Security Leadership

Security Leadership news, information, and how-to advice

beijing
midlife crisis

full disclosure
In Depth

Hacked Opinions: Vulnerability disclosure – Tom Gorup

Rook Security's Tom Gorup talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.

full disclosure
In Depth

Hacked Opinions: Vulnerability disclosure – Ryan Smith

Accuvant's Ryan Smith talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.

full disclosure
In Depth

Hacked Opinions: Vulnerability disclosure – Garve Hays

NetIQ's Garve Hays talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.

full disclosure
In Depth

Hacked Opinions: Vulnerability disclosure – Tomer Schwartz

Adallom's Tomer Schwartz talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.

full disclosure
In Depth

Hacked Opinions: Vulnerability disclosure – Geoff Sanders

LaunchKey's Geoff Sanders talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.

full disclosure
In Depth

Hacked Opinions: Vulnerability disclosure – Morey Haber

BeyondTrust's Morey Haber talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.

full disclosure
In Depth

Hacked Opinions: Vulnerability disclosure – Robert Hansen

WhiteHat's Robert Hansen talks about disclosure, bounty programs, and vulnerability marketing with CSO, in the first of a series of topical discussions with industry leaders and experts.

Extreme Hacks to Be Paranoid About

Software developers are failing to implement crypto correctly, data reveals

Lack of specialized training for developers and crypto libraries that are too complex lead to widespread encryption failures

worried man

Do security leaders need to worry about the end of the QSA program?

Whether you need to comply with PCI or not, recent changes to the QSA program signal the need for security leaders to engage in two important discussions

risk

Is your security focused on the right things?

Allow me to set the scene. It was Father’s Day 2015. I had just come from the barber shop and I met the family outside of a restaurant for dinner. Up this point it had been a great day, jet lag notwithstanding. We were taken to...

mind the gap

Gap in cybersecurity knowledge creates challenges for organizations

Survey from the Ponemon Institute and Fidelis Cybersecurity shows limited cybersecurity knowledge of board members impacts trust and affects the overall security posture for organizations.

middle manager

Phishers target middle management

Phishing scammers have busy middle managers in the crosshairs. Here’s how to avoid being a victim.

cruise ship carribean

Do cruises and clouds help security pros relax on vacation?

Packing the suitcases and setting off on vacation doesn’t necessarily mean that IT executives are able to completely disconnect while away from work, but they are enjoying more downtime.

newyork boston

CSO salaries rise fastest in New York, Boston

The average CSO salary is now 4 percent higher than last year as a result of more responsibility and better visibility, with salaries in New York and Boston rising even faster, according to a new report

megaphone silhouette

Security gains a voice with communications specialist

Enlisting help from dedicated communications specialists can be a critical asset in defending organizations from rising security threats.

for rent

How about renting a CSO?

In a time when security professionals are at a premium, perhaps companies should look into renting CISOs.

wise smart owl alert awake aware

User error is an expected business problem

Costly awareness failings result from poor business processes and not stupid users.

kill password

FUD: Vendor claims their map-based password tool is unbreakable

Nova Spatial, the developer of a map-based authentication method called MapLogin, says their tool is unbreakable after a round of vulnerability testing with HackerOne. A bold claim, one that just isn't true based on the evidence.

Load More