CSO | Security news, features and analysis about prevention, protection and business innovation.

Conceptual images of an executive as she walks the path forward into the light.

7 best reasons to be a CISO

The role of the CISO has its challenges, but these positives are what people in the role say make it all worthwhile.

Michael Hill

Conceptual image of three figures running toward a goal, along trend lines drawn by a large hand.

How OKRs keep security programs on track

This goal-setting framework can help security teams stay focused on priorities, but success requires a commitment to implementing supporting practices.

Mary K. Pratt

Ransomware, email compromise are top security threats, but deepfakes increase

While ransomware and business email compromise are leading causes of cybersecurity threats, geopolitics and deepfakes play an increasing role, according to reports from VMware and Palo Alto.

Shweta Sharma

noops code developer devops html web developer by mazimusnd getty

SBOM formats SPDX and CycloneDX compared

Understanding the differences between these widely used software bill of materials format standards is important, but your tools will likely need to support both.

Chris Hughes

Delivering frictionless customer experiences while safeguarding data security

17 August 2022

Kisume, 175 Flinders Lane, Melbourne

During this roundtable, you will have the opportunity to discuss how to enhance your customers’ experience across all channels while keeping their personal data as secure. We will focus on customer identity and access management (CIAM) and the avenues available to create frictionless experiences. The discussion will include but not be limited to: Why CIOs, CISOs, and technology leaders are taking on a heightened role in shaping the digital customer experience > Effectively managing the relationship between data security and the Consumer Data Right (CDR) > Effective techniques for leveraging customer identity and orchestration to foster collaboration > How to optimise security for users without sacrificing the convenience they expect > Best practices for streamlining the digital experience to deliver business impact and effective ways to measure success > The pursuit of passwordless authentication methods

How Salvation Army Australia’s CISO moved away from ‘extreme risk’

The Salvation Army Australia had started its move towards cyberresilience before hiring Lachlan McGill, which helped him make cybersecurity and SOC investments a dialogue, not a plea.

David Braue

big data merger and acquisition big business smb

Top cybersecurity M&A deals for 2022

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.

CSO staff

Tech Spotlight > Cloud [CSO] > Conceptual image of laptop users with cloud security overlay.

Palo Alto debuts Unit 42 team for managed detection and response

Live expert service builds on Palo Alto’s Cortex extended detection and response (XDR) platform provide, offering a managed detection and response (MDR) team for more personalized cybersecurity management and incident response.

Jon Gold

Microsoft boosts threat intelligence with new Defender programs

Drawing from its acquisition of RiskIQ, Microsoft is releasing Defender External Attack Surface Management and Defender Threat Intelligence.

Shweta Sharma

Deep Instinct’s Prevention for Applications detects malicious files in transit

The new antimalware software scans files in transit to protect organizations against malicious content in PDF and Word documents.

Michael Hill

Red team > Double-exposure with team, cityscape + abstract data / teamwork / collaboration

11 stakeholder strategies for red team success

These best practices will help ensure a successful red team exercise by getting all the stakeholders on the same page.

Maril Vernon

Handshake, mergers and acquisitions, M &A

Thoma Bravo snares Ping Identity in $2.8 billion go-private deal

Private equity firm Thoma Bravo announced plans to purchase IAM (identity and access management) provider Ping Identity, its latest in a lengthy line of security-focused mergers and acquisitions.

Jon Gold

Qualys adds external attack management capability to cloud security platform

Integration of EASM (external attack surface management) into Qualys CSAM (cybersecurity asset management) offers enterprises continuous discovery and classification of both internal and external assets.

Shweta Sharma

FireMon network security policy management

Tips to prevent RDP and other remote attacks on Microsoft networks

Microsoft is deploying new features and defaults to help keep threat actors from remotely accessing networks, but you can do more.

Susan Bradley

Axis adds automation, onboarding features to Atmos ZTNA network access software

Axis is also offering migration tools and a buyback program for those looking to move from legacy ZTNA (zero trust network access) applications.

Shweta Sharma

From Our Advertisers

cso online

How Salvation Army Australia’s CISO moved away from ‘extreme risk’

11 stakeholder strategies for red team success

Tips to prevent RDP and other remote attacks on Microsoft networks

The role of the CISO has its challenges, but these positives are what people in the role say make it all worthwhile.

This goal-setting framework can help security teams stay focused on priorities, but success requires a commitment to implementing supporting practices.

While ransomware and business email compromise are leading causes of cybersecurity threats, geopolitics and deepfakes play an increasing role, according to reports from VMware and Palo Alto.

Understanding the differences between these widely used software bill of materials format standards is important, but your tools will likely need to support both.

The Salvation Army Australia had started its move towards cyberresilience before hiring Lachlan McGill, which helped him make cybersecurity and SOC investments a dialogue, not a plea.

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.

Live expert service builds on Palo Alto’s Cortex extended detection and response (XDR) platform provide, offering a managed detection and response (MDR) team for more personalized cybersecurity management and incident response.

Drawing from its acquisition of RiskIQ, Microsoft is releasing Defender External Attack Surface Management and Defender Threat Intelligence.

The new antimalware software scans files in transit to protect organizations against malicious content in PDF and Word documents.

These best practices will help ensure a successful red team exercise by getting all the stakeholders on the same page.

Private equity firm Thoma Bravo announced plans to purchase IAM (identity and access management) provider Ping Identity, its latest in a lengthy line of security-focused mergers and acquisitions.

Integration of EASM (external attack surface management) into Qualys CSAM (cybersecurity asset management) offers enterprises continuous discovery and classification of both internal and external assets.

Microsoft is deploying new features and defaults to help keep threat actors from remotely accessing networks, but you can do more.

Axis is also offering migration tools and a buyback program for those looking to move from legacy ZTNA (zero trust network access) applications.