UNITED STATES
×
Close
Taylor Armerding

Taylor Armerding

Contributing writer

The Latest from Taylor
Automation is the key component of DevSecOps collaboration and optimization
BrandPost Synopsys

Automation is the key component of DevSecOps collaboration and optimization

Poor software quality can cost time and money, straightforward solutions are available
Defense against software security risk by Taylor Armerding

Poor software quality can cost time and money, straightforward solutions are available

Top IT leaders get it—if it’s high quality, with security “built-in” throughout development, software can make a business successful.

How to write an IT security engineer job description
Feature

How to write an IT security engineer job description

The IT security engineer is on the front line of protecting a company's assets from threats. The job requires strong technical, organizational and communication skills.

How to write an information security architect job description
Feature

How to write an information security architect job description

A good information security architect straddles the business and technical worlds. Writing a solid, clear job description ensures that both sides understand the role.

The best of Black Hat: The consequential, the controversial, the canceled
Feature

The best of Black Hat: The consequential, the controversial, the canceled

Over the past two decades, the annual Black Hat conference has had its share of controversy. CSO looks back at the most significant talks and demonstrations.

The 5 worst big data privacy risks (and how to guard against them)
Feature

The 5 worst big data privacy risks (and how to guard against them)

There are enormous benefits from Big Data analytics, but also massive potential for exposure that could result in anything from embarrassment to outright discrimination. Here's what to look out for — and how to protect yourself and...

How to write an information security analyst job description
Feature

How to write an information security analyst job description

A thorough, clear job description will ensure that security analysts stay on the same page with management expectations.

What is CVE, its definition and purpose?
Feature

What is CVE, its definition and purpose?

CVE is a program launched in 1999 by MITRE, a nonprofit that operates research and development centers sponsored by the federal government. Its purpose is to identify and catalog vulnerabilities in software or firmware into a free...

Closing the CVE gap: Is MITRE up to it?
Analysis

Closing the CVE gap: Is MITRE up to it?

Critics say the The Common Vulnerabilities and Exposures (CVE) program, managed by MITRE, is falling far behind in its mission to catalog and identify all known vulnerabilities. Its defenders say a new model is closing that gap.

Medical devices at risk: 5 capabilities that invite danger
Feature

Medical devices at risk: 5 capabilities that invite danger

It isn't just certain connected medical devices that put patient data and physical safety at risk, it's specific capabilities and systems within which they operate that make them a broad, and vulnerable, attack surface.

Caught in the breach – what to do first
News

Caught in the breach – what to do first

Since there is no way to prevent every cyber attack, incident response is crucial. Experts at the MIT Sloan CIO Symposium talk about what to do immediately after the bad news hits.

AI: The promise and the peril
News

AI: The promise and the peril

Two panels at the MIT Sloan CIO Symposium this week focused on how to embrace the almost magical productivity benefits of artificial intelligence without leaving workers behind.

Load More