Security

Security | News, how-tos, features, reviews, and videos

deadline clock time speed analog clock by ryan mcguire gratisography

How and when to set Windows logging to UTC time

As networks become more distributed and cloud-based, you should consider changing servers to UTC time to ensure proper syncing. This will help with forensics investigations.

deepfakes fake news tv head manipulation superimposed brainwashed

How and why deepfake videos work — and what is at risk

Once the bailiwick of Hollywood special effects studios with multi-million-dollar budgets, now anyone can download deepfake software and use machine learning to make believable fake videos. This makes a lot of people nervous.

man with smooshed face frustrated overwhelmed stressed shocked by ryan mcguire gratisography

5 ways to curb cybersecurity burnout

91% of CISOs suffer ‘moderate or high’ levels of stress. Here are some ways to help.

succession brain sharing intellectual knowledge sharing

How threat intelligence sharing can improve the security posture of whole industries

UBS and industry peers conduct joint cyber war games to improve security posture and incident response of the whole sector.

binary code matrix

Inside the 2014 hack of a Saudi embassy

According to documents seen by CSO, an unknown attacker took control of the official email account of the Saudi embassy in The Netherlands and demanded a ransom of $50 million for ISIS.

security system vulnerabilities - a grid of locks with several unlocked

The case for continuous automated security validation

Organizations must truly understand their vulnerabilities at all times to make the right risk mitigation decisions. Continuous automated security validation can provide that.

threat ransomware response

The 6 biggest ransomware attacks of the last 5 years

The biggest ransomware attacks illustrate how this particularly nasty genre of attack software has grown from a curiosity and an annoyance to a major crisis.

6 demonstate value metrics

Security technologies that provide the most savings

A new report from Accenture and the Ponemon Institute quantifies which cybersecurity technologies provide the most value to an organization.

broken lock amid binary code and circuits

These two books explain how to fix our broken security industry

Organizations spend billions each year on security, but much of that spend is on the wrong things. These books will point you in the right direction.

CSO Digital Magazine, Spring 2019

CSO50 2019: Seeding security in the cloud

CSO50 award-winning companies are rising to the cloud security challenge and finding new ways to protect data and assets.

pc antivirus

Best antivirus software: 9 top tools

These top-ranking Windows 10 client antivirus products were tested on three primary criteria: protection, performance, and usability.

Mousetrap and cheese, seen floor-level from the perspective of the mouse.

Review: Fidelis Deception breathes life into fake assets

Today's skilled hackers know, or at least suspect, that deception is in place and won't blindly follow breadcrumbs to fake assets. To combat this, Fidelis Deception creates realistic, living deception assets.

Microsoft Windows update arrows / progress bars

How to prepare for the Microsoft Windows 10 1903 security feature update

Microsoft is changing the way it does Windows 10 feature updates, and that will affect how you schedule update deferrals. Here's what you need to know.

security command center monitors control center getty goro denkoff

OpenC2 can accelerate security operations, automation, and orchestration

OpenC2, a standards effort from OASIS, has the potential to accelerate and automate risk mitigation and incident response. Users and vendors should jump onboard.

computer forensics

How hackers use ransomware to hide data breaches and other attacks

Most ransomware is used simply to make money. However, it can also be used as part of an attacker’s exit strategy to wipe out forensic evidence of a more serious breach.

CSO slideshow - Insider Security Breaches - Flag of China, binary code

Chinese hacking groups to ramp up cyber attacks on some industries, experts say

Companies in industries critical to China’s five-year plan face a higher risk of nation-state-sponsored cyber attacks.

Bear trap.

What is a honeypot? A trap for catching hackers in the act

A honeypot is a system designed to lure hackers into revealing their origins and techniques, and they're used by security researchers and corporate IT alike.

Artificial Intelligence robotic in wheat field

11 questions to ask before buying AI-enabled security software

Infosec is complicated enough. Add AI/ML into your security software mix, and you may be asking for trouble. Or, choose the right vendor, and you could wind up with the best toys on the block. Here's what you need to know to wind up...

Broken window with band-aid patch

Critical Magento SQL injection flaw could be targeted by hackers soon

Popular e-commerce platform Magento has released security patches to fix the flaw. Researchers say update now.

Man pointing to security icon for email

What are DMARC, SPF and DKIM? How to master email security with these protocols

The three main email security protocols complement one another, so implementing them all provides the best protection. That’s easier said than done, but these tips can help.

Load More