherheit besser mit dem Business zu verzahnen, die Benutzer zur Akzeptanz von Sicherheitsprotokollen zu bewegen und letztendlich die Sicherheitslage des Unternehmens zu verbessern. „Fehlen diese Fähigkeiten, kann das Sicherheitsteam nur begrenzt etwas ausrichten.” Obwohl CISOs mit Arbeitsmarktbedingungen zu kämpfen haben, die weit außerhalb ihrer direkten Kontrolle und ihres Einflussbereichs liegen, gibt es laut Khawaja andere Maßnahmen, mit denen sie dem Mangel an Talenten und Fähigkeiten begegnen können. „Eine klare Talentstrategie, die sich auf die Einstellung von Mitarbeitern mit bestimmten Fähigkeiten und Kompetenzen konzentriert, kann CISOs dabei helfen, das zu bekommen, was sie zur Umsetzung ihrer Sicherheitsagenda benötigen.“ (jm) View the full article

  20. CISA releases technology readiness list for post-quantum cryptography

    CSOonline posted a techarticle in Security
    The US Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory mapping post-quantum cryptography (PQC) standards to common enterprise hardware and software categories, giving CIOs and security teams an early reference for evaluating quantum-safe technology readiness. Issued in response to a June 6, 2025 executive order on strengthening federal cybersecurity, the advisory identifies classes of IT products that already use, or are transitioning toward, NIST-standardized PQC algorithms. CISA said the lists are intended to guide procurement and long-term migration planning as agencies assess systems that rely on public-key cryptography. For enterprises, the guidance signals that quantum-safe cryptography is becoming a practical procurement consideration today, while also highlighting gaps. CISA noted that many listed product categories have implemented PQC for limited functions, such as key establishment, but are not yet fully quantum-resistant. CISA noted PQC-ready product categories The advisory highlighted several technology categories where PQC-compatible solutions are already available (or are in active transition) to help organizations evaluate purchase decisions and plan migration. The advisory highlighted that several product categories under hardware and software are already using PQC Standards. These include cloud services (PaaS, IaaS), collaboration software (chat/messaging), web software (browsers and servers), and endpoint security (DAR security and full disk encryption). Several other categories, including networking hardware and software, SaaS, telecommunications hardware, computers (physical or virtual), storage area networks, ICAM hardware, password managers, and antivirus software, were highlighted for their potential for adopting PQC. CISA noted that none of these categories is fully quantum-resistant. “Most of these categories have implemented PQC for key encapsulation and key agreement but have not yet widely implemented PQC for digital signatures and authentication,” CISA said about the categories already using PQC Standards. “As a result, these categories are not considered to be fully quantum resistant; CISA includes them on this list because one of their main security services is quantum resistant, and Federal Civilian Executive Branch (FCEB) departments and agencies should procure them appropriately.” The advisory added a note for categories like operational technology (OT) and internet of things (IoT) devices that weren’t considered traditional IT products. “These also should be transitioning to PQC standards as well, but are out of scope for these lists,” it said. PQC standards and algorithm roadmap The CISA advisory is aimed at aligning technologies with the nascent PQC standards now added into federal policy. NIST’s post-quantum standardization project and its Federal Information Processing Standards (FIPS) publications formed the baseline for the advisory. These include FIPS 203, which specifies the Module-lattice-Based Key Encapsulation Mechanism (ML-KEM) based on the CRYSTALS-KYBER algorithm for secure key establishment, FIPS 204, which defines the Module-Lattice-Based Digital Signature Algorithm (ML-DSA) rooted in CRYSTALS-Dilithium for secure digital signatures, and FIPS 205, which covers the Stateless Hash-Based Digital Signature Algorithm (SLH-DSA) derived from SPHINCS+ hash-based signature scheme. These standards implement mathematical constructions designed to resist both classical and quantum cryptanalytic attacks. To qualify as PQC-ready under CISA’s view, products are expected to implement these PQC primitives for key establishment (enabling two parties to negotiate secure session keys) and digital signatures (for authentication and integrity). View the full article

  21. Overcoming AI fatigue

    CSOonline posted a techarticle in Security
    AI is now everywhere within enterprises. Many CISOs I speak with feel stuck between wanting to move forward and not knowing where to begin. The fear of getting both security’s use of AI and securing AI within the organization wrong often stops their process before it begins. That said, unlike other big technology waves such as cloud, mobile and DevOps, we actually have a chance to put guardrails around AI before it becomes fully entrenched in every corner of the business. It’s a rare opportunity, one we shouldn’t waste. From AI fatigue to some much-needed clarity A big part of the confusion comes from the word “AI” itself. We use the same label to talk about a chatbot drafting marketing copy and autonomous agents that generate and implement incident response playbooks. Technically, they’re both AI, but the risks are nowhere near the same. The easiest way to cut through the AI hype is to break AI into categories based on how independent the system is and how much damage it could do if something went wrong. On one end, you have generative AI, which doesn’t act on its own. It responds to prompts. It creates content. It helps with research or writing. Most of the risk here comes from people using it in ways they shouldn’t — sharing sensitive data, pasting in proprietary code, leaking intellectual property and so on. The good news is that these problems are manageable. Clear acceptable-use policies, training people on what not to put into GenAI tools and implementing enforceable technical controls will handle a big chunk of the security considerations with generative AI. The risk grows when companies let GenAI influence decisions. If the underlying data is wrong, poisoned or incomplete, then the recommendations built on top of that data will be wrong too. That’s where CISOs need to pay attention to data integrity, not just data protection. Then there’s the other end of the spectrum: agentic AI. This is where the stakes are raised. Agentic systems don’t just answer questions — they take actions. They sometimes make choices. Some can trigger workflows or interact with internal systems with very little human involvement. The more independent the system, the bigger the potential impact. And unlike GenAI, you can’t rely on “better prompts” to fix the problem. If an agentic AI drifts into “bad behavior,” the consequences can land extremely fast. That’s why CISOs need to get ahead of this category now. Once the business starts depending on autonomous systems, trying to bolt on safeguards afterward is almost impossible. Why CISOs actually have an opening here If you’ve been in security long enough, you’ve probably lived through at least one technology wave where the business moved ahead and security was asked to play catch-up. Cloud adoption is one recent example. And once that train left the station, there was no looking back and there was certainly no slowing down. AI is different. Most companies – even the most forward-thinking ones – are still figuring out what they want from AI and how to best deploy it. Outside of tech, many executives are experimenting without any real strategy at all. This creates a window for CISOs to set expectations early. This is the moment to define the “unbreakable rules,” shape which teams will review AI requests and put some structure around how decisions are made. Security leaders today have more influence than they did in earlier technology shifts, and AI governance has quickly become one of the most strategic responsibilities in the role. Data integrity: Foundational to AI risk When people talk about the CIA triad, “integrity” usually gets the least airtime. In most organizations, applications handle integrity quietly in the background. But AI changes how we think about it. If the data feeding your AI systems is compromised, incomplete, incorrect or manipulated, then the decisions built on top of that data can affect financial processes, supply chains, customer interactions or even physical safety. The job of the CISO now includes making sure AI systems rely on trustworthy data, not just protected data. Those two aren’t the same thing anymore. A simple, tiered approach to AI governance To make sense of all the different AI use cases, I recommend a tiered approach. It mirrors how many companies already handle third-party risk: the higher the risk, the more scrutiny and controls you apply. Step 1: Categorize AI usage A practical AI governance program begins by categorizing each use case according to two core metrics: the system’s level of autonomy and its potential business impact. Autonomy spans a spectrum, from reactive generative AI to assisted decision-making, to human-in-the-loop agentic systems and ultimately to fully independent AI agents. Each AI use case must be evaluated for its impact on the business, categorizing the impact simply as low, medium or high. Low-impact, low-autonomy systems may require only lightweight oversight, whereas high-autonomy, high-impact use cases demand formal governance, rigorous architectural review, continuous monitoring – and in some cases, explicit human oversight or the addition of a kill switch. This structured approach allows CISOs to quickly determine when stricter controls are needed and when concepts such as zero-trust principles should be applied inside AI systems themselves. Step 2: Define table-stakes controls for all AI Once risk tiering is in place, CISOs must ensure that foundational controls are consistently applied across all AI deployments. Regardless of the technology’s sophistication, every organization needs clear and enforceable acceptable use policies, security awareness training that addresses AI-specific risks and technical controls that prevent data leakage and undesirable behavior. Basic monitoring for anomalous AI activity further ensures that even low-risk generative AI use cases operate within safe and predictable boundaries. Step 3: Determine where AI review will occur With these foundations established, organizations must determine where AI governance will actually occur. The right forum depends on organizational maturity and existing structures. Some companies may integrate AI reviews into an established architecture review board or a privacy or security committee; others may need a dedicated, cross-functional AI governance body. Regardless of the structure chosen, effective AI oversight requires input from security, privacy, data, legal, product and operations. Governance cannot be the responsibility of a single department — AI’s impact reaches across the entire enterprise, and so must its oversight. Step 4: Establish unbreakable rules and critical controls Finally, before any AI use case is approved, the organization must articulate its non-negotiable rules and critical controls. These are the boundaries that AI systems must never cross, such as autonomously deleting data or exposing sensitive information. Some systems may require explicit human oversight, and any agentic AI that can bypass human-in-the-loop mechanisms must include a reliable kill switch. Least-privilege access and zero-trust principles should also apply within AI systems, preventing them from inheriting more authority or visibility than intended. These rules should be dynamic, evolving as AI capabilities and business needs change. AI isn’t optional anymore, but good governance can’t be optional either CISOs don’t have to become machine-learning experts or slow the business down. What they do need is a clear, workable way to judge AI risks and keep things safe as adoption grows. Breaking AI down into understandable categories, pairing that with a simple risk model and getting the right people involved early will go a long way toward reducing the overwhelm. AI will reshape every corner of the enterprise. The question is who will shape AI. For the first time in a long time, CISOs have the chance to set the rules, not scramble to enforce them. Carpe diem! This article is published as part of the Foundry Expert Contributor Network. Want to join? View the full article

  22. AI overload to accelerate zero-trust data governance adoption

    CSOonline posted a techarticle in Security
    Gartner has warned that the increasing volume of data generated by AI threatens the future reliability of large language models (LLMs). So much so, that it predicts that 50% of organizations will implement a zero-trust stance for data governance by 2028 due to the proliferation of unverified AI-generated data. According to data from a recent 2026 survey of CIOs and technology executives, 84% expect their companies to increase funding for generative AI. As organizations accelerate both the adoption and investment in AI initiatives, the volume of AI-generated data will continue to grow. This means that future generations of LLMs will increasingly be trained on the outputs of previous models, increasing the risk of “model crash,” where AI tools’ responses may no longer accurately reflect reality. “Organizations can no longer implicitly trust data or assume it was human generated. As AI-generated data becomes pervasive and indistinguishable from human-created data, a zero-trust posture establishing authentication and verification measures, is essential to safeguard business and financial outcomes,” said Wan Fui Chan, executive vice president at Gartner, in a statement. Chan also pointed out that “regulatory requirements for verifying ‘AI-free’ data are expected to intensify in certain regions.” “However, these requirements may differ significantly across geographies, with some jurisdictions seeking to enforce stricter controls on AI-generated content, while others may adopt a more flexible approach,” Chan said in the release. LLMs are typically trained using data extracted from the web, as well as a variety of other sources, including books, code repositories, and research articles. Some of these sources already contain AI-generated content, and if the current trend continues, almost all of them will eventually be filled with AI-generated data. “In this evolving regulatory environment,” Chan continued, “all organizations will need the ability to identify and tag AI-generated data. Success will depend on having the right tools and a workforce skilled in information and knowledge management, as well as metadata management solutions that are essential for data cataloging.” As a result, Gartner points out that proactive metadata management practices will become a key differentiator, as they will allow organizations to analyze, alert, and automate decision-making across all their data assets. View the full article

  23. 4 issues holding back CISOs’ security agendas

    CSOonline posted a techarticle in Security
    Many security leaders believe a cyberbreach is inevitable, with the timing being the only uncertainty. It’s a belief encapsulated in the common refrain that a breach is “not if, but when.” But a growing number of CISOs now expect an incident sooner than later: Some 76% said they feel at risk of experiencing a material cyberattack in the next 12 months, according to the Voice of the CISO Report released by security tech company Proofpoint in August 2025. That’s up from 70% the prior year. The report also found that 58% of CISOs believe their organization is unprepared to respond. Besides the overall feeling of near inevitability of attack, security chiefs acknowledge that various challenges keep them from boosting their overall security posture and feeling more confident in their ability to block or respond to attacks. Here, security leaders share four issues that hold back the enterprise security agenda. 1. Failure to train and empower team members to act on priorities CISOs readily admit their security teams have more work to do than can be done. That leads to a lot of stress: Some 80% of CISOs report being under high or extreme pressure today, according to the 2025 CISO Pressure Index from tech maker Nagomi Security, and 87% said that pressure has increased over the past 12 months. Additionally, 67% report being burned out weekly or daily. “Every CISO feels very overwhelmed,” says Omar Khawaja, who leads Databricks’ field security practice, teaches at Carnegie Mellon University’s CISO program, and sits on the boards of HITRUST and FAIR Institute. To cope, CISOs have become skilled at prioritizing, with tasks that reduce the most significant risks to the organization topping their lists. Too often, however, CISOs don’t train their team members so they can competently make decisions and take actions that align with those priorities, says Khawaja, a former CISO at Highmark Health. That keeps executives making all the priority calls, which ties them up and slows the whole team down. CISOs should aim to have team members know when and how to make prioritization calls for their own areas of work, “so that every single team is focusing on the most important stuff,” Khawaja says. “To do that, you need to create clear mechanisms and instructions for how you do decision-support,” he explains. “There should be criteria or factors that says it’s high, medium, low priority for anything delivered by the security team, because then any team member can look at any request that comes to them and they can confidently and effectively prioritize it.” 2. Inability to keep pace with AI innovation and adoption Executives and employees alike have been rushing to adopt artificial intelligence, enticed by expectations that AI will transform workflows and save time, money, and effort. But CISOs for the most part have not kept pace with their business colleagues’ rate of AI adoption. According to a survey of 921 IT and cybersecurity professionals conducted for Cyera’s 2025 State of AI Data Security Report, 83% of organizations use AI but only 13% have strong visibility into how those systems access or handle sensitive data; only 16% treat AI as a distinct identity; only 11% of organizations can automatically block risky AI activity; and only 7% have a dedicated AI governance team. “Most CISOs are wrestling with how to secure AI,” says Robert T. Lee, chief AI officer and chief of research at SANS, a security training and certification firm. According to Lee, a good number of CISOs still either prohibit proposed AI use cases because of security concerns — what he terms the “Security Framework of No” — or slow adoption while they evaluate the AI’s security. “There is a general lack of knowledge on how to approach AI,” Lee says. In fairness to CISOs, the business doesn’t always help matters here, Lee notes. “At many organizations their AI strategy is changing quickly; a new AI version comes out and so their agenda changes, and then a month later something else new comes out and it changes again. There is this moving target of what the security team is being asked to secure,” he says. Regardless, Lee says it’s clear that the security team’s inability to keep pace with AI innovation and the enterprise’s desire to quickly adopt is problematic. It stymies the organization’s agenda by slowing transformation. It also hinders the security department’s success, because the business often bypasses security altogether rather than have to slow or stop its AI journey. As a result, CISOs and their organizations end up with shadow AI, unmanaged agents, and opaque data flows that create a poorly secured expanded attack, Lee adds. Of course, there is still a need to adequately evaluate and secure AI deployments, Lee says, adding that organizations should not simply accept vendor assurances that their AI components are secure. According to Lee, the CISOs who keep pace with their organization’s AI strategy take a holistic approach, rather than work deployment to deployment. They establish a risk profile for specific data, so security doesn’t spend much time evaluating AI deployments that use low-risk data and can prioritize work on AI use cases that need medium- or high-risk data. They also assign security staffers to individual departments to stay on top of AI needs, and they train security teams on the skills needed to evaluate and secure AI initiatives. 3. Limited adoption of AI for security operations Like their business colleagues, some CISOs are embracing AI to transform their operations — but they appear far from being a majority, despite the benefits the technology brings to cybersecurity. The 2025 ISC2 Cybersecurity Workforce Study found that only 28% of the 16,000 enterprise leaders surveyed had integrated AI tools into their security operations. The study found 19% testing them and 22% in the early evaluation phase. “CISOs are playing a bit of catch-up” in terms of deploying AI at the same speed as the business, says Jon France, CISO of ISC2, a cybersecurity training and certification organization. That slow pace exists even though use of AI in security operations is proving beneficial, France adds, noting that 63% of those who are using AI security tools reported a significant boost to their productivity. According to the ISC2 study, “In terms of where AI is expected to have the most impact on cybersecurity operations in the shortest amount of time, 40% pointed toward network monitoring for the highest positive impact, followed by security operations and security testing (both at 30%), vulnerability management (29%), threat modeling and endpoint protection (both at 28%).” 4. The lack of needed talent and required skills Although CISOs have long cited challenges in hiring enough qualified security workers, they’re increasingly citing it as a roadblock to advancing their security agendas. The 2025 State of Cybersecurity Resilience from professional services firm Accenture found that 83% of IT executives identified their cyber talent shortage “as a major obstacle to achieving a strong security posture.” The ISC2 study highlighted a two-headed problem. First is the talent shortage, with 63% reporting in 2025 that they have a slight or significant cybersecurity shortage, a modest improvement over the 68% who said as much in 2024. Second is the skills gap. According to the report, 59% in 2025 have critical or significant skills needs, up from 44% in 2024, and 95% have at least one or more skills needs, up 5% on the previous year. Survey respondents said AI was the most pressing skills need (41%), followed by cloud security (36%), risk assessment (29%), application security (28%), security engineering and governance, (27%) and risk and compliance (also at 27%). “We need people who are suitable to discharge the duties of security roles today,” France says. Khawaja also cites the lack of “the right skills on the security team” as an obstacle for CISO success. However, Khawaja sees the challenge for CISOs not being about hiring for technical skills or even soft skills, but what he called “middle skills,” such as risk management and change management. These skills he sees becoming more crucial for aligning security to the business, getting users to adopt security protocols, and ultimately improving the organization’s security posture. “If you don’t have [those middle skills], there’s only so far the security team can go,” he says. Although CISOs are fighting labor market forces that are well beyond their direct control and influences, Khawaja and others say there are steps CISOs can take to address their talent and skills shortages, saying a solid talent strategy that focuses on hiring for skills and competencies can help CISOs get what they need to advance their security agendas. View the full article

  24. CNAPP-Kaufratgeber

    CSOonline posted a techarticle in Security
    Gorodenkoff | shutterstock.com Cloud Security bleibt ein diffiziles Thema und die Tools, mit denen sie sich gewährleisten lässt, werden zunehmend komplexer und schwieriger zu durchschauen – auch dank der ungebrochenen Liebe der Branche zu Akronymen. Mit CNAPP kommt nun ein weiteres hinzu. CNAPP – Definition Die Abkürzung steht für Cloud-Native Application Protection Platform – und kombiniert die Funktionen von vier separaten Cloud-Security-Werkzeugen: Cloud Infrastructure Entitlement Management (CIEM), um sämtliche Zugriffskontrollmaßnahmen und Risikomanagement-Tasks zu managen. Cloud Workload Protection Platform (CWPP), um Code in allen cloudbasierten Repositories abzusichern sowie Laufzeitschutz für die gesamte Entwicklungsumgebung und alle Code-Pipelines zu gewährleisten. Cloud Access Security Broker (CASB) für Authentifizierungs- und Encryption-Aufgaben. Cloud Security Posture Management (CSPM), das Threat Intelligence und Abhilfemaßnahmen kombiniert. Über diese vier „klassischen“ Elemente hat sich CNAPP inzwischen auch auf andere Bereiche ausgeweitet. Zum Beispiel: API-, Skript-, Supply-Chain– sowie Infrastructure-as-Code (IaC)-Sicherheit, Container– und Serverless-Security, sowie weitere Posture-Management-Tools, einschließlich Daten- und SaaS-Applikationen. Aus Anwendersicht ist CNAPP damit sowohl schwer zu verstehen als auch diffizil zu evaluieren – und entsprechend schwer einzukaufen, wie Forrester-Chefanalyst Andras Cser in einem Blogbeitrag zum Thema nahelegt. Weil teilweise auch Security-Optionen außerhalb der Cloud abgedeckt würden, sei jede CNAPP-Kaufentscheidung und -Implementierung auch eine Team- oder abteilungsübergreifende Aufgabe, so der Analyst. Anders ausgedrückt: Geht‘s um CNAPP, muss eine ganze Menge Software abgestimmt, gemanagt, integriert und verstanden werden. Um Ihnen den Überblick zu erleichtern, haben wir die Details zu den wichtigsten Anbietern und Angeboten in diesem Kaufratgeber zusammengetragen. Der CNAPP-Markt Geprägt hat die Produktkategorie – beziehungsweise das Akronym – einmal mehr Gartner. Das Analystenhaus verwendete den Begriff CNAPP erstmals in seinem „Innovation Insight“-Report aus dem August 2021. Der Schlüssel zum Verständnis dieser Produktkategorie liegt in den Integrationsherausforderungen für Unternehmensanwender: Im „State of Observability Report“ von VMware geben 57 Prozent der Befragten an, dass innerhalb einer typischen Cloud-Anwendung bis zu 50 verschiedene Technologien zum Einsatz kommen – die im Schnitt mit zehn Monitoring-Tools gemanagt werden. Und laut dem „Observability Report 2024“ (Download gegen Daten) von Dynatrace besteht eine typische Enterprise-Umgebung im Schnitt aus einem Dutzend unterschiedlichen Cloud-Plattformen, wobei regelmäßig ein Mix aus Private-, Public- und Hybrid-Cloud-Strategien zur Anwendung kommt. Hinzu kommen dann noch verschiedene Instanzen virtueller Maschinen, Kubernetes-Container sowie Serverless- und Microservices-Tools. Diese erhebliche Integrationsbelastung könnte auch ein Grund dafür sein, dass der CNAPP-Markt im zweiten Quartal 2024 ein Gesamtvolumen von 700 Millionen Dollar erreicht hat und damit im Jahresvergleich um 42 Prozent gewachsen ist – wie die Analysten der Dell’Oro Group berichten. CNAPP-Anbieter und ihre Angebote Im Idealfall sollte eine CNAPP-Lösung: Fehlkonfigurationen reduzieren, das Security-Niveau der Entwicklungspipeline optimieren, sowie effektiv automatisieren. Die Anbieter verfolgen mit Blick auf CNAPP zwei unterschiedliche Ansätze: Entweder sie fokussieren die DevSecOps– oder die traditionelle IT-Security-Perspektive. Ersteres hat einen stärkeren Fokus auf den Schutz der Applikationen selbst zur Folge (CIEM/CWPP), letzteres eine Ausweitung traditioneller Schutzmaßnahmen auf Netzwerkebene (CASB/CSPM). Bislang deckt kein CNAPP-Offering wirklich konsequent alle vier Bereiche ab. Natürlich spielt künstliche Intelligenz (KI) auch in diesem Bereich zunehmend eine Rolle: Diverse CNAPP-Anbieter integrieren, beziehungsweise kombinieren KI-Agenten und agentenlose Lösungen in ihren Produkten, um ein umfassenderes Monitoring und eine möglichst breite Abdeckung und Scalability zu bieten. Aqua Security Platform Fokus: DevSecOps Form: Einheitliche Plattform mit verschiedenen Produkten; Besondere Features/Integrationen: „(No-)Breach-Garantie“ bis zu einer Million Dollar; Preisgefüge: kostenlose Trial-Version; ab 850 Dollar pro Monat; CrowdStrike Falcon Cloud Security Fokus: DevSecOps / IT-Security Form: Einheitliche Plattform mit verschiedenen Produkten; Besondere Features/Integrationen: Cloud Detection and Response (CDR), AppSec, Schwachstellenanalyse für Container-Images; Preisgefüge: Abonnement-Preis richtet sich nach den gewählten Produkten; Data Theorem Fokus: DevSecOps Form: Separate Produkte für Cloud, Web und Supply Chain; Besondere Features/Integrationen: Headliner Attack Policies, Artifact Scanning, zentrale Analyse-Engine, Kubernetes-Support; Preisgefüge: komplex und teuer; unterschiedliche Tarife für jedes Produkt; Lacework FortiCNAPP Fokus: IT-Security Form: Einheitliche Plattform mit verschiedenen Produkten; Besondere Features/Integrationen: Verhaltensbasierte Schutzregeln, SOAR, AppSec, Scans für Build- und Deployment-Pipelines; Preisgefüge: kostenlose Probeversion; richtet sich nach der Nutzungsdauer sowie den in Anspruch genommenen vCPUs; Orca CNAPP Fokus: IT-Security Form: Einheitliche Plattform mit verschiedenen Produkten; Besondere Features/Integrationen: Side Scanning, Risikopriorisierung, AppSec-Pipelines, KI-Features; Preisgefüge: orientiert sich an Workloads, Storage Buckets und Datenbank-Scans sowie den eingesetzten Sensoren; Palo Alto Networks Cortex Cloud Fokus: IT-Security Form: Einheitliche Plattform mit verschiedenen Produkten; Besondere Features/Integrationen: CDR, AppSec-Integration, Laufzeitschutz und DSPM, Support für IBM und Akamai Clouds geplant; Preisgefüge: komplex und teuer; richtet sich nach den gewählten Modulen und abgesicherten Workloads; Qualys Total Cloud CNAPP Fokus: IT-Security Form: Einheitliche Plattform; Besondere Features/Integrationen: CDR, Container und IaC-Security, SaaS Posture Management, KI-Funktionen; Preisgefüge: kostenlose Probeversion; Abo-Modell auf Workload-Basis; Sysdig Secure Fokus: DevSecOps Form: Einzelprodukt; Besondere Features/Integrationen: „Next Generation“ CDR, Risikopriorisierung, KI-Funktionen und-Analysen; Preisgefüge: Festpreis pro Host Model; ab circa 500 Dollar pro Monat; Tenable Cloud Security Fokus: IT-Security Form: Standalone-Lösung oder als Bestandteil der Exposure-Management-Plattform Tenable One; Besondere Features/Integrationen: Exposure Management, DSPM, KI Security, Kubernetes- und IaC-Support; Preisgefüge: kostenlose Probeversion; komplexes Preismodell, das sich an Nodes oder Workloads ausrichten lässt; Tigera Calico Cloud Fokus: DevSecOps Form: Einzelprodukt; Besondere Features/Integrationen: fokussiert in erster Linie auf Container- und Kubernetes-Security; Preisgefüge: kostenlose Open-Source-Version; kommerzielle Optionen mit Abo-Abrechnungsmodell oder pro Node-Stunde; Uptycs Fokus: IT-Security Form: Einheitliche Plattform; Besondere Features/Integrationen: XDR, AppSec, DSPM, KI- und ML-Funktionen; Preisgefüge: diverse Optionen; ab circa 5.000 Dollar pro Jahr (200 Cloud Assets); Wiz Fokus: IT-Security Form: Einheitliche Plattform mit verschiedenen Produkten; Besondere Features/Integrationen: Risikopriorisierung mit Graph-basierten Visualisierungen und Analysen von Code zu Cloud zu Runtime, KI-Funktionen, Container- und Kubernetes-Support; Preisgefüge: verschiedene Preispläne, die sich nach den Workloads richten; 5 Fragen vor dem CNAPP-Investment Bevor Sie sich für einen dieser CNAPP-Anbieter entscheiden, sollten Sie sich folgende Fragen stellen: Welche Cloud-Artefakte lassen sich mit der gewählten Lösung scannen? Einige Produkte (Lacework) fokussieren auf die drei großen IaaS-Anbieter, andere (Tigera) unterstützen nur die Kubernetes-Dienste der Hyperscaler. Wieder andere (Sysdig) nehmen vor allem Container und die verschiedenen Linux-Server, auf denen diese laufen, in den Fokus. Vor allem kommt es jedoch darauf an, die Artefakte kontinuierlich und (nahezu) in Echtzeit überwachen zu können. Wie werden Sicherheitsvorfälle gemeldet? Gibt es separate Zugriffsregeln, damit sich verschiedene Mitarbeiter auf bestimmte Bereiche konzentrieren können? Gibt es separate oder kombinierte, vordefinierte Sicherheitsrichtlinien, um Daten mit und ohne Agenten zu erfassen? Wie aussagekräftig sind die Dashboards und die Visualisierungen, die diese liefern? Inwieweit werden die vier Management-Tool-Bereiche abgedeckt? Einige Angebote bieten CWPP- und CSPM-Elemente, müssen aber, etwa für Kubernetes-Support, erweitert werden. Welche DevOps-Frameworks werden unterstützt? Wie sieht es mit Blick auf Open-Source-Repositories aus? Wie viel kostet die Lösung konkret? Nur wenige CNAPP-Anbieter bieten eine wirklich transparente Preisgestaltung. Insbesondere bei komplexen Preismodellen (Data Theorem, Qualys, Orca) besteht deshalb Klärungsbedarf. (fm) Sie wollen weitere interessante Beiträge rund um das Thema IT-Sicherheit lesen? Unser kostenloser Newsletter liefert Ihnen alles, was Sicherheitsentscheider und -experten wissen sollten, direkt in Ihre Inbox. View the full article

  25. Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

    CSOonline posted a techarticle in Security
    Javascript developers should consider moving away from the npm and yarn platforms for distributing their work because newly-found holes allow threat actors to run malicious worm attacks like Shai-Hulud, says an Israeli researcher. The warning comes from Oren Yomtov of Koi Security, who blogged Monday of discovering six zero day vulnerabilities in several package managers that could allow hackers bypass defenses that had been recommended last November after Shai-Hulud roamed through npm and compromised over 700 packages. Those defenses are: disabling the ability to run lifecycle scripts, commands that run automatically during package installation, saving lockfile integrity checks (package-lock.json, pnpm-lock.yaml, and others) to version control (git). The lockfile records the exact version and integrity hash of every package in a dependency tree. On subsequent installs, the package manager checks incoming packages against these hashes, and if something doesn’t match, installation fails. If an attacker compromises a package and pushes a malicious version, the integrity check should catch the mismatch and block it from being installed. Those recommendations “became the standard advice everywhere from GitHub security guides to corporate policy docs” after November, says Yomtov, “because if malicious code can’t run on install, and your dependency tree is pinned, you’re covered.” November’s advice still valid, but more issues need addressing That advice is still valid, he added in an email interview. However, the vulnerabilities he discovered — dubbed PackageGate — that allow hackers to get around those two defenses have to be addressed by all platforms, he said. So far, the pnpm, vlt, and Bun platforms have addressed the bypass holes, Yomtov said, but npm and yarn haven’t. He therefore recommends that JavaScript developers use pnpm, vlt or Bun. He added that, in any case, JavaScript developers should keep whatever JavaScript package manager they use up to date to ensure they have the latest patches. GitHub statement ‘bewildering’ Microsoft, which owns and oversees npm through GitHub, referred questions about the vulnerabilities to GitHub. It said in a statement, “We are actively working to address the new issue reported as npm actively scans for malware in the registry.” In the meantime, it urges project developers to adopt the recommendations in this blog issued after the Shai-Hulud attacks. The statement also notes that, last September, GitHub said it is strengthening npm’s security, including making changes to authentication and token management. GitHub also warns that that, if a package being installed through git contains a prepare script, its dependencies and devDependencies will be installed. “As we shared when the ticket was filed, this is an intentional design and works as expected. When users install a git dependency, they are trusting the entire contents of that repository, including its configuration files.” Yomtov found this explanation of intentional design “bewildering.” Not the complete picture He says the scripts bypass vulnerability was reported through the HackerOne bug bounty program on November 26, 2025. While other JavaScript package managers accepted the reports, npm said the platform was working as intended, and that the ‘ignore scripts’ command should prevent the running of unapproved remote code. “We didn’t write this post to shame anyone,” Yomtov said in the blog. “We wrote it because the JavaScript ecosystem deserves better, and because security decisions should be based on accurate information, not assumptions about defenses that don’t hold up. “The standard advice, disable scripts and commit your lockfiles, is still worth following. But it’s not the complete picture,” he said. “Until PackageGate is fully addressed, organizations need to make their own informed choices about risk.” This article originally appeared on InfoWorld. View the full article

Account

Navigation

Search

Search

Configure browser push notifications
Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.