Features

Malicious USB dongle / memory stick / thumb drive with skull icon

BadUSB explained: How rogue USBs threaten your organization

Tim Fitzgerald, CISO and SVP, Arm

Arm’s vulnerability management program has legs

pharming > faudulent website redirect

The Prometheus traffic direction system is a major player in malware distribution

Newly discovered Prometheus uses a network of compromised websites and servers to direct victims to malware or scams.

Cyber warfare > Russian missile launcher / Russian flag / binary code

Russia-linked cyberattacks on Ukraine: A timeline

Cyber incidents are playing a central role in the Russia-Ukraine conflict. Here's how events are unfolding along with unanswered questions.

adding processor to circuit board computer hardware

Microsoft's Pluton security processor tackles hardware, firmware vulnerabilities

Pluton-equipped Windows 11 computers are now available, but the decision to purchase them depends on your threat model.

programmer abstract code glasses devops certification skills kevin unsplash

How chaos engineering can help DevSecOps teams find vulnerabilities

DevOps teams have used chaos engineering concepts to find software bugs for years. Tools are now available to help identify security flaws, too.

Shared responsibility concept > Hands take equal shares of pie chart [partnership / teamwork]

Collective resilience: Why CISOs are embracing a new culture of openness

CISOs are finding value in information sharing among trusted, vetted sources. Here’s how they are maximizing the intelligence gathered from these channels.

A stressed businessman with head in hand sits at a desk and computer in an office workspace.

The emotional stages of a data breach: How to deal with panic, anger, and guilt

Intense situations require both the security experts and stakeholders to be calm and focused, but that is easier said than done. This advice can help.

Teresa Merklin, Fellow, Lockheed Martin Aeronautics

Lockheed’s Teresa Merklin: There’s no such thing as a quick fix

Forget the silver bullet; focus on cyber resiliency, advises the Lockheed Martin fellow.

A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

big data merger and acquisition big business smb

Top cybersecurity M&A deals for 2022

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.

Many keys, one lock > Brute-force credential stuffing.

4 ways cybercriminals hide credential stuffing attacks

Cybercriminals adopt tactics to disguise credential stuffing activity and avoid basic prevention schemes like CAPTHCAs.

microsoft 365 channel attributes apps

A 2022 checklist for protecting Microsoft 365 users and data

You have native options to better secure Microsoft 365. Use them effectively and you might save time and money spent on other solutions.

hot and cold fire and ice clash temperature

7 hot cybersecurity trends (and 2 going cold)

Is that security trend hot or not? From tools and technologies to threats and tactics, the numbers don't lie.

spot nww primary main hybridcloud 2400x1600 1

The cloud comes down to earth

An ever-expanding universe of cloud platforms, services, and applications have become fundamental to business and IT operations.

One avatar is uniquely identified among others at the center of a bullseye in a digital environment.

Protecting PII: Examples, laws, and standards

Personally identifiable information (PII), is any piece of data that could be used—either alone or when combined with other data—to identify an individual. Some types of PII are obvious, such as a name or Social Security number, but...

spot cw primary hybridcloud 2400x1600 4

5 top hybrid cloud security challenges

Hybrid cloud environments can add complexity, reduce visibility, and require different logging and monitoring approaches for security teams.

Scanning for vulnerabilities.

The Apache Log4j vulnerabilities: A timeline

The Apache Log4j vulnerability has impacted organizations around the globe. Here is a timeline of the key events surrounding the Log4j exploit as they have unfolded.

gavel / abstract binary lines > court judgment / fine / penalty / settlement

The biggest data breach fines, penalties, and settlements so far

Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $1.3 billion and counting.

01 intro prediction

Top 8 cybersecurity predictions for 2022

Seeing opportunities in the mass move to remote work, cyberattackers are updating their tactics, compelling security leaders to respond. Experts make their predictions about threat reduction, compliance, supply chain management,...

Load More