Security Awareness

Security Awareness news, information, and how-to advice

Phishing with Benjamin
two cents advice

Spam: Earn $1,000,000

Are terrorists trying to spam you?

Over the weekend, news reports and blog posts about mathematician Michael Wertheimer, started to cause quite a stir. Wertheimer, who published a paper recently in the Notices of the American Mathematical Society, is said to have...

bend in road

Smart security leaders know when to cross the line

It’s time to learn something new by crossing boundaries and engaging with others

Happy New Year and welcome to XSS

CSO has launched a new blog geared towards consumers

Experts speak out about proposed changes to hacking law

President Obama is proposing changes to the Computer Fraud and Abuse Act (CFAA), but will they do more harm than good? Experts are starting to weigh in on the topic, and the reviews so far are mixed.

full disclosure

Microsoft blasts Google for vulnerability disclosure policy

After Google disclosed a second Microsoft vulnerability, complete with proof-of-concept code, the software giant accused them of playing 'gotcha' in a blog post heavy on criticism for Google's 90-day reporting policy.

mobile survival

CSO's 2015 Mobile Security Survival Guide

Security risks and data breaches are growing while the form factors of computing devices shrink—because much enterprise data today is created and consumed on mobile devices. This clearly explains why mobile security persistently tops...

starting line

Corporate officers — security changes for 2015!

Board members and corporate officers need to upgrade their security game, and 2015 will provide all the reasons for doing it now. With security recognized as a business risk and not just an I.T. risk, there are three specific...

phrack logo

The Hacker's Manifesto turns 29 years-old

Twenty-nine years ago today, most of us were given an education. Our lesson originated in the words of an essay written by Loyd Blankenship, better known at the time as The Mentor.

Firmware flaws could allow a malicious reflash, US CERT warns

Three vendors have released fixes for vulnerabilities found in the critical firmware used during a computer's startup, according to an advisory from the U.S. Computer Emergency Readiness Team.

employees leaving

Your Best Asset? An empowered and aware workforce

Trusting your employees as partners in creating value. Many insider attacks have at their core a disillusioned or disgruntled employee.

identity theft

The 2015 Social Engineering Survival Guide

Despite being an integral aspect of many, if not most, major attacks, social engineering tactics always seem to go underappreciated by enterprise security teams. However, it’s often easier to trick someone into opening an email and...

social media

Social Engineering: The dangers of positive thinking

CSO Online recently spoke to a person working in the security field with a rather unique job. He's paid to break into places, such as banks and research facilities (both private and government), in order to test their resistance to...


3 things you can do to kick off the new year

It is January 1st as I scribble this and this morning I was cleaning out my office. Not a New Years resolution so much as a long overdue task. Since I work from home when I’m not sitting on a plane this can be more of a mess than...

parking lot shadowy figure

It's all about people

Why, at the end of the day your workforce is the most important first line of defense against external and internal threats.

businessman meditating

10 changes you can make to achieve security serenity now!

Some security changes are slow, expensive, and uncertain. Here are 10 of the best security changes that you can make with certainty, most of them with relative ease.

01 the year ahead

The biggest challenges faced by CIOs/CISOs heading into 2015

As the year winds to a close, CIOs and CISOs are faced with a number of challenges heading into 2015. CSO recently heard from several experts about the topic, each offering their opinion on what they feel would be the most important...

2014 12 05 cso which story

Which security story are you telling?

Getting buy-in and support from other leaders comes from connecting. Popular advice suggests using a story. Use the right story built on 3 essential elements.

oops keyboard

Do you create stupid users?

A week doesn’t go by where we read about some attack that is precipitated by bad user actions.

Load More