Blog

Heineken CISO champions a new risk mindset to unlock innovation

In this Help Net Security interview, Marina Marceta, CISO at Heineken, discusses what it takes for CISOs to be seen as business-aligned leaders rather than technical overseers. She shares how connecting security to business impact can shift perceptions and strengthen partnerships across the company. Marceta focuses on the value of a security culture that supports innovation while keeping risk in check. What mindset shifts are essential for CISOs who want to be seen as strategic … More → The post Heineken CISO champions a new risk mindset to unlock innovation appeared first on Help Net Security.
http://news.poseidon-us.com/TPT441

Small language models step into the fight against phishing sites

Phishing sites keep rising, and security teams are searching for ways to sort suspicious pages at speed. A recent study explores whether small language models (SLMs) can scan raw HTML to catch these threats. The work reviews a range of model sizes and tests how they handle detection tasks while keeping compute demands in check. Although LLM-based website phishing detection is still a relatively new area, it is gaining momentum. Several studies have already reported … More → The post Small language models step into the fight against phishing sites appeared first on Help Net Security.
http://news.poseidon-us.com/TPT2q2

Black Friday 2025 for InfoSec: How to spot real value and avoid the noise

Your inbox is probably drowning in Black Friday emails right now. Another “limited time offer” that’ll reappear next month, countdown timer creating artificial urgency. You’re right to be skeptical — most of it is noise. But buried beneath the marketing chaos, Black Friday can represent genuine opportunities to save significantly. The cybersecurity industry projects 4.8 million open positions globally in 2025, according to ISC2, with the market expected to reach $377 billion by 2028. Yet … More → The post Black Friday 2025 for InfoSec: How to spot real value and avoid the noise appeared first on Help Net Security.
http://news.poseidon-us.com/TPT2p3

DeepTeam: Open-source LLM red teaming framework

Security teams are pushing large language models into products faster than they can test them, which makes any new red teaming method worth paying attention to. DeepTeam is an open-source framework built to probe these systems before they reach users, and it takes a direct approach to exposing weaknesses. The tool runs on a local machine and uses language models to simulate attacks as well as evaluate the results. It applies techniques drawn from recent … More → The post DeepTeam: Open-source LLM red teaming framework appeared first on Help Net Security.
http://news.poseidon-us.com/TPT1CK

How board members think about cyber risk and what CISOs should tell them

In this Help Net Security video, Jonathan Trull, EVP & CISO at Qualys, discusses which cybersecurity metrics matter most to a board of directors. Drawing on more than two decades in the field, he explains how boards think about their duty to oversee risk and how CISOs can present information in a way that supports that duty. Jonathan outlines why boards want to understand risk appetite, how loss scenarios shape those discussions, and why no … More → The post How board members think about cyber risk and what CISOs should tell them appeared first on Help Net Security.
http://news.poseidon-us.com/TPT1BZ