Features

tools drill bits toolkit tookapic free cc0 via pexels binary thinkstock
dashboard / report / metrics / results / analysis / management

Missed target arrows bullseye

7 most common ways to fail at DevSecOps

DevSecOps initiatives are fraught with peril and require careful consideration of culture, learning, process and business needs. Here's how companies tend to fail in those areas.

conference / convention / audience / applause / clapping

The CSO guide to top security conferences, 2021

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

vcmar shira james copy
video

Strategies for elevating security to an evergreen business priority

PwC Chief Information and Technology Officer James Shira is an expert on managing security's big picture. With the growing focus on risk management from boards and senior leadership, James shares advice on keeping security and risk...

CSO > Password elimination [conceptual password security lock in a trash bin]

The password hall of shame (and 10 tips for better password security)

Banish these common passwords now and employ these tips for better password security.

CSO  >  secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.

Security system alert: 'DANGER'

6 tips for receiving and responding to third-party security disclosures

Your first notification of your next breach or significant threat might come from outside your organization. Have these preparations in place to effectively and quickly respond to inbound security intelligence.

A fishing lure with multiple hooks baits a binary stream. [fraud / phishing / social engineering]

7 new social engineering tactics threat actors are using now

Old tactics in new packages lead the list of current social engineering attacks. Experts provide real-world examples.

Tech Spotlight   >   Analytics [Overview]   >   Conceptual image of data analytics.

5 perspectives on modern data analytics

You can't navigate business challenges without the right instruments. Done right, analytics initiatives deliver the essential insights you need, as these five articles explore.

Tech Spotlight   >   Analytics [CSO]   >   An image of a bottle of poison emanating binary code.

How data poisoning attacks corrupt machine learning models

Data poisoning is a type of attack that involves tampering with and polluting a machine learning model's training data, impacting the model's ability to produce accurate predictions.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

Zero days explained: How unknown vulnerabilities become gateways for attackers

A zero day is a security flaw that has not yet been patched by the vendor and can be exploited. The name evokes a scenario where an attacker has gotten the jump on a software vendor, implementing attacks that exploit the flaw before...

handshake / teamwork / collaboration / partnership / deal / negotiation

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

Artificial intelligence and digital identity

What is IAM? Identity and access management explained

IAM products provide IT managers with tools and technologies for controlling user access to critical information within an organization.

Encrypted blocks of multicolored data cubes rolling out.

What's next for encryption if the RSA algorithm is broken?

A recent, yet to be proven paper claiming to have found a way to "destroy the RSA cryptosystem" has cryptographers asking what might replace it.

data scientist face in profile with binary numbers analystics

Top 5 skills a SOC analyst needs

Whether building a new security operations center or revamping an existing one, staffing it with analysts that are equipped with these skills should be priority number one.

Digital Transformation [DX]  >  dandelion seeds blown by a virtual wind of change

The SolarWinds hack timeline: Who knew what, and when?

Impact, detection, response, and ongoing fallout from the attack on SolarWinds' Orion remote IT management software.

vcmar constantin finnegan
video

Keeping a remote workforce secure: Lessons learned, tips for the future

CSO’s Lucian Constantin joins Computerworld’s Matthew Finnegan and Executive Editor Ken Mingis to explain what companies should do to keep their remote employees — and valuable corporate data and info — safe. Secure remote access is...

phishing threat

What are phishing kits? Web components of phishing attacks explained

A phishing kit is the back-end to a phishing attack. It's the final step in most cases, where the criminal has replicated a known brand or organization.

intro woman leadership leader executive cityscape vision

How the CISO role is evolving

The chief information security officer (CISO) is the executive responsible for an organization's information and data security. Learn what it takes to land a CISO job and how to be successful in the role.

Load More