UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

Features

video live 2up techtalk

video

Why VPNs aren’t the best security tool for working from home, and what to implement instead

VPNs are a remote work staple, but they’re hardly the most secure way to access corporate data. CSO Online’s UK Editor, Michael Hill, joins Juliet to explain why overreliance on VPNs poses a security risk, and what alternatives...

email security lock breach protocol by microstockhub getty

9 cloud and on-premises email security suites compared

These email security suites have evolved to keep pace with email-enabled threats.

Vitaliy Panych, CISO, State of California

California state CISO: the goal is “operating as a whole government”

Partnerships with other state entities elevate security capabilities and enhance information sharing to provide better security overall, says California state CISO Vitaliy Panych.

A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

red padlock cybersecurity threat ransomeware

The Kaseya ransomware attack: A timeline

REvil's ransomware attack on software provider Kaseya underscored the threats to supply chains that ransomware groups pose. Here is an up-to-date timeline of the attack.

avoid detour side step trap hole in floor arrow by lucadp getty images

How CISOs escape the cost center trap

Even as the CISO role is becoming more business-focused, in many organizations the notion of security as purely a cost center persists. Here’s how savvy CISOs can turn that around.

female developer programmer devops next generation it staff

Software composition analysis explained, and how it identifies open-source software risks

SCA tools give insight into open-source software components and the vulnerabilities they have.

Microsoft Windows > Defending against attacks

Why small businesses should consider Microsoft Defender for Business

Defender for Business brings EDR and threat monitoring features found in more expensive Windows licenses to smaller organizations.

5G light trails

6 key points of the new CISA/NSA 5G cloud security guidance

The security guidance focuses on zero-trust concepts as the US agencies anticipate growth of 5G networks.

Encryption > Encrypted data / hexadecimal code

Spike in encrypted malware poses dual challenge for CISOs

Faced with a surge in malware hidden in encrypted traffic, CISOs are being tasked with managing technical solutions while also adhering to privacy considerations.

Rich Agostino, SVP and Chief Information Security Officer, Target [2020]

How Target's CISO balances customer security and customer experience

In wake of a 2013 data breach, Rich Agostino rebuilt Target’s approach to cybersecurity, addressing vulnerabilities while maintaining a user-friendly web presence for customers.

resume template job application recruit stack of paper by peopleimages getty

8 tips for a standout security analyst resume

Learn how to present and prioritize your education, skills, and experience to land your next security analyst job.

CSO > secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.

ransomware

REvil ransomware explained: A widespread extortion operation

The REvil group, a.k.a. Sodinokibi, re-victimizes its targets by threatening to release stolen data even after the initial ransom demand is paid.

An engineer reviews strategy framework data.

5 IT risk assessment frameworks compared

Formal risk assessment methodologies can help take guesswork out of evaluating IT risks if applied appropriately. Here is real-world feedback on using COBIT, OCTAVE, FAIR, NIST RMF, and TARA.

staffing the hybrid cloud public private cloud clouds

The 3 biggest challenges of SASE in hybrid cloud environments

Tool sprawl, inadequate cooperation between network and security teams, or lack of trust can derail SASE adoption in hybrid cloud environments.

Conceptual image of a password amid hexadecimal code.

4 tools to prevent leaks in public code repositories

Use these tools to find your company's exposed secrets in repositories such as GitLab, GitHub, or Google Cloud Build before attackers do.

Cryptojacking > Binary skull, code and bitcoin symbols invade systems as malware

How to spot and block cryptominers on your network

Cryptominer malware is stealthy and drags down network and device performance. Some simple tasks and basic tools can minimize its impact.

Load More

Popular Resources

White Paper

Buyer's Guide for Backup and Recovery
White Paper

Five IT Security Risks In A Perimeterless World
Video/Webcast
Sponsored

Lessons from over 1,000 Migrations
Video/Webcast
Sponsored

Webinar: How Advanced QMS Technologies Change the Game
White Paper

Taking a Risk-Based Approach to Healthcare Compliance

See All

Most Popular

BrandPosts

Sponsored by Sophos

Are Retailers Ready for Holiday Season Ransomware?
Sponsored by Cisco

5 Steps to Secure Your Hybrid Workers
Sponsored by Fortinet

Hyper-vigilance is Critical for Retail Security