Data Security

Data Security | News, how-tos, features, reviews, and videos

lock circuit board bullet hole computer security breach
Compliance

wan bank networking finance2

GLBA explained: What the Graham-Leach-Bailey Act means for privacy and IT security

The Graham-Leach-Bailey Act (GLBA) is a 1999 law that allowed financial services companies to offer both commercial and investment banking, something that had been banned since the Great Depression. It has an infosec reach that goes...

Declining line graph / decreasing trend chart showing impact of the virus

Top 4 security trends to watch for 2021

Bad news: Ransomware becomes a bigger threat, and it becomes harder to find security talent. Good news: CISOs gain clout, and security infrastructure will improve.

compliance / regulations / rules / law / standards / policies

The Sarbanes-Oxley Act explained: Definition, purpose, and provisions

The Sarbanes-Oxley Act (sometimes referred to as SOA, Sarbox, or SOX) is a U.S. law passed in 2002 that aimed to protect investors by preventing fraudulent accounting and financial practices at publicly traded companies.

cso ts ai ml by just super getty images 2400x1600

How secure are your AI and machine learning projects?

Artificial intelligence and machine learning bring new vulnerabilities along with their benefits. Here's how experts minimized their risk.

phishing threat

8 types of phishing attacks and how to identify them

Phishing comes in many forms, from spear phishing, whaling and business-email compromise to clone phishing, vishing and snowshoeing. Here's how to recognize each type of phishing attack.

Dark net warning sign against black and yellow warning stripes in the background.

What is the dark web? How to access it and what you'll find

The dark web is part of the internet that isn't visible to search engines and requires the use of an anonymizing browser called Tor to be accessed.

security risk - phishing / malware / social engineering

9 types of malware and how to recognize them

Think you know your malware? Here's a refresher to make sure you know what you're talking about — with basic advice for finding and removing malware when you've been hit

tools drill bits toolkit tookapic free cc0 via pexels binary thinkstock

21 best free security tools

Check out these free, standout software tools that will make your daily security work easier.

human weak link cybersecurity primary

Supply chain attacks show why you should be wary of third-party providers

The weak link in your enterprise security might lie with partners and suppliers. Here’s how to understand and mitigate that risk.

Tech Spotlight   >   IT Leadership [CSO]   >   A woman shakes hands with another.

The CISO’s newest responsibility: Building trust

Leading CISOs have already embraced the concept of trust as a deliverable and indeed are making it the central theme of their entire security function.

bucket with holes breach security vulnerability

SAP ASE leaves sensitive credentials in installation logs

Two vulnerabilities in SAP ASE's Cockpit component leaves some sensitive information available to anyone on the network and other data susceptible to brute-force attacks.

A secure conceptual chain of hardware circuitry and CPUs / chips within a network of connections.

IBM, Intel, AMD take different routes to hardware-based encryption

So-called confidential computing approaches allow data to remain encrypted while in use. That's best done in hardware, and IBM, AMD and Intel are following different paths, each with its own trade-offs.

CSO > breakthrough / penetration testing / hammer breaking binary glass

11 penetration testing tools the pros use

Pentesting is a simulated cyber attack where professional ethical hackers break into corporate networks to find weaknesses ... before attackers do.

computer crime scene / hacked / infected / cybercrime / cyberattack

15 signs you've been hacked—and how to fight back

Redirected internet searches, unexpected installs, rogue mouse pointers: Here's what to do when you've been hacked.

Google Cloud

Google Cloud steps up security and compliance for applications, government

New Google Cloud offerings Confidential VMs and Assured Workloads for Government provide in-process data encryption and the ability to restrict storage locations, respectively.

EU / European Union / GDPR data privacy protection, regulation, compliance

General Data Protection Regulation (GDPR): What you need to know to stay compliant

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that...

Test tube vial of serum labeled COVID-19 stands beside a respirator mask / coronavirus / pandemic

Protecting employee COVID-19 health data: What CISOs need to know

Most companies are tracking coronavirus-related health data of their employees, and this presents unique risks and security challenges for CISOs.

SAP

Install latest SAP Adaptive Server Enterprise patches, experts urge

If left unpatched, these SAP ASE vulnerabilities could give attackers full control of databases and servers.

Load More