

Mary K. Pratt
Contributing writer
Mary K. Pratt is a freelance writer based in Massachusetts.

MITRE Engage: a framework for deception
The new framework helps security teams understand their adversaries by creating engagement opportunities that keep defenders in control, says MITRE CISO Bill Hill.

6 security analyst job description red flags that make hiring harder
With security professionals in short supply, it pays to ensure your job postings aren’t turning away good candidates. Here are six things experts say to avoid and what to do instead.

Locked in: How long is too long for security vendor contracts?
Security moves fast. Here’s how experts say you should find the right balance among agility, stability, and price.

How Code42 automates insider risk response
When insiders exhibit risky behaviors, good-natured bots reach out to provide support in this CSO50 award-winning project.

How Visa fights fraud
The financial services company has made massive investments in data and analytics to better detect and prevent fraud.

6 tips for effective security job postings (and 6 missteps to avoid)
With demand for security professionals outstripping supply, employers need to ensure their job postings hit the mark. Here’s how to write a security job posting that attracts qualified candidates.

For one software maker, an SBOM adds value to the product
At Instant Connect, an SBOM has become part of the product offering, says Chief Product Officer Wes Wells.

Vulnerability management mistakes CISOs still make
These common missteps and misconceptions may be keeping your vulnerability management from being the best it can be.

Raytheon’s John DeSimone on building the offensive line
Security teams need to become more proactive and go after malware, says DeSimone.

12 steps to building a top-notch vulnerability management program
Security experts share their best advice for the essential ingredients of a solid vulnerability management program, including foundational elements to put in place, workflows to establish, who to involve, and metrics to track.

Equifax’s Jamil Farshchi: Security shouldn’t be a trade secret
Farshchi joined the credit reporting agency in 2018 with a mandate for change following the company’s high-profile data breach. Today, he’s calling for greater transparency and collaboration in the security community, with Equifax...