Security Practices

Security Practices | News, how-tos, features, reviews, and videos

Woman executive with security lock
nycrr cybersecurity gavel regulation compliance law nyc statue of liberty

woman teaching class presentation collaboration

7 critical steps for successful security onboarding

Creating a culture of security starts on day one, say veteran security leaders. Here’s their advice for making that initial security training more effective.

Tech Spotlight   >   Cloud [CSO]   >   Conceptual image of laptop users with cloud security overlay.

Palo Alto debuts Unit 42 team for managed detection and response

Live expert service builds on Palo Alto’s Cortex extended detection and response (XDR) platform provide, offering a managed detection and response (MDR) team for more personalized cybersecurity management and incident response.

Zoom video conferencing  >  One user connected via laptop showing a grid of remote participants.

5 best practices for secure collaboration

How successful companies are facing the challenges of securing emerging communication technologies.

A network of digital connections extend broadly across layers of city highways / routing paths.

Defense in depth explained: Layering tools and processes for better security

Defense in depth is a security strategy in which multiple security tools, mechanisms, and policies are deployed in tandem on the assumption that if one fails, another will hold.

Conceptual rescue / recovery image   >   A flotation device drifts on a binary sea.

Best practices for recovering a Microsoft network after an incident

Follow this advice to minimize stress when recovering credentials, systems and settings after a ransomware or other cyberattack.

A laptop user works securely behind a firewall.

Cybersecurity is a constant fire drill—that’s not just bad, it’s dangerous

Security efforts based on heroism and tribal knowledge can’t scale. CISOs must address this situation as soon as possible.

Team member extends all hands in for a huddle. [unity / teamwork / trust / diversity / inclusion]

Sophos unifies threat analysis and response units into X-Ops team

Cybersecurity vendor Sophos reorganized three prominent organizational teams into a single new entity, for more efficient responses to modern threats.

diverse group people collaborate using Post-It notes to strategize on a glass wall

How to conduct a tabletop exercise

Testing your security policies and procedures in real-life scenarios can help you improve your security posture—if you implement the lessons learned.

A hand reaches to activate controls marked with gear icons [ process / update / fix / automate ]

New Flashpoint offering automates incident response workflows

Low-code platform enables security teams to build security workflows with drop-and-drag ease.

Robot Artificial Intelligence chat bot

How Code42 automates insider risk response

When insiders exhibit risky behaviors, good-natured bots reach out to provide support in this CSO50 award-winning project.


Revelstoke’s SOAR to improve case management with replicable sub-workflows

The company’s Case Automation Security Execution (CASE) management platform will use its in-house unified data layer (UDL) to develop and deploy automated, logic-based, sub-workflows for replication.

closeup of female hand holding red marker checking off list

5 things security pros want from XDR platforms

New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform.

white duck with gold eggs

How Aflac maximizes security ROI

Return on security investment is more than a matter of dollars and sense, it’s also about ensuring the security technologies you’re employing stand up to today’s threats.

John DeSimone, president of Cybersecurity, Intelligence & Services, Raytheon Intelligence & Space

Raytheon’s John DeSimone on building the offensive line

Security teams need to become more proactive and go after malware, says DeSimone.

Jamil Farshchi, CISO, Equifax

Equifax’s Jamil Farshchi: Security shouldn’t be a trade secret

Farshchi joined the credit reporting agency in 2018 with a mandate for change following the company’s high-profile data breach. Today, he’s calling for greater transparency and collaboration in the security community, with Equifax...

whitelisting computer security security oversight admin lockout control by metamorworks getty images

The new cybersecurity mandate

Parsing the White House’s cybersecurity directives.

12 incident response life preserver survival disaster recovery

Cybereason launches DFIR solution to automate incident response

Vendor says new solution takes forensic-driven approach to incident response that extends deeper value to defenders.

A frowning, anxious woman looks at her phone in shock and horror.

The security user experience (SUX)

Security processes that treat the very users we protect as unwanted burdens and alienate them in the process are a path to failure.

Load More
You Might Also Like