Advertisement

power plant utilities energy innovation industrial iot american public power association unsplash

Biden administration releases 100-day plan to address electric system cybersecurity risks

The plan focuses largely on supply chain risks to the electric grid, requests input on the DOE's role in coordinating cybersecurity efforts.


Conceptual images of a woman listening to a stream of abstract letters.
Cybersecurity Snippets

8 things CISOs want to hear from XDR vendors

Beyond industry rhetoric, vendors must use their time at the RSA Conference to provide clarity around what XDR is, where it fits, and how it complements existing security technologies.


cyberinsurance

Four years after NotPetya, cyber insurance is still catching up

Experts advise “terrified” insurers to better engage businesses to ensure long-term viability, and they advise businesses to track their policies closely.


Advertisement

A laptop with a virtual overlay of abstract code and a binary skull.

Global trends will increase nation-state threats for the US in next 20 years

US intelligence agencies predict more nation-state-sponsored cyberattacks, disinformation campaigns, cyberespionage and intellectual property theft in the coming decades.


vulnerable breach cyberattack hacker

Most common cyberattack techniques on Windows networks for 2020

Recent research breaks down the preferred techniques attackers use to gain access to Windows networks. Use this information to monitor your logs for these methods.


security threats and vulnerabilities

Spy groups hack into companies using zero-day flaw in Pulse Secure VPN

Known and unknown groups are using VPN vulnerabilities to circumvent authentication and establish backdoors.


dashboard / report / metrics / results / analysis / management

How to write a cyberthreat report executives can really use

As savvy CISOs know, a well-crafted and well-timed cyberthreat report can help executives grasp what’s happening in the world of cybersecurity—and it just might replace those late-night phonecalls.


tools drill bits toolkit tookapic free cc0 via pexels binary thinkstock

21 best free security tools

Check out these free, standout software tools that will make your daily security work easier, whether it's pen-testing, OSINT, vulnerability assessment, and more.


Missed target arrows bullseye

7 most common ways to fail at DevSecOps

DevSecOps initiatives are fraught with peril and require careful consideration of culture, learning, process and business needs. Here's how companies tend to fail in those areas.


FBI Flag

FBI cleans web shells from hacked Exchange servers in rare active defense move

The FBI has been deleting backdoors placed by cyberespionage group Hafnium on Microsoft Exchange servers. The court order allowing them to do so signals a more active defense approach.


Advertisement

Russian hammer and sickle / binary code

US sanctions Russian government, security firms for SolarWinds breach, election interference

The Biden administration places economic sanctions on Russian government organizations, individuals, and companies including several security firms.


conference / convention / audience / applause / clapping

The CSO guide to top security conferences, 2021

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.


CSO  >  secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.


CSO > Password elimination [conceptual password security lock in a trash bin]

The password hall of shame (and 10 tips for better password security)

Banish these common passwords now and employ these tips for better password security.


A large 'X' marks a conceptual image of a password amid encrypted data.

Tips to improve domain password security in Active Directory

Follow this advice to better secure domain passwords in a Microsoft environment.