BankInfoSecurity.com

Ellis of YL Ventures on How Modern CISOs Must Lead, Not Master Every Discipline
There were never many 'do everything' CISOs. Today there are even fewer. But with a specialist area, strong overview and ability to channel expertise, CISOs can align with business goals, embrace the business enabler role, demonstrate quick wins, and ensure their organization makes better risk decisions.

4 Breaches Appear to Potentially Affect Hundreds of Thousands Across Several States
Catholic hospital chain Ascension Health is notifying hundreds of thousands of individuals across several states of at least four hacking incidents in recent months involving third-parties. Ascension reported one of the breaches this week, another in mid-April and the others in March and February.

CISA Staff Told to Prepare for Cuts and Crowded Work Locations Amid Growing Turmoil
Top officials at the nation's cyber defense agency want to give President Donald Trump's pick to lead the agency time to assess major restructuring plans - a move that is reportedly delaying the timeline for reductions in force while causing growing concerns for job stability among staffers.

Retailer Continues to Recover From Ransomware Incident
British retailer Marks & Spencer was reportedly targeted by financial crime group Scattered Spider, who deployed ransomware on the company's VMware ESXi server. The retailer continues to recover from a cyber incident that disrupted operations in its online and offline stores.

Panel Explores AI Innovation, Geopolitical Tensions and Cybersecurity Leadership
ISMG editors share insights from Day 3 of RSAC Conference 2025, unpacking nagging AI security challenges, evolving CISO roles, operational technology protection and the impact of geopolitical tensions on global cybersecurity collaboration.

Practical Tips for Surviving Conference Networking
Conferences are a prime opportunity to meet new people, exchange ideas and build relationships but for those of us who are introverts, the prospect of networking in large crowds can be overwhelming and exhausting.

Experts From Stibo Systems, Sitation on Tapping Into MDM and Predictive Analytics
Manufacturers want to digitally transform to tap into the latest artificial intelligence tools, but they're saddled with decades-old equipment that was not designed to easily share data with other systems. But there's hope, said James Van Pelt, manufacturing practice lead at Stibo Systems.

Zero Trust Creator John Kindervag on Barriers to Security Success Beyond Tech
Growing executive engagement with zero trust signifies a change from technical discussions to strategic business focus. Boards now view cybersecurity as fundamental to operations and seek solutions beyond products, said John Kindervag, creator of zero trust and chief evangelist, Illumio.

HIPAA Protected Health Information Among Data Stolen in Nov. 2023 Attack
The City of Long Beach, Calif. is notifying nearly 260,000 individuals that their protected health information was potentially stolen in a November 2023 hack that also disrupted IT systems for several weeks. The city has added $1 million to its cybersecurity budget since the incident.

Salt Typhoon Exposed Major Flaws in Telecom Networks. Few Changes Have Been Made
After China's Salt Typhoon breach of U.S. telecom networks, federal experts told Congress on Wednesday the nation remains dangerously exposed to another attack - despite warnings, investigations and interagency coordination, all of which have yet to produce systemic cyber defense improvements.

'Making America Safe Again Through Cyberdefense' Is Focus of Her RSAC Speech
"Cybersecurity is national security," said U.S. Homeland Security Secretary Kristi Noem during an RSAC Conference speech detailing her agenda for revamping the Department of Homeland Security's approach to cybersecurity, including a streamlined Cybersecurity and Infrastructure Security Agency.

Although the National Institutes of Health appears to have scaled back plans to build a national registry to track individuals with autism, the agency's research project still poses critical data privacy concerns, said Ariana Aboulafia and Andrew Crawford of the Center for Democracy and Technology.

Capitol Meridian Partners' Razi on Smarter AI Use, Strong Leadership and Diversity
Many AI models prioritize speed over security, exposing organizations to significant risks. Niloofar Razi, operating partner at Capitol Meridian Partners, stressed the need for companies to evaluate models carefully before adoption.

Energy Department Disputes Nuclear Access Breach Claims in Latest DOGE Controversy
Department of Government Efficiency staffers gained access to accounts on classified networks storing some of the nation's top nuclear secrets according a report published concurrently with a lawsuit arguing the task force is unconstitutional and lacks congressional approval.

Hot Topics Also Include Quantum Computing, Blockchains, Artificial Intelligence
Cryptocurrencies have dramatically failed to live up to their promise, to the extent that the "world would be better" without them, said cryptographer Adi Shamir at this year's RSAC Conference, during an expert panel that touched on artificial intelligence, quantum computing, blockchains and more.

Panel Discusses Views on Cryptocurrency, OT Security and Data Sovereignty
ISMG editors share highlights from Day 2 of the RSAC Conference 2025 in San Francisco, including insights from the cryptographers' panel, operational technology security awareness at the board level, and the growing focus on securing both public and private AI models.

New Zealand Model Brings Cyber and Fraud Teams Together to Defend Against Scammers
To help financial institutions counter crime, the FS-ISAC earlier this month introduced a major initiative: the Cyberfraud Prevention Framework. This new initiative is designed to unify cybersecurity and fraud prevention teams to more effectively protect customers and secure the enterprise.