Advertisement

8 getting breached is bad for business

Minimizing damage from a data breach: A checklist

How you respond to a data breach and the amount of damage it causes depends on how well prepared you are. Have you done everything on this list?


CSO > Security automation

5 tips for getting started with SOAR

Security orchestration, automation, and response (SOAR) platforms coordinate information produced by a wide range of security tools and automate much of their analysis and protective responses.


questions to ask a vendor curious hand with question mark tablet ipad by stevanovicigor getty

What CISOs really want from security vendors

Less risk? Better security? Value for dollars spent? Check, check, and check. But of all the things CISOs want from security vendors, trusted partnership tops the list. Here's how leading CISOs find and foster those relationships.


Advertisement

User ID + password / credentials / authentication

SSO explained: How single sign-on improves security and the user experience

Single sign-on (SSO) is a centralized session and user authentication service in which one set of login credentials can be used to access multiple applications.


bucket with holes breach security vulnerability

Microsoft Azure Blob leak a lesson to CISOs about cloud security responsibility

Microsoft's apparent misconfiguration of its own cloud bucket exposed third-party intellectual property. Here are the takeaways for CISOs.


A virtual sphere of photos of individuals appears against a cityscape.

3 steps to smarter cybersecurity hiring and team building

Amid the global cybersecurity skills shortage, organizations and security leaders must shift their hiring and team development approach to have fewer barriers, be more diverse, and take the long view.


A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.


Clues are mapped out for investigation with maps, events, dates and photos connected by red threads.

The Microsoft Exchange Server hack: A timeline

Research shows plenty of unpatched systems remain. Here's how the attacks unfolded, from discovery of vulnerabilities to today's battle to close the holes.


hacker / cryptocurrency attack

What is cryptojacking? How to prevent, detect, and recover from it

Criminals are using ransomware-like tactics and poisoned websites to get your employees’ computers to mine cryptocurrencies. Here’s what you can do to stop it.


iot security startups hot highlights planets rocket lock security

8 cybersecurity startups to watch

Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management,...


Advertisement

Ransomware  >  A masked criminal ransoms data for payment.

How malicious Office files and abused Windows privileges enable ransomware

Ransomware groups most often gain entry to Windows networks through malicious Office documents and then move laterally by abusing Windows privileges. Here's how to defend against both.


Conceptual image of three figures running toward a goal, along trend lines drawn by a large hand.

5 key qualities of successful CISOs, and how to develop them

CISOs today need significantly different skillsets to cybersecurity leaders of the past as they become more critical to business success.


One avatar is uniquely identified among others at the center of a bullseye in a digital environment.

8 top identity and access management tools

Identity is becoming the new perimeter, and these IAM tools have evolved to help secure assets as organizations rely less on traditional perimeter defenses and move to zero-trust environments.


network security / secure connections / integrated system of locks
Cybersecurity Snippets

5 things CISOs want to hear about zero trust at the RSA Conference

Security executives are interested in how ZT vendors will integrate with existing technologies, supplement ongoing projects, and support business processes.


target threat hunting program sitting duck duck shooting gallery by roz woodward getty 2400x1600

Tips and tactics of today's cybersecurity threat hunters

Having internal threat hunting capability is becoming a necessity for many organizations. Here are the most common things they look for and how they respond to incidents.