CSO and CISO
CSO and CISO | News, how-tos, features, reviews, and videos
How CISOs can do more with less in turbulent economic times
If you think cybersecurity is recession-proof, think again. The time is now to trim waste and streamline risk management.
Open letter demands OWASP overhaul, warns of mass project exodus
The viability of the Open Worldwide Application Security Project for the modern open-source software landscape has been called into question.
Municipal CISOs grapple with challenges as cyber threats soar
Municipal CISOs grapple with challenges as they become targets for nation-state threat actors, cope with regulations, and pursue funding from resource-constrained governments.
New CISO appointments, February 2023
Keep up with news of CSO, CISO, and other senior security executive appointments.
How security leaders can effectively manage Gen Z staff
To attract and retain Gen Z professionals CISOs must know what this generation values and their strengths to be an effective part of cybersecurity teams.
Cybersecurity in wartime: how Ukraine's infosec community is coping
A year into the war, resilience and adaptation, risk and sacrifice are the hallmarks of being a cybersecurity professional in Ukraine.
Stress pushing CISOs out the door
Around 50% of CISOs are expected to change jobs by 2025, according to a Gartner study that found the cybersecurity leader’s job is becoming more stressful.
Cyber arms race, economic headwinds among top macro cybersecurity risks for 2023
The Bipartisan Policy Center's report on the top eight macro cybersecurity risks highlights how little progress organizations have made in dealing with them.
Why CISOs change jobs
CISOs often deliver suboptimal performance and have a short shelf life. Organizations are often at fault for both outcomes.
Measuring cybersecurity: The what, why, and how
CISOs need to report the key security performance and risk indicators to executive teams in way that they find meaningful and actionable.
Plan now to avoid a communications failure after a cyberattack
CISOs should take the lead to develop a post-cyberattack communications plan that accurately informs stakeholders and instills confidence in their organizations' response.
How to unleash the power of an effective security engineering team
These are the essential skills that security leadership should instill and develop in their security engineering teams.
Will your incident response team fight or freeze when a cyberattack hits?
CISOs train their teams to fight hackers but often overlook the human tendency to freeze up during a crisis. Planning for the psychology of incident response can help prevent a team from seizing up at the wrong moment.
How to survive below the cybersecurity poverty line
The security poverty line has become the benchmark of acceptable cybersecurity for businesses. Here are the factors that determine that benchmark and advice for those below it.
Economic headwinds could deepen the cybersecurity skills shortage
Security professionals will remain in high demand, but economic fallout will make hiring even harder.
Cybersecurity spending and economic headwinds in 2023
Investments will increase but CISOs will be more selective, driving the need for federated technology architectures.
How Marvel’s Avengers inspire Pinsent Masons CISO to adapt cybersecurity hiring
Pinsent Masons CISO Christian Toon discusses the need to challenge hiring practices to attract and keep cybersecurity talent.
Dozens of cybersecurity efforts included in this year’s US NDAA
Cybersecurity initiatives included in the US National Defense Authorization Act for 2023 include increased funding for Cybercom’s hunt-forward operations.