J.M. Porup

Senior Writer

J.M. Porup has been a security geek since 2002, when he got his first job in IT. Since then he's covered national security and information security for a variety of publications, and now calls CSOonline home. He previously reported from Colombia for four years, where he wrote travel guidebooks to Latin America, and speaks Spanish fluently with a hilarious gringo-Colombian accent.

Presidential campaign websites fail at privacy, new study shows

5 OT security takeaways CISOs need to communicate to stakeholders

5 OT security takeaways CISOs need to communicate to stakeholders

Operational technology security requires a different approach than IT security. Here are key takeaways CSOs need to communicate to other executives and boards of directors.

Speaker disinvites at CyberCon spark controversy

Speaker disinvites at CyberCon spark controversy

NSA whistleblower Thomas Drake and Australian academic Dr. Suelette Dreyfus disinvited from speaking at CyberCon a week before the conference.

Voting machine security: What to look for and what to look out for

Voting machine security: What to look for and what to look out for

The US Senate approved $250 million to help states purchase more secure voting equipment — but includes no provisions for what "secure" means. Our buying guide will help state election officials spend taxpayer money wisely.

5 top cybersecurity masters degrees: Which is right for you?

5 top cybersecurity masters degrees: Which is right for you?

New cyber masters degrees are popping up all over the place. Here's our unscientific rundown of the top five.

6 questions candidates should ask at every security job interview

6 questions candidates should ask at every security job interview

The cybersecurity skills shortage means security pros can be picky about where they work. Here's how to suss out bad employers.

IoT vendors ignore basic security best practices, CITL research finds

IoT vendors ignore basic security best practices, CITL research finds

New measurements by the CITL mass fuzzing project show just how bad things really are--and how IoT device makers could radically increase binary security with one day of engineering work.

ICS as a cloud service is coming: Will the benefits outweigh the risks?

ICS as a cloud service is coming: Will the benefits outweigh the risks?

Plugging industrial control and operational technology equipment into cloud-based monitoring and remote management systems increases visibility, but it also takes away their security by obscurity.

Improving BGP routing security by minding your MANRS

Improving BGP routing security by minding your MANRS

Enterprises can improve their routing security for modest costs, according to the Mutually Agreed Norms for Routing Security (MANRS) project.

The best and worst of Black Hat 2019

The best and worst of Black Hat 2019

Security rock stars? Fake science? This year's Black Hat had it all.

Black Hat keynote: Why security culture needs to change

Black Hat keynote: Why security culture needs to change

Dino Dai Zovi tells Black Hat audience to embrace a culture where security is everyone's job and risks are shared. Automation with feedback loops also key to solving security challenges at scale

Inside the 2014 hack of a Saudi embassy

Inside the 2014 hack of a Saudi embassy

According to documents seen by CSO, an unknown attacker took control of the official email account of the Saudi embassy in The Netherlands and demanded a ransom of $50 million for ISIS.

Load More