Security

Security | News, how-tos, features, reviews, and videos

many keys on a series of keychains / key rings / binary code overlay / password management

The 7 best password managers for business

A password manager stores a user’s passwords and logins for various sites and apps and generates new, strong passwords, making it a valuable tool for implementing strong passwords in your business.

access control / authentication / privileges / security / key

Active Directory security updates: What you need to know

These Active Directory updates address critical privilege bypass and elevation vulnerabilities. Implement them now if you can.

keys on a keychain / key ring / password management / binary code overlay

Exploit chains explained: How and why attackers target multiple vulnerabilities

Here is what you need to know about exploit chain risks, use cases, and mitigation.

Activists protest against racism and advocate for social justice and equal rights.

Aligning security strategy with ESG objectives: The next big issue for CISOs

As interest in environmental, social, and governance issues increases among investors, business partners, consumers, and employees, CISOs will need to shape their security and risk strategies to align with the organization’s ESG...

A stack of school books sits on a desk, with an apple on top. [Education/Learning]

TIAA boosts cybersecurity talent strategy with university partnership

CISO Tim Byrd teams up with New York University Tandon School of Engineering to create a new educational pathway for TIAA employees.

train tracks converge / rails switch / paths merge / convergence / directory traversals

6 ways hackers hide their tracks

From trusted pentesting tools to LOLBINs, attackers abuse trusted platforms and protocols to evade security controls.

conference / convention / audience / applause / clapping

The CSO guide to top security conferences, 2022

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

ipsecurity protocols network security vpn3

How IPsec works, it’s components and purpose

IPsec (Internet Protocol Security) is a suite of protocols that are used to secure internet communications. It is a common element of VPNs.

network security / network traffic scanning

Lessons learned from 2021 network security events

Rather than predict what 2022 will bring, let's manage the future by implementing the lessons learned from this year's biggest security threats.

locked data / bitcoins

How ransomware negotiations work

Here's what experienced negotiators say your organization should expect if it ever needs to pay a ransomware demand.

remote work concept working at home telework picture id1223790327

CISOs, what's in your work-from-home program?

CISOs reveal how their secure remote work strategies are set up for the long haul.

iot smart devices smart home internet wireless

4 ways employee home networks and smart devices change your threat model

Home routers, printers, security systems, DVRs, gaming consoles and other smart devices can significantly change the threat model for the corporate network.

CSO  >  secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.

human weak link cybersecurity primary

Supply chain attacks show why you should be wary of third-party providers

The weak link in your enterprise security might lie with partners and suppliers. Here’s how to understand and mitigate that risk.

iot security startups hot highlights planets rocket lock security

18 cybersecurity startups to watch

Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management,...

A laptop user with magnifying lens examines binary data.

How to detect Log4Shell exposure and exploitation

Software dependencies and third-party products make detecting Log4j exploits tough, but this advice and some specialized tools can help.

woman working on laptop - close focus, bokeh [by Rawpixel - CC0 via Unsplash]

Diversity in cybersecurity: Barriers and opportunities for women and minorities

Women and minorities interested in cybersecurity face headwinds. Here’s a look at the challenges they face and what can be done.

online shopping cart magecart hackers shopping online

What is Magecart? How this hacker group steals payment card data

Hacking groups that make up Magecart are effective and persistent at stealing customer and payment card data through skimmers. Here's how they work and what you can do to mitigate the risk.

business travel / airport terminal walkway / traveller

CISOs, what's in your travel security program?

It's time to review (or create) your travel security program now that more people are traveling for work and pleasure. Here's what it should include.

targeted holiday attacks  >  a red bow impaled by a hook, surrounded by abstract binary code

Security lessons from 2021 holiday shopping fraud schemes

Here are four ways fraudsters targeted the 2021 shopping period with insight into how retailers can prevent and defend against exploitation.

Load More