Careers
Careers | News, how-tos, features, reviews, and videos
6 reasons why your anti-phishing strategy isn’t working
Phishing is such a successful scam that appears to be here to stay — and only get more effective. From over-reliance on technology to confusing and counterproductive training, here are six reasons why your anti-phishing strategy might...
Security Recruiter Directory
To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.
How CISOs can do more with less in turbulent economic times
If you think cybersecurity is recession-proof, think again. The time is now to trim waste and streamline risk management.
Open letter demands OWASP overhaul, warns of mass project exodus
The viability of the Open Worldwide Application Security Project for the modern open-source software landscape has been called into question.
Municipal CISOs grapple with challenges as cyber threats soar
Municipal CISOs grapple with challenges as they become targets for nation-state threat actors, cope with regulations, and pursue funding from resource-constrained governments.
New CISO appointments, February 2023
Keep up with news of CSO, CISO, and other senior security executive appointments.
How security leaders can effectively manage Gen Z staff
To attract and retain Gen Z professionals CISOs must know what this generation values and their strengths to be an effective part of cybersecurity teams.
Cybersecurity in wartime: how Ukraine's infosec community is coping
A year into the war, resilience and adaptation, risk and sacrifice are the hallmarks of being a cybersecurity professional in Ukraine.
The CSO guide to top security conferences
Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.
Stress pushing CISOs out the door
Around 50% of CISOs are expected to change jobs by 2025, according to a Gartner study that found the cybersecurity leader’s job is becoming more stressful.
Cyber arms race, economic headwinds among top macro cybersecurity risks for 2023
The Bipartisan Policy Center's report on the top eight macro cybersecurity risks highlights how little progress organizations have made in dealing with them.
Why CISOs change jobs
CISOs often deliver suboptimal performance and have a short shelf life. Organizations are often at fault for both outcomes.
Measuring cybersecurity: The what, why, and how
CISOs need to report the key security performance and risk indicators to executive teams in way that they find meaningful and actionable.
Plan now to avoid a communications failure after a cyberattack
CISOs should take the lead to develop a post-cyberattack communications plan that accurately informs stakeholders and instills confidence in their organizations' response.
How to unleash the power of an effective security engineering team
These are the essential skills that security leadership should instill and develop in their security engineering teams.
Will your incident response team fight or freeze when a cyberattack hits?
CISOs train their teams to fight hackers but often overlook the human tendency to freeze up during a crisis. Planning for the psychology of incident response can help prevent a team from seizing up at the wrong moment.
How to survive below the cybersecurity poverty line
The security poverty line has become the benchmark of acceptable cybersecurity for businesses. Here are the factors that determine that benchmark and advice for those below it.
Economic headwinds could deepen the cybersecurity skills shortage
Security professionals will remain in high demand, but economic fallout will make hiring even harder.