CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

CISOs face increased personal liability and security risks

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Chief Information Security Officers (CISOs) are experiencing heightened personal liability and security risks as their roles expand. This includes legal and professional threats, often without proportional increases in support or budget. Recent legal actions and cyberattacks targeting CISOs have raised concerns about personal liability and the need for better legal protections. The focus on liability often overshadows the need for improved security measures, leading to a skewed response from organizations. CISOs are increasingly aware of the risks to their personal and professional lives, including deepfake attacks and social engineering schemes. They must assess their risk profiles and implement protective measures accordingly. The emphasis should be on presenting clear risk assessments and security plans to executives and boards, rather than merely mitigating liability.

Timeline

  1. 22.08.2025 14:59 1 articles · 1mo ago

    CISOs face heightened personal liability and security risks

    Chief Information Security Officers (CISOs) are experiencing increased personal liability and security risks as their roles expand. Recent legal actions and cyberattacks targeting CISOs have raised concerns about personal liability and the need for better legal protections. Organizations are making policy changes to address these concerns, but these changes do not always improve security posture. CISOs must assess their risk profiles and implement protective measures to safeguard their personal and professional lives. The focus should be on presenting clear risk assessments and security plans to executives and boards, rather than merely mitigating liability.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Chinese State-Sponsored Actors Target Global Critical Infrastructure

Chinese state-sponsored Advanced Persistent Threat (APT) actors, specifically the Salt Typhoon group and a newly identified group named RedNovember, have been conducting sustained campaigns to compromise critical infrastructure networks worldwide. The campaigns aim to gain long-term access to telecommunications, government, transportation, lodging, and military networks. This activity has been detailed in a joint advisory by CISA, NSA, FBI, and international partners, including Canada, Australia, New Zealand, the UK, Czech Republic, Finland, Germany, Italy, Japan, the Netherlands, Poland, and Spain. The advisory provides intelligence on tactics used by these actors and recommends mitigations to strengthen defenses. The Czech Republic's National Cyber and Information Security Agency (NUKIB) has issued a warning instructing critical infrastructure organizations to avoid using Chinese technology or transferring user data to servers located in China. The agency has re-evaluated its risk estimate of significant disruptions caused by China, now assessing it at a 'High' level. The NUKIB has confirmed malicious activities of Chinese cyber-actors targeting the Czech Republic, including a recent APT31 campaign targeting the Czech Ministry of Foreign Affairs. The advisory highlights concerns over the transfer of system and user data to China, potentially misused by state, military, or political interests. The Czech government previously accused China of targeting its critical infrastructure through APT 31, an allegation denied by the PRC but condemned by the US, EU, and NATO. The advisory suggests that individuals and organizations consider restricting or prohibiting the use of products and services that transfer data to China. The campaign has targeted at least 600 organizations across 80 countries, including 200 in the U.S. The threat actors have exploited vulnerabilities in Cisco, Ivanti, and Palo Alto Networks devices to gain initial access and have modified routers to maintain persistent access and pivot into other networks. The advisory also notes that the APT actors may target other devices such as Fortinet firewalls, Juniper firewalls, Microsoft Exchange, Nokia routers and switches, Sierra Wireless devices, Sonicwall firewalls, etc. RedNovember has targeted perimeter appliances of high-profile organizations globally, including defense and aerospace organizations, space organizations, and law firms. The group has breached at least two U.S. defense contractors, a European engine manufacturer, and a trade-focused intergovernmental cooperation body in Southeast Asia. RedNovember has used the Go-based backdoor Pantegana and Cobalt Strike as part of its intrusions, along with the Spark RAT and LESLIELOADER. The group has also used VPN services like ExpressVPN and Warp VPN to administer and connect to servers used for exploitation and communication.

Open in new tab