Taylor Armerding

How to write an IT security engineer job description

How to write a CISO job description

How to write a CISO job description

The chief information security officer has a big, mission critical job. Make sure you spell out the CISO's duties and expectations for the role.

How to write an information security architect job description

How to write an information security architect job description

A good information security architect straddles the business and technical worlds. Writing a solid, clear job description ensures that both sides understand the role.

The best of Black Hat: The consequential, the controversial, the canceled

The best of Black Hat: The consequential, the controversial, the canceled

Over the past two decades, the annual Black Hat conference has had its share of controversy. CSO looks back at the most significant talks and demonstrations.

The 5 worst big data privacy risks (and how to guard against them)

The 5 worst big data privacy risks (and how to guard against them)

There are enormous benefits from Big Data analytics, but also massive potential for exposure that could result in anything from embarrassment to outright discrimination. Here's what to look out for — and how to protect yourself and...

The 15 biggest data breaches of the 21st century

The 15 biggest data breaches of the 21st century

Security practitioners weigh in on the 15 worst data breaches in recent memory.

How to write an information security analyst job description

How to write an information security analyst job description

A thorough, clear job description will ensure that security analysts stay on the same page with management expectations.

What is CVE and how does it work?

What is CVE and how does it work?

CVE is a program launched in 1999 by MITRE, a nonprofit that operates research and development centers sponsored by the federal government. Its purpose is to identify and catalog vulnerabilities in software or firmware into a free...

Closing the CVE gap: Is MITRE up to it?

Closing the CVE gap: Is MITRE up to it?

Critics say the The Common Vulnerabilities and Exposures (CVE) program, managed by MITRE, is falling far behind in its mission to catalog and identify all known vulnerabilities. Its defenders say a new model is closing that gap.

Medical devices at risk: 5 capabilities that invite danger

Medical devices at risk: 5 capabilities that invite danger

It isn't just certain connected medical devices that put patient data and physical safety at risk, it's specific capabilities and systems within which they operate that make them a broad, and vulnerable, attack surface.

Caught in the breach – what to do first

Caught in the breach – what to do first

Since there is no way to prevent every cyber attack, incident response is crucial. Experts at the MIT Sloan CIO Symposium talk about what to do immediately after the bad news hits.

AI: The promise and the peril

AI: The promise and the peril

Two panels at the MIT Sloan CIO Symposium this week focused on how to embrace the almost magical productivity benefits of artificial intelligence without leaving workers behind.

Load More