FEATURES EDITION | How CISOs Can Craft Better Narratives for the Board

Communicating cyber-risk upward to the C-suite and board takes simplification and a better understanding of the audience. [TechWeb]( Follow Dark Reading: [RSS]( April 22, 2023 LATEST SECURITY FEATURES & COMMENTARY [How CISOs Can Craft Better Narratives for the Board]( Communicating cyber-risk upward to the C-suite and board takes simplification and a better understanding of the audience. [New Policy Group Wants to Improve Cybersecurity Disclosure, Support Researchers]( The new Security Legal Research Fund and Hacking Policy Council are aimed at protecting "good faith" security researchers from legal threats and giving them a voice in policy discussions. [OpenSSF Adds Software Supply Chain Tracks to SLSA Framework]( The Open Source Security Foundation's SLSA v1.0 release is an important milestone in improving software supply chain security and providing organizations with the tools they need to protect their software. [Where There's No Code, There's No SDLC]( How can we build security back into software development in a low-code/no-code environment? [Shadow IT, SaaS Pose Security Liability for Enterprises]( Software written or acquired outside of IT's purview is software that IT can't evaluate for security or compliance. [Intel Prioritizes Security in Latest vPro Chips]( While Intel is building more hardware protections directly into the chips, enterprises still need a strategy for applying security updates on these components. [How Zero Trust Can Protect Systems Against Generative AI Agents]( Researchers explore a love-hate relationship with AI tools like ChatGPT, which can be used to both attack and defend more efficiently. [Newer Authentication Tech a Priority for 2023]( Organizations are planning on newer multifactor authentication methods, such as invisible MFA and passwordless, says SecureAuth in its "State of Authentication" report. [ZeroFox Acquires LookingGlass]( The combined company will boost ZeroFox's attack surface management capabilities. [MORE NEWS /]( [MORE COMMENTARY]( FROM THE NEWS DESK ['GhostToken' Opens Google Accounts to Permanent Infection]( A bug in how Google Cloud Platform handles OAuth tokens opened the door to Trojan apps that could access anything in users' personal or business Google Drives, Photos, Gmail, and more. [Killnet Boss Exposes Rival Leader in Kremlin Hacktivist Beef]( Killnet's leader outs the identity of the new Anonymous Russia leader, in an effort to consolidate power among pro-Russia cybercriminals. [Major US CFPB Data Breach Caused by Employee]( The sensitivity of the personal information involved in the breach has yet to be determined by agency officials, but it affects 256,000 consumers. [MORE]( EDITORS' CHOICE [7 Sizzling Sessions to Check Out at RSA Conference 2023]( Here are some of the most interesting, can't-miss sessions at the upcoming show in San Francisco. [Security Is a Revenue Booster, Not a Cost Center]( Focusing on what customers and partners need from a company can help CISOs show the real financial benefits of improving cybersecurity. [Name That Edge Toon: Tower of Babble]( Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. WEBINARS - [What's "CNAPP-ening"? Bring Your Cloud Security into Focus!]( What's CNAPP-ening is your organization is churning out code every day to make your business more money, but traditional security approaches fail to provide adequate controls for cloud-native applications. Modernize your perspective by embracing an application-centric view of security in ... - [Puzzled by Patching: Solve Endpoint Pains]( In this webinar, you'll learn critical steps to improve your security posture and reduce patching complexity so that your IT team can do more with less while keeping security at the forefront. Now is the time to slay the time-consuming ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [The Ultimate Guide to the CISSP]( - [Welcome to Modern Web App Security]( - [AppSec Best Practices: Where Speed, Security, and Innovation Meet in the Middle]( - [Cybersecurity Maturity Model Certification (CMMC) Version 1.02]( - [2023 Gartner Market Guide for Cloud-Native Application Protection Platforms (CNAPP)]( - [The Cloud Security Workflow Handbook]( - [2023 Cloud Threat Report]( [View More White Papers >>]( FEATURED REPORTS - [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( Cloud promised to simplify the security and management of enterprise systems. In many ways it has, but when it comes to identity management it's as complicated as ever. This report details how to get identity programs on track -- and ... - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... - [10 Hot Talks From Black Hat USA 2022]( Black Hat USA brings together cutting-edge research, new security tools, and sophisticated defensive techniques over the course of two days. There were some recurring themes across the sessions, and many of these topics are going to be important issues to ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [Bitsight Expands into Integrated Cyber-Risk Management]( [Infoblox Uncovers DNS Malware Toolkit & Urges Companies to Block Malicious Domains]( [Akamai Technologies to Acquire API Security Company Neosec]( [CrowdStrike Announces Managed XDR to Close the Cybersecurity Skills Gap, Expands MDR Portfolio]( [Coro Raises an Additional $75M Bringing the Total Raised to $155M in 12 Months]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Successfully Managing Identity in Modern Cloud and Hybrid Environments]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)