Advertisement

A group of business leaders / board members with questions.

13 traits of a security-conscious board of directors

A CISO's success (and job longevity) is often dependent on support from the board of directors. Answers to these questions will reveal how security savvy a BoD is.


cloud security / data protection / encryption / security transition

Avery Dennison overhauls DLP program in enterprise-wide effort

The company’s DataSafe initiative marries technology improvements and a new enterprise-wide security mindset.


iot security startups hot highlights planets rocket lock security

18 cybersecurity startups to watch

Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management,...


Advertisement

Conceptual image of a network of executives / silhouettes of executives in motion.

New US CISO appointments, November 2021

Keep up with news of CSO, CISO, and other senior security executive appointments.


CSO: Have you met these hackers? [slide 04]

NCSC warns industry, academia of foreign threats to their intellectual property

Russia and China continue to engage in IP theft to bolster their defense technology and economic standing, respectively. The National Counterintelligence and Security Center urges action.


A person leaps between platforms surrounded by sharks. [danger / risk / challenges]

Enhancing zero trust access through a context-aware security posture

Cybercriminals prefer to attack organizations at sensitive times such as during a merger or earnings release. Adjusting zero-trust policies during those times will help mitigate that risk.


dark web negotiating making a deal communication argue debate hiding solarseven getty

9 tips for an effective ransomware negotiation

If you have no choice but to pay attackers to get critical data back, these best practices could put you in the best possible position to recover from a ransomware attack.


CSO  >  malware / virus / security threat / protective antivirus shield

How to prevent sideloading attacks in Windows and Office 365

A few settings in Windows or Office 365 can help stop users from installing malicious apps on their devices.


Storage

Study: Storage systems are weakest link in IT infrastructure security

Continuity Software analyzed systems from businesses in multiple industry sectors in the US, Europe, and Middle East, finding that storage system security lags behind compute and network security.


noops devops automated developers ai code by andrey suslov

NIST workshop provides clues to upcoming software supply chain security guidelines

Experts at a NIST-sponsored workshop weigh in on what might be in the final version of the Biden executive-order-mandated supply chain security guidelines.


Advertisement

eliminate insider threats 1

What CISOs can learn from the US Navy insider who stole nuclear secrets

The theft of government secrets by Jonathan Toebbe and others raises the question: How should CISOs deal with insider threats who have had insider threat training?


email security lock breach protocol by microstockhub getty

9 cloud and on-premises email security suites compared

These email security suites have evolved to keep pace with email-enabled threats.


Vitaliy Panych, CISO, State of California

California state CISO: the goal is “operating as a whole government”

Partnerships with other state entities elevate security capabilities and enhance information sharing to provide better security overall, says California state CISO Vitaliy Panych.


A group of anonymous hooded figures exist amid raining streams of binary code. [security threats]

Void Balaur explained—a stealthy cyber mercenary group that spies on thousands

Unlike other groups, Void Balaur will target individuals and organizations in Russian-speaking countries and seems to have intimate knowledge of telecom systems.


red padlock cybersecurity threat ransomeware

The Kaseya ransomware attack: A timeline

REvil's ransomware attack on software provider Kaseya underscored the threats to supply chains that ransomware groups pose. Here is an up-to-date timeline of the attack.