UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

Features

A virtual sphere of photos of individuals appears against a cityscape.

Security job candidate background checks: What you can and can't do

Enterprise cybersecurity begins with a trustworthy staff. Here's how to ensure that current and prospective team members aren't hiding any skeletons.

security audit - risk assessment - network analysis

Microsoft 365 Advanced Audit: What you need to know

Microsoft's powerful new auditing options will help detect intrusions and see what was accessed...if you've paid for the right licenses.

interconnecting gears / process / automation / machinery / mechanism / efficiency

Inrupt offers a standard for controlling data and identity on the web

Founded by security and web luminaries, Inrupt has commercialized the Solid Project technology to manage sensitive data in a more secure, compliant manner...if enough people buy into its vision.

audit binary compliance magnifying glass investigate

5 ways to combat audit fatigue

The growing number of audits for security and privacy regulatory compliance is stressing security personnel and draining resources from security operations. Here's how to better manage them.

Casual man with beard seated at home office with smart phone

10 things work-from-home employees can do now to help protect the network

WFH employees are now more susceptible to attacks that steal credentials or plant malware. Have them follow this advice to better protect themselves and the business.

A target floats aimlessly in an ocean of missed darts.

Undervalued and ineffective: Why security training programs still fall short

Research reveals a glaring disconnect between the need for security training and its perceived value. But organizations that have made their awareness programs a strategic priority and adopted more modern approaches are finding...

Ransomware > A coin-operated lock ransoming an encrypted system.

Egregor ransomware group explained: And how to defend against it

Egregor is one of the most rapidly growing ransomware families. It employs "double ransom" techniques to threaten reputational damage and increase pressure to pay.

conference / convention / audience / applause / clapping

The CSO guide to top security conferences, 2020

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

healthcare data breach / medical patient privacy security violation

The HITECH Act explained: Definition, compliance, and violations

The Health Information Technology for Economic and Clinical Health (HITECH) Act aims to expand the use of electronic health records through incentives to health care providers and consumers. It also tightens rules on providers to...

Ransomware > A masked criminal ransoms data for payment.

CSO's guide to the worst and most notable ransomware

The ransomware gangs and their malware listed here have victimized millions of companies and caused billions of dollars in costs.

diversity south african woman reaching out to shake hands make deal south africa merger and acquisi

Diversity in security: How 3 organizations are making a difference—one relationship at a time

Taking a purposeful approach to diversity, security leaders bring programs, personal stories, and intentionality to changing the persistent low levels of Blacks and minorities in their profession.

locked data / bitcoins

How ransomware negotiations work

Here's what experienced negotiators say your organization should expect if it ever needs to pay a ransomware demand.

handshake / teamwork / collaboration / partnership / deal / negotiation

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

man with feather duster makeover clean dust

Inside cybersecurity’s shelfware problem

Sometimes underutilization of security software and services is a deliberate, strategic choice; more often it's a cause for concern.

A hand reaches to activate controls marked with gear icons [ process / update / fix / automate ]

How strong, flexible data protection controls can help maintain regulatory compliance

An effective approach to data protection controls embraces ethical standards and anticipates new requirements. Here’s how some CISOs and other experts tackle the issue.

Strategy > Moving chess pieces as abstract data overlays the game

5 ways attackers counter incident response, and how to stop them

IR has become a chess match with attackers who can cleverly spoil responders' efforts and keep a foothold in systems. Here's how they do it and how to kick them out for good.

Tech Spotlight > The Future of Work [Overview] > A crystal ball for peering into the future.

The future of work: Coming sooner than you think

What will your worklife be like years from now? Today's work-from-home world has given us a glimpse of the future, as these five articles from CIO, Computerworld, CSO, InfoWorld, and Network World illustrate.

Tech Spotlight > The Future of Work [CSO] > Laptop user with virtual security overlay.

6 top security technologies to protect remote workers

Zero trust, SASE, and identity management are just some of the technologies companies are deploying to secure home-based workers, systems, and data.

Load More

Popular Resources

White Paper

The Forrester Wave™ Endpoint Detection & Response, Q1 2020 Report
Sponsor Article
Sponsored

AI and Computer Vision Create Safe Spaces
Video/Webcast
Sponsored

Addressing Today’s Networking Challenges in Manufacturing
White Paper

Ensuring Productivity and Security in the New Remote Work Era
White Paper

The State of JD Edwards EnterpriseOne

See All

Most Popular

BrandPosts

Sponsored by CIS

Configuration Security for Remote Endpoints with CIS-CAT Pro
Sponsored by Hewlett Packard

What It Takes to Implement Zero Trust With Employees Working From Home
Sponsored by ReliaQuest

5 Often-Overlooked Log Sources