The CISO MindMap 2024, an essential tool for security professionals, has been updated to reflect the latest developments and challenges in cybersecurity. This iteration introduces new recommendations for 2024-25, including a focus on Artificial Intelligence and Generative AI (GenAI), strategies for removing redundancies, and enhancing security team branding. It emphasizes the need for CISOs to adapt to the fast-evolving digital landscape, particularly with the adoption of cloud services and GenAI technologies, while still providing actionable guidance on securing these innovations. Additionally, the MindMap suggests rationalizing cybersecurity tools to improve return on investment and integrating security more closely with business continuity and disaster recovery efforts. The importance of soft skills for security leaders, such as negotiation and strategic decision-making, is also highlighted to foster better communication and collaboration with various stakeholders. This update serves as a comprehensive resource for security professionals navigating the complexities of their roles in a rapidly changing environment.

CISO MindMap 2024: What do InfoSec Professionals Really Do? Rafeeq Rehman

In response to the competitive and sparse labor market, Jason Snyder, Massachusetts' Commonwealth CIO, has shifted to a skills-first hiring approach within the Executive Office of Technology Services and Security. This method emphasizes the practical skills of applicants over traditional qualifications like job history and academic degrees. This change aligns with a broader trend as evidenced by increasing adoption of skills-based hiring practices across various sectors, as detailed in recent LinkedIn reports and endorsed by Massachusetts Gov. Maura Healey's executive order. The approach aims to widen the talent pool, enhance workforce diversity, and streamline the hiring and training process, albeit facing challenges in implementation due to the demand for radically rethinking recruitment strategies. While some CIOs express reservations and mix traditional hiring criteria with skills-focused assessments, others, like Snyder, experience shortened vacancy periods and improved diversity through dedicated training programs and reduced education prerequisites.

Skills-first hiring has CIOs rethinking talent strategies | CIO CIO

Change Healthcare, a subsidiary of UnitedHealth Group, is grappling with a significant cybersecurity issue following a ransomware attack by a group known as AlphV in February, which has led to the claimed sale of sensitive medical and financial records by another cybercriminal gang, RansomHub. The stolen data reportedly includes medical and dental records, insurance details, and personal information such as Social Security numbers and email addresses. This breach, which initially disrupted the company's claims-payment operations, has already cost Change Healthcare $872 million in response efforts as of March 31. This incident has caught the attention of lawmakers and regulators, increasing pressure on Change Healthcare to bolster its cybersecurity measures and prevent future breaches.

Change Healthcare’s New Ransomware Nightmare Goes From Bad to Worse WIRED

Microsoft's VASA-1 is an advanced AI developed by Microsoft Research that transforms a single portrait photo and an audio file into a hyper-realistic talking face video. This AI model showcases impressive lip-sync capabilities and realistic facial and head movements. Although it is currently only a research preview and not available for public use, VASA-1 stands out for its ability to process various facial orientations and incorporate emotional nuances into animated characters, suggesting potential future applications in gaming, virtual avatars, and AI-driven media production.

Cool or creepy? Microsoft's VASA-1 is a new AI model that turns photos into 'talking faces' Tom's Guide