CyberHappenings logo
☰
🏠 Home 📂 Browse ℹī¸ About

Increased personal liability and security concerns for CISOs

First reported
Last updated
📰 1 unique sources, 1 articles

Summary

Hide ▲

Chief Information Security Officers (CISOs) are facing heightened personal liability and security concerns as their roles expand. This includes increased responsibility for cybersecurity posture, incident response, compliance, cyber resilience, and AI deployment, without proportional increases in support or budget. Recent legal actions against CISOs have led to reevaluations of legal protections and increased scrutiny of SEC disclosures. Additionally, CISOs are becoming targets for personal and professional threats, including deepfake attacks and social engineering schemes. CISOs must balance these risks while focusing on presenting a clear picture of organizational risk and resource deployment to minimize it. The emphasis on liability mitigation rather than security improvement is a growing concern.

Timeline

  1. 22.08.2025 14:59 📰 1 articles

    CISOs face increased personal liability and security threats

    Chief Information Security Officers (CISOs) are experiencing heightened personal liability and security concerns as their roles expand. Recent legal actions and personal threats have led to reevaluations of legal protections and increased scrutiny of SEC disclosures. CISOs must balance these risks while focusing on presenting a clear picture of organizational risk and resource deployment to minimize it. The emphasis on liability mitigation rather than security improvement is a growing concern.

    Show sources
    Open in new tab

Information Snippets

  • Chuck Norton, former CISO at Western Michigan University, sought legal protections due to concerns about personal liability.

    First reported: 22.08.2025 14:59
    📰 1 source, 1 article
    Show sources

  • The 2023 conviction of former Uber CISO Joseph Sullivan and SEC charges against SolarWinds and its CISO have heightened concerns about personal liability.

    First reported: 22.08.2025 14:59
    📰 1 source, 1 article
    Show sources

  • 93% of organizations have made policy changes to address CISOs' personal liability concerns, but these changes do not always impact security.

    First reported: 22.08.2025 14:59
    📰 1 source, 1 article
    Show sources

  • CISOs are increasingly targeted by personal and professional threats, including deepfake attacks and social engineering schemes.

    First reported: 22.08.2025 14:59
    📰 1 source, 1 article
    Show sources

  • CISOs must assess their personal and professional risks, including those related to their family and online presence.

    First reported: 22.08.2025 14:59
    📰 1 source, 1 article
    Show sources

  • The focus on liability mitigation rather than security improvement is a growing concern for CISOs.

    First reported: 22.08.2025 14:59
    📰 1 source, 1 article
    Show sources

Similar Happenings

Chinese State-Sponsored Actors Compromise Global Critical Infrastructure Networks

Chinese state-sponsored Advanced Persistent Threat (APT) actors, specifically the group known as Salt Typhoon, have been conducting a sustained campaign to gain long-term access to critical infrastructure networks worldwide. This campaign targets telecommunications, transportation, lodging, and military networks, exploiting vulnerabilities in routers and taking steps to evade detection and maintain persistent access. The Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and international partners, released a joint advisory detailing this ongoing malicious activity. The advisory provides actionable guidance and intelligence to help organizations defend against these sophisticated cyber threats. The advisory builds on previous reporting and incorporates updated threat intelligence from investigations conducted through August 2025, reflecting overlapping indicators with industry reporting on various Chinese state-sponsored threat groups. Salt Typhoon has been active since at least 2019, targeting at least 600 organizations, including 200 in the U.S., and 80 countries. The Czech Republic's National Cyber and Information Security Agency (NUKIB) issued a warning about data transfers to China, highlighting concerns over the transfer of system and user data to the PRC and the remote administration of technical assets. The Czech government previously accused China of targeting its critical infrastructure through APT 31, which began in 2022. China's offensive cyber activities include large-scale telco attacks by Salt Typhoon and positioning for potential destructive cyberattacks. The advisory tracks this cluster of activity to multiple advanced persistent threats (APTs), though it partially overlaps with Salt Typhoon. The advisory details how state-backed threat actors, including Salt Typhoon, penetrate networks around the world, as well as how defenders can protect their own environments. The Czech Republic's National Cyber and Information Security Agency (NUKIB) has assessed the risk of significant disruptions caused by China at a 'High' level, indicating a high probability of occurrence. NUKIB confirmed malicious activities of Chinese cyber-actors targeting the Czech Republic, including a recent APT31 campaign targeting the Czech Ministry of Foreign Affairs. The Chinese government has access to data stored by private cloud service providers within the Czech Republic, ensuring that sensitive data is always within its reach. NUKIB warns about consumer devices, such as smartphones, IP cameras, electric cars, large language models, and even medical devices and photovoltaic converters manufactured by Chinese firms, as risky devices that can transfer potentially sensitive data to Chinese infrastructure. 45 previously unreported domains associated with Salt Typhoon and UNC4841 have been discovered, with the oldest domain registration activity dating back to May 2020.

Open in new tab

North Korean actors exploit fake employee identities to infiltrate companies

North Korean state-sponsored hackers have infiltrated companies by using fake or stolen identities to secure IT jobs. These actors have stolen virtual currency and funneled money to North Korea's weapons program. The practice has grown with the rise of remote work and AI, posing significant security risks to organizations. The Justice Department has disrupted several laptop farms enabling these activities, but the threat persists. The U.S. Treasury has imposed sanctions on individuals and entities involved in the scheme, highlighting the use of AI to create convincing professional backgrounds and technical portfolios. Organizations are advised to enhance supervision, access governance, and use AI tools to detect and mitigate these insider threats. Japan, South Korea, and the United States are cooperating to combat North Korean IT worker fraud schemes. The joint forum held on Aug. 26 in Tokyo aimed to improve collaboration among the three countries. The scheme involves thousands of operatives and facilitators with distinct roles, including setting up laptop farms, contacting recruiters, and processing stolen information. The North Korean remote-worker scheme has collected more than $88 million over six years. The number of North Korean operatives infiltrating companies by posing as remote IT workers has increased by 220% year-over-year. North Korean operatives have used AI-generated profiles, deepfakes, and real-time AI manipulation to pass interviews and vetting protocols. American accomplices have operated laptop farms to provide North Korean operatives with physical US setups, company-issued machines, and domestic addresses and identities. The threat of hiring fraud is escalating quickly, with over 320 cases of North Korean operatives infiltrating companies reported in August 2025.

Open in new tab