Physical Security
Physical Security | News, how-tos, features, reviews, and videos
When blaming the user for a security breach is unfair – or just wrong
Training non-tech savvy users to recognize phishing and other credential-based attacks is essential but expecting employees to man the front lines against intrusions is a mistake, experts say. Harmony between staff psychology and...
Stuxnet explained: The first known cyberweapon
Thanks to Stuxnet, we now live in a world where code can destroy machinery and stop (or start) a war.
Chinese cyber espionage campaign targeted Australia, South China Sea energy sector, says study
The campaign was aimed at Australian governmental agencies and media companies, and at maintainers of wind turbines in the South China Sea.
Spyware infections continue as the U.S. federal government takes notice
As more high-profile instances of spyware misuse come to light, the U.S. government begins to take action to address the threat.
NSO Group’s Pegasus crashes as Apple initiates Dignity and Justice Fund
The failed sale of NSO Group to L3Harris raises concerns about who will own its surveillance technology, while Apple takes steps to hold surveillance firms accountable.
Cybersecurity researchers face real-life threats
Investigations into both cybercriminal and nation-state actors can have consequences. Some researchers have upgraded their physical security.
Germany's BSI warns against Kaspersky AV over spying concerns
The warning renews global concerns about using Russian-made software as the country continues its assault on Ukraine.
Are Ukraine’s drone capabilities being throttled in Russia-Ukraine conflict?
Chinese drone producer DJI Global is accused of limiting capabilities of its AeroScope technology for the Ukrainian army, giving an air reconnaissance edge to Russian invaders.
CISOs, beware of spyware tools for illicit competitive intelligence
Two recent court cases expose the capabilities of publicly available spyware and how businesses and governments use them for malicious purposes.
Apple AirTag and other tagging devices add to CISO worries
Tagging devices such as Apple's AirTag can be misused by employees, criminals, and competitors to track people and devices in a way that puts organizations at risk.
Australia’s physical-security specialists looking to take on information security
The convergence of physical and information security is pushing CISOs towards new roles and new partnerships.
APT actors exploit flaw in ManageEngine single sign-on solution
US government agencies urge immediate action to look for indicators of compromise and, if found, take recommended steps to mitigate.
The CSO role today: Responsibilities and requirements for the top security job
The CSO is the executive responsible for the organization's entire security posture, both physical and cyber, and has the big picture view of the company's operational risk.
Tech Primer
What it takes to become an information assurance analyst
This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...
Tech Primer
Fraud prevention: Improving internal controls
Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.
Tech Primer
How to write an information security policy
Learn the critical first step, why consensus is key, what to cover and how make your information security policy — and program — effective.
Tech Primer
Red team versus blue team: How to run an effective simulation
Playing the role of an attacker can make your team better at defense. Learn how in our step-by-step guide to war gaming your security infrastructure — from involving the right people to weighing a hypothetical vs. live event.
Tech Primer
How to survive (and thrive) in the CISO hot seat
The CISO role is more varied and more pressure-filled than ever. CSO Online looks at how you can be successful in a post where security incidents and management feuds can cost you your job.