Advertisement

'expert knowledge' stamp of certification

CISSP certification guide: Requirements, training, and cost

Certified Information Systems Security Professional, or CISSP, is a certification for advanced IT professionals who want to demonstrate that they can design, implement, and manage a cybersecurity program at the enterprise level


2 dark web

The state of the dark web: Insights from the underground

The rise of professional criminal gangs, malware as a service, and improved infrastructure for carrying out criminal activity are changing the dark web. Here's what that means for enterprise security.


A fishing lure with multiple hooks baits a binary stream. [fraud / phishing / social engineering]

How to prepare for an effective phishing attack simulation

Here's what users need to know about phishing attacks before you send out a test email.


Advertisement

podcast 3x16 2
Strengthen and Streamline Your Security

Episode 2: Empowering employees to be secure and productive

Episode 2: When it comes to protecting your business, security is a team sport. Criminal hackers –increasingly sophisticated and persistent – are playing offense, trying to find weak spots to breach an organization. And everyone in...


padlock / Domain Name System / DNS / ICANN / security

Flaws in widely used dnsmasq software leave millions of Linux-based devices exposed

A set of seven vulnerabilities, called DNSpooq, allows attackers to redirect users or execute malicious code. Patch dnsmasq now.


ransomware attack

New Intel CPU-level threat detection capabilities target ransomware

The new capabilities in the Intel mobile processors will make it harder for ransomware to avoid detection.


virtual puzzle cube / problem-solving / solution / strategy

How to reboot a broken or outdated security strategy

CISOs talk about how they identify when they need a new security strategy and the process of developing it and selling the reboot to stakeholders.


United States Capitol building / United States Congress / abstract security concept

SolarWinds hack is quickly reshaping Congress’s cybersecurity agenda

More cybersecurity funding for states and Capitol, new breach reporting rules, and ransomware-related bills will likely be on the agenda for the 117th Congress.


gavel / abstract binary lines  >  court judgment / fine / penalty / settlement

The biggest data breach fines, penalties and settlements so far

Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $1.3 billion and counting.


handshake / teamwork / collaboration / partnership / deal / negotiation

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.


Advertisement

detection radar computer bug threats identify breach  by the lightwriter kao studio getty
Security Intelligence

5 things to look for in an XDR solution

The XDR market is hot, with vendors large and small jumping on the bandwagon. Here are 5 key capabilities to look for when evaluating XDR solutions.


trojan horse malware virus binary by v graphix getty

17 types of Trojans and how to defend against them

Trojan malware comes in many different types, but all require a user action to initiate.


A large 'X' marks a conceptual image of a password amid encrypted data.

Hashing explained: Why it's your best bet to protect stored passwords

Hashing is a cryptographic process that makes it harder for attackers to decrypt stored passwords, if used correctly.


A hacker attacks from within a Windows system.

Top SolarWinds risk assessment resources for Microsoft 365 and Azure

Government and private organizations, including Microsoft, have released a wealth of information and tools to assess risk from SolarWinds-like attacks.


Australia  >  Sydney  >  Streetscape / vanishing-point perspective / path / future / progress
Lohrmann on GovSpace

3 security career lessons from 'Back to the Future'

You don't need to be able to predict the future to have a successful security career, but you had darned well better be able to learn from the past.