Features

A weary businessman holds hand to forehead at his laptop, surrounded by abstract security concepts.

three global network puzzle pieces

Third party risk management: A getting started guide

Your vendor partners may be your organization's weakest link. Without a strong third party risk management program in place, how would you know?

GDPR data privacy / protection / regulation / security / compliance / documentation / data / records

When and how to write a GDPR DPIA

Data Protection Impact Assessments are a way for companies to minimize risk around new processes and keep a record demonstrating their efforts to comply with the GDPR.

A shoe about to step on a banana peel, stopped by a small superhero.

10 risk factors no one talks about

These risk factors might not show up on an official risk assessment report, but every security professional should be thinking about them.

conference speaker + audience

The CSO guide to top security conferences, 2019

CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

Microsoft-based election, campaign systems

How to secure Microsoft-based election, campaign systems

Microsoft has issued guidance and provided resources for local election bodies and candidate campaigns to help protect systems and communications.

Linux security shield

Top Linux antivirus software

Malware attacks on Linux systems are on the rise. These free and low-cost tools provide good endpoint protection.

Business ethics  >  Handshake extended in trust / reliability / transparency

The CISO’s newest responsibility: Building trust

Trust is becoming a differentiator in the marketplace, and CISOs who seek a more strategic role in their must engage the full range of stakeholders to build confidence that the organization has their best interests in mind.

Tor Browser  >  private / anonymous web browsing / binary onion

What is the Tor Browser? How it works and how it can help you protect your identity online

The Tor Browser is a web broswer that anonymizes your web traffic using the Tor network, making it easy to protect your identity online.

man typing on laptop search internet web browswer

6 top OSINT tools: Find sensitive public info before hackers do

Hackers use open source intelligence to find information that will help them compromise systems. Using these tools will tell you how much of that info is exposed.

Equifax breach  >  Equifax logo amid broken, disrupted binary code

Equifax data breach FAQ: What happened, who was affected, what was the impact?

In 2017, personally identifying data of hundreds of millions of people was stolen from credit reporting agency Equifax. Here's a timeline of what happened, how it happened, and the impact.

Cloud security threats  >  Lightning strikes a digital landscape via binary clouds.

11 top cloud security threats

More data and applications are moving to the cloud, which creates unique infosecurity challenges. Here are the "Treacherous 12," the top security threats organizations face when using cloud services.

Recruiter attracts leads  >  Using a horseshoe magnet on a group of figurines.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

Cybersecurity awareness  >  A weary businessman holds hand to forehead at security training.

5 reasons users hate cybersecurity awareness training, and how to make them love it

If you want your security awareness training program to be effective, address these common user complaints.

Maersk container ship / shipping containers / abstract data

Rebuilding after NotPetya: How Maersk moved forward

In the wake of NotPetya attacks, Maersk’s IT and security teams embraced transparency, greater collaboration with business, and a risk-based approach.

VPN security vulnerabilities  >  VPN alert / warning / network servers

6 known RCE vulnerabilities in enterprise VPNs and how to minimize the risk

Enterprise VPNs might not always be as safe as you think. Be aware of these RCE vulnerabilities in popular enterprise VPN solutions.

Industry 4.0 / Industrial IoT / Engineer reviews virtual interface for robotics.

5 OT security takeaways CISOs need to communicate to stakeholders

Operational technology security requires a different approach than IT security. Here are key takeaways CSOs need to communicate to other executives and boards of directors.

train tracks converge / rails switch / paths merge / convergence / directory traversals

Directory traversal explained: Definition, examples and prevention

In a path traversal attack, also known as directory traversal, an attacker enters information in a web form, URL address line, or another input method that gives them access to a file or directory that they shouldn't have access to....

5G mobile wireless network technology

7 ways 5G mobile networks will change IoT security, and how to prepare

Every internet of things security issue will be greatly magnified in a 5G environment. Address these seven areas before you deploy your own.

Load More