Business Operations

Business Operations | News, how-tos, features, reviews, and videos

The shadow of hand unsettlingly hovers over a keyboard.
Multi-factor authentication (MFA) / two-factor authentication (2FA) / one-time security code

CSO: Have you met these hackers? [slide 04]

Chinese APT group Winnti stole trade secrets in years-long undetected campaign

The Operation CuckooBees campaign used zero-day exploits to compromise networks and leveraged Windows' Common Log File System to avoid detection.

lawsuit judge law court decision sued

Cybersecurity litigation risks: 4 top concerns for CISOs

Cybersecurity and data protection are expected to become top drivers of legal disputes. What litigation risks should CISOs be most concerned about and what can they do about it?

A man casts the shadow of an ominous hooded figure against a circuit-based wall.

JHL Biotech's theft of Genentech data holds lessons for infosec

Genentech employees stole the company's data on behalf of JHL Biotech for years. What could they have done to spot the theft sooner?

rules rulebook law compliance regulation by baloon111 getty

New insider threat: Bad business decisions that put IP at risk

The U.S. FTC forced Weight Watchers to destroy algorithms after it violated privacy laws, giving CISOs another worry over protecting intellectual property.

data protection / security / risk management / data privacy / GDPR

Exiger launches data-agnostic supply chain risk platform

With supply chain risks abounding, extra visibility into potential problems could stand manufacturers in good stead.

Two developers collaborate on a project as they review code on a display in their workspace.

Anchore Enterprise software SCM platform adds SBOM capabilities

The new release of Anchore's software SCM (supply chain management) platform generates an SBOM (software bill of materials) for individual builds and steps in a development cycle, automatically triggering alerts for possible...

wind turbines energy utilities innovation alternative energy by anna jimenez calaf unsplash

Fortress creates center for security information on energy suppliers

Vendor library offers means to bolster supply-chain security through data sharing and communication.

lawsuit judge law court decision sued

Webroot files patent infringement claim against Trend Micro

The lawsuit accuses Trend Micro of using Webroot's patented malware detection, network security, and endpoint protection technologies without authorization.

Tech Spotlight   >   Cybersecurity [CSO]   >   Hands gesture in conversation

HackerOne calls for end of security by obscurity

The bug hunting platform offers a proposal for greater corporate cybersecurity responsibility and transparency.

supply chain / virtual network of connections

3 steps to supply chain resilience

Malicious actors are targeting your third- and fourth-party vendors, causing supply chain disruption and risk to your own network. Mitigate that risk by taking these actions.

A man casts the shadow of an ominous hooded figure against a circuit-based wall.

Motorola case shows importance of detecting insider IP theft quickly

Departing Motorola employees took thousands of documents with them in 2008 when they were hired by a competitor, but it wasn't discovered until 2017.

CSO: Have you met these hackers? [slide 04]

NCSC warns industry, academia of foreign threats to their intellectual property

Russia and China continue to engage in IP theft to bolster their defense technology and economic standing, respectively. The National Counterintelligence and Security Center urges action.

Russian hammer and sickle / binary code

Russian cyberspies target cloud services providers and resellers to abuse delegated access

A new Microsoft advisory claims Russia's Nobelium group is trying to gain long-term access to the technology supply chain and offers mitigation advice.

API security alert / software development / application flow chart diagram

Detecting anomalies with TLS fingerprints could pinpoint supply chain compromises

Researchers at Splunk outline a technique, pioneered by Salesforce, that could detect malicious activity in the software supply chain, but with some limitations.

A man casts the shadow of an ominous hooded figure against a circuit-based wall.

Proofpoint lawsuits underscore risk of employee offboarding

Nearly every employee leaving a company takes data or intellectual property, but few companies adequately screen and monitor for it. Recent court cases underscore the risk.

Insider threats  >  Employees suspiciously peering over cubicle walls

China theft of US agriculture sector trade secrets prompts government guidance

China and other countries have used insiders to steal intellectual property from agricultural research. The government has responded with guidance for identifying insider threats.

A magnifying lens examines top secret information amid binary code.

Intellectual property protection: 10 tips to keep IP safe

Your company's intellectual property, whether that's patents, trade secrets or just employee know-how, may be more valuable than its physical assets. This primer covers everything from establishing basic policies and procedures for IP...

lawsuit judge law court decision sued money

7 steps to protect against ransomware-related lawsuits

How a CISO prepares for and responds to a ransomware attack can have huge consequences should customers or partners decide to sue.

Load More
You Might Also Like