Advertisement

gavel / abstract binary lines  >  court judgment / fine / penalty / settlement

The biggest data breach fines, penalties and settlements so far

Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $1.3 billion and counting.


handshake / teamwork / collaboration / partnership / deal / negotiation

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.


detection radar computer bug threats identify breach  by the lightwriter kao studio getty
Security Intelligence

5 things to look for in an XDR solution

The XDR market is hot, with vendors large and small jumping on the bandwagon. Here are 5 key capabilities to look for when evaluating XDR solutions.


Advertisement

trojan horse malware virus binary by v graphix getty

17 types of Trojans and how to defend against them

Trojan malware comes in many different types, but all require a user action to initiate.


swatting swat team raid police by onfokus getty images

Australia weighing ‘extraordinary’ powers to identify, disrupt dark web cybercriminals

Legal experts urge caution as the government proposes new police powers for dark web takedowns, social media takeovers.


A large 'X' marks a conceptual image of a password amid encrypted data.

Hashing explained: Why it's your best bet to protect stored passwords

Hashing is a cryptographic process that makes it harder for attackers to decrypt stored passwords, if used correctly.


A hacker attacks from within a Windows system.

Top SolarWinds risk assessment resources for Microsoft 365 and Azure

Government and private organizations, including Microsoft, have released a wealth of information and tools to assess risk from SolarWinds-like attacks.


Australia  >  Sydney  >  Streetscape / vanishing-point perspective / path / future / progress
Lohrmann on GovSpace

3 security career lessons from 'Back to the Future'

You don't need to be able to predict the future to have a successful security career, but you had darned well better be able to learn from the past.


Tech Spotlight   >   IT Leadership [intro]   >   One glowing arrow leads a pack of other arrows.

What IT leadership looks like in 2021

As IT leaders meet the challenges of the COVID era, only one thing is assured – more change is coming sooner than you think.


digital cloud computing cyber security digital data network future picture id1216520824

Top 7 security mistakes when migrating to cloud-based apps

As organizations rush key apps to the cloud to support remote workers, they often create opportunities for attackers. These are the most common mistakes to avoid.


Advertisement

lock circuit board bullet hole computer security breach

The 15 biggest data breaches of the 21st century

Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.


cloud security data breach crime accessible

4 ways attackers exploit hosted services: What admins need to know

Attackers are either targeting admins for hosted services with phishing campaigns or exploiting mistakes made when setting them up. Here's what to watch out for.


orange monitors with lock icon network security cyber threat

33 hardware and firmware vulnerabilities: A guide to the threats

Meltdown and Spectre raised the alarm over vulnerabilities that attackers can exploit in popular hardware and its firmware. Here's a roundup of the ones that present the most significant threats.


A person leaps between platforms surrounded by sharks. [danger / risk / challenges]

Top-heavy data-centre adoption threatens Australian government data security, ASPI warns

As one provider secures 79% of government panel contracts, the ASPI think tank warns about “blind and dangerous outcome” from “confused and inconsistent” data governance.


Binary Russian flag
Checks and Balances

SolarWinds hack is a wakeup call for taking cybersecurity action

Many questions are yet to be answered as the investigation and response continues, but one thing is clear: managing supply chain risks requires a level of sophistication similar to that of the attackers.