Features

shadow flashlight shadowy investigation
financ credit pos

cybersecurity controls

The 5 CIS controls you should implement first

The CIS Critical Security Controls list (formerly the SANS Top 20 controls) has been the gold standard for security defense advice. These are the tasks you should do first.

Cyber insurance  >  Umbrella hub protecting connected devices + online activities in binary world.

Implementing a successful cyber insurance program: Key steps and considerations

In a first, a Black Hat micro summit explains how insurers assess risk to write cyber insurance policies as more organizations seek to indemnify themselves against potential breach losses.

healthcare data breach / medical patient privacy security violation

6 biggest healthcare security threats for 2020

Healthcare continues to be a popular target for ransomware, cryptomining, data theft, phishing, and insider threats.

Multi-factor authentication (MFA) / two-factor authentication (2FA) / one-time security code

2fa explained: How to enable it and how it works

Two-factor authentication (2fa) is a method of establishing access to an online account or computer system that requires the user to provide two different types of information. It can boost security for anyone using any kind of online...

VPN / Virtual Private Network  > A mobile phone connecting via VPN / network connections.

Top mobile VPNs for the enterprise

Any of these six VPNs can securely connect mobile devices to your enterprise network if it supports the configuration options you need.

Tracking hot jobs + salary trends  > Charts / graphs / money / flames

8 hot IT security jobs and what they pay

IT security is of major concern to all organizations, and they're willing to pay to get top talent. Are you being paid what you are worth? Take a minute to check.

phishing threat

What is phishing? How this cyber attack works and how to prevent it

Phishing is a method of trying to gather personal information using deceptive e-mails and websites. Here's what you need to know about this venerable, but increasingly sophisticated, form of cyber attack.

secured vpn tunnel

What is Wireguard? Secure, simple VPN still in development

The Wireguard VPN offers better performance and a simpler, effective approach to cryptography. Is it ready for the enterprise?

cloud based service ics as a service by ipopba getty

ICS as a cloud service is coming: Will the benefits outweigh the risks?

Plugging industrial control and operational technology equipment into cloud-based monitoring and remote management systems increases visibility, but it also takes away their security by obscurity.

CSO > silhouettes overlaid with a circular maze / shared perspective / empathy / collaboration

How secure are your AI and machine learning projects?

Artificial intelligence and machine learning bring new vulnerabilities along with their benefits. Here's how several companies have minimized their risk.

toxic security culture in the enterprise industrial pollution hazardous waste caution danger

5 signs your security culture is toxic (and 5 ways to fix it)

Here's how to get the security culture you want if you see these warning signs in your organization.

Selecting the right people.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

8 getting breached is bad for business

What is the cost of a data breach?

Data breach costs can be ongoing for years, a new study finds. Here's the breakdown of costs and advice on how to minimize them.

CSO  >  ransomware / security threat

Regional municipal ransomware attacks soar; MS-ISAC can help

Recent regional ransomware attacks underscore the importance of information sharing among municipalities.

Capital One  >  hack

Capital One hack shows difficulty of defending against irrational cybercriminals

The motivation of the malicious actor who stole data of more than 100 million people was driven by emotional distress and did not follow traditional hacker patterns.

data center / network servers

6 ways cybercriminals use commercial infrastructure

Whether through fraud or legitimate purchase, cybercriminals increasingly depend on mainstream services to support their activities.

black hat / hacker / spotlight / binary overlay

4 takeaways from Black Hat 2019

Experts identified new trends and warned of emerging or growing threats, including security's impact on software development and the growing threat social media poses.

secured network of computers with locks displayed on screens

Why giving users two separate systems won't improve security

Red/green systems, which give users one system for work and another for other tasks, no longer makes sense from a security and cost perspective. There are alternatives.

Load More