Supply Chain

Supply Chain | News, how-tos, features, reviews, and videos

supply chain management controls - ERP - Enterprise Resource Planning
Opinion

GAO calls out US government agencies: Get your supply chain security act together

malware attack
Feature

6 most common types of software supply chain attacks explained

tc vcmar routh
video

Lessons from the SolarWinds attack on securing the software supply chain

The SolarWinds breach represents a tectonic shift in threat actor tactics, suggesting this kind of attack vector will be replicated. Not only were the attacker’s sophistication and technical proficiency high -- allowing them to stay...

vulnerable breach cyberattack hacker
News Analysis

CISA issues guidance on defending against software supply chain attacks

The government makes recommendations for both organizations and software vendors to minimize the risk of software compromised by a criminal or foreign adversary.

backdoor / abstract security circuits, locks and data blocks
Feature

5 questions CISOs should be able to answer about software supply chain attacks

The SolarWinds attack put a spotlight on the threats that compromised third-party software present organizations. Here are the top questions executive management, boards and partners are asking CISOs about their preparedness.

What it takes to become an information assurance analyst

This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...

Fraud prevention: Improving internal controls

Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.

What it takes to become an IT security engineer

The role is a fairly new one in many companies, and qualified candidates are in high demand. Learn how one IT security engineer landed his current job, the skills and training that helped him get there, and where his sights are set...

information security 2

How to write an information security policy

Learn the critical first step, why consensus is key, what to cover and how make your information security policy — and program — effective.

Red team versus blue team: How to run an effective simulation

Playing the role of an attacker can make your team better at defense. Learn how in our step-by-step guide to war gaming your security infrastructure — from involving the right people to weighing a hypothetical vs. live event.

How to survive (and thrive) in the CISO hot seat

The CISO role is more varied and more pressure-filled than ever. CSO Online looks at how you can be successful in a post where security incidents and management feuds can cost you your job.

Special report: platforms play big in the cloud

This latest report in our C-Suite 360 series takes a full-spectrum look at the opportunities and risks in cloud computing, offering up the expert information your organization needs to set its cloud strategy.

Research report: IT security's looming tipping point

Even as security draws board-level attention, many IT professionals give their organizations’ infosec practices low marks. This special report from CIO, CSO and Computerworld reveals how to tip the balance in the right direction.

The CSO identity management survival guide

This guide will help you communicate through the challenges of identity management, learn from success stories and discover the most valuable features of today's identity management tools.

Load More