Automation/machine learning/artificial intelligence >  mind-gears within circuit-board silhouette
A vast network of identity avatars. [identity management]

5 cryptography and data protection

What is cryptography? How algorithms keep information secret and safe

Cryptography is the art of keeping information secret and safe by transforming it into form that unintended recipients cannot understand. It makes secure data transmission over the internet possible.

conference / convention / audience / applause / clapping

The CSO guide to top security conferences, 2022

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

John DeSimone, president of Cybersecurity, Intelligence & Services, Raytheon Intelligence & Space

Raytheon’s John DeSimone on building the offensive line

Security teams need to become more proactive and go after malware, says DeSimone.

https ssl certificate

How to choose a certificate management tool

Managing certificates that hold all your encryption secrets is impossible without the right tool. Here's how to narrow the field.

Linux security shield

Top Linux endpoint protection software

Malware attacks on Linux systems are on the rise. These free and low-cost tools provide good endpoint protection.

An abstract network of nodes or endpoints.

What Microsoft Defender can tell you about your network

Microsoft Defender for Business alerts can show what's happening in your network. The better you understand your network, the faster you can triage alerts.

Blurry hands typing on computer keyboard

Keyloggers explained: How attackers record computer inputs

A keylogger (short for keystroke logger) is a tool that can record and report on a computer user's activity as they interact with a computer.

wireless network - industrial internet of things edge [IoT] - edge computing

MITRE ATT&CK v11 adds ICS matrix, sub-techniques for mobile threats

The latest version of the MITRE ATT&CK Framework addresses two of the most pressing threat-actor targets: mobile devices and industrial control systems.

An open lock sits on a credit card lying on a computer keyboard.

PCI DSS explained: Requirements, fines, and steps to compliance

PCI DSS (Payment Card Industry Data Security Standard) is a cybersecurity standard backed by all the major credit card and payment processing companies that aims to keep credit and debit card numbers safe.

First aid kit > help / fix / patch / remedy / recovery

12 steps to building a top-notch vulnerability management program

Security experts share their best advice for the essential ingredients of a solid vulnerability management program, including foundational elements to put in place, workflows to establish, who to involve, and metrics to track.

big data merger and acquisition big business smb

Top cybersecurity M&A deals for 2022

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.

Jamil Farshchi, CISO, Equifax

Equifax’s Jamil Farshchi: Security shouldn’t be a trade secret

Farshchi joined the credit reporting agency in 2018 with a mandate for change following the company’s high-profile data breach. Today, he’s calling for greater transparency and collaboration in the security community, with Equifax...

ransomware attack

What your cyber insurance application form can tell you about ransomware readiness

The annual cyber insurance application form shows what the carriers think you should be doing to best prevent and recover from ransomware attacks. Pay attention.

Application security  >  Software code + data protected with a lock

7 top software supply chain security tools

These tools will help identify vulnerabilities and threats posed by third-party code through software composition analysis and SBOM creation.


Zero-click attacks explained, and why they are so dangerous

Zero-click attacks, especially when combined with zero-day vulnerabilities, are difficult to detect and becoming more common.

executives on the move stairs career promotion upward steps

Security leaders chart new post-CISO career paths

The evolution and growing prominence of the CISO role gives holders more options on where to go next in their careers.

hackathon students code programmer devops certification by rawpixel unsplash

23 DevSecOps tools for baking security into the development process

Catch and remediate application vulnerabilities earlier and help integrate security in the the development process with these five categories of DevSecOps tools.

A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

Load More