CSO Online

The CVE program nearly went dark. In a last-minute move, CISA extended MITRE’s CVE contract by 11 months, averting what would have been a major disruption to global cyber defense. CVE is critical to tracking vulnerabilities across the internet Its shutdown was scheduled for April 16 due to contract lapse CISA stepped in, calling CVE “a priority” to national security Read the full story by contributing writer Cynthia Brumfield to understand what happened — and what’s next: 👉 https://trib.al/TFybEAb #CybersecurityNews #VulnerabilityManagement #CISA Brian Stoller

What excites Salesforce CEO Marc Benioff most about AI? The surge of security-conscious AI startups reshaping the landscape. 🎥 Hear why their innovation could be your next big cybersecurity solution. Watch the full episode of #TodayinTech here: https://trib.al/pjgb5Wo #PartnerBrand #Cybersecurity #AIThreats Keith Shaw #SecureInnovation

AI agents with real impact—and built-in enterprise-grade security. In a must-watch #TodayinTech episode, Salesforce CEO Marc Benioff joins host Keith Shaw to explain how agentic AI is reshaping enterprise operations—while upholding core security and data governance priorities. Embedded guardrails and zero-trust models Role-based access and metadata-aware AI ✈️ Securing real-time ops at Singapore Airlines 🏠 Protecting customer data at Lennar Homes. 🎢 Maintaining privacy across The Walt Disney Company’s massive ecosystem These AI agents aren’t outside the system—they operate within secure platforms like Salesforce, making trust and compliance foundational. ▶️ Watch the episode + read Computerworld Senior Reporter Lucas Mearian’s companion piece: https://trib.al/aRbogiA #AIagents #Cybersecurity #AItrust

Need answers for your most challenging tech questions? Give Smart Answers a try—our AI assistant powered by trusted insights from CIO, CSO, Network World, and InfoWorld. Just click on any article and type your question in the Smart Answers box to try it. This week, Smart Answers saw a surge in questions about what it really takes to be a successful CIO. From leadership and communication to crisis response and culture-building, IT leaders are searching for a playbook—and the tool delivers expert-backed insights. Read more here: https://trib.al/bV6a1J7 #SmartAnswers #TechQuestions #AIChatbot #ITLeadership #Security

Chinese ToddyCat abuses ESET antivirus bug for malicious activities https://trib.al/6rC5YKg

🔒 Security clearances revoked — what’s really at stake? President Trump’s executive order strips Chris Krebs and SentinelOne staff of security access. The implications for cybersecurity are serious. 📝 In her latest report, Cynthia Brumfield breaks it down: https://trib.al/gTeSn1k The first direct EO targeting a U.S. cybersecurity company Why legal experts are sounding the alarm What this means for SentinelOne and industry precedent 📖 Read the full article now to understand why this move could shake the cybersecurity landscape. #CybersecurityNews #NationalSecurity #ExecutiveOrder

In the course of my conversations with CIOs/CISOs/CTOs over the last year, I've seen enterprises deepen their commitment to AI innovation. From Q4 last year, Standard Chartered has been actively launching AI projects not only to better serve their clients but also to reduce friction in workflows - they also appointed a new global head of AI enablement (congratulations, David R. Hardoon). But as enterprises chart their course in AI, there are pitfalls to watch out for and important considerations as the technology evolves (biases, vulnerabilities, the AI black box, etc.). Alvaro Garrido shares his thoughts on advancements in AI-driven attacks, AI innovation, and why it is important to not just adopt new technologies but evolve with them. #csoasean #informationsecurity #cybersecurity #artificialintelligence Shannon Chau Jai Ganesh M https://lnkd.in/dxUkUZxm

PoisonSeed targets Mailchimp, Mailgun, and Zoho to phish high-value accounts https://trib.al/Y0liYfe

🚨 Codefinger: Ransomware just evolved — are you ready? https://trib.al/Hfhgbqb Ransomware is no longer just about encrypted files and ransom notes. Codefinger targeted cloud environments directly — hijacking keys instead of locking files. It exposed weaknesses in cloud backup strategies and shared responsibility models. This attack bypassed traditional defenses, making it a wake-up call for modern cyber resilience. Businesses must rethink their security posture beyond conventional ransomware tactics. 📝 An opinion piece by Justin Giardina 👉 Read the full article to understand why Codefinger signals a new era in ransomware — and how to prepare. ⬇️11:11 Systems https://1111systems.com/ #RansomwareEvolution #CloudSecurity #CyberResilience Ed Murray

💥 Cyber resilience lessons from Ukraine’s front lines https://trib.al/oXxGE9i Ukraine has been fighting both a kinetic and digital war for over a decade. At the 2025 Kyiv International Cyber Resilience Forum, one message stood out: stay flexible. Cyber defense means having a plan—and backup—for every system that might fail. International collaboration, especially with U.S. and European private firms, has been vital. Russian state actors and criminal proxies continue to target global systems. Ukraine’s response shows how cyber resilience is built on partnerships, not isolation. 📝 Article by 🕵️♀️ Christopher Burgess 👉 Discover how Ukraine’s experience can shape your own cyber resilience strategy. #CyberResilience #InfoSecurity #UkraineConflict