Features

Scanning for vulnerabilities.

Conceptual image of a network labeled 'Zero Trust.'

Athletic shoe maker Brooks runs down cyberattacks with zero-trust segmentation

Protecting the most vital areas of the network first is a practical, doable defense, Brooks found when it implemented Illumio Core’s zero-trust segmentation platform.

Cyber insurance  >  Umbrella hub protecting connected devices + online activities in binary world.

What you should know when considering cyber insurance in 2023

When even the best-laid cybersecurity plans fail, cyber insurance can help mitigate an organization’s exposure to financial and operational risk—but the insurance landscape is shifting with the times.

digital twins woman in profile ai mirror duplicate duo pair

The cybersecurity challenges and opportunities of digital twins

The virtual representation of objects or systems through digital twins provide organizations greater insight into their assets but it can also invite malicious actors.

blame 174280704

When blaming the user for a security breach is unfair – or just wrong

Training non-tech savvy users to recognize phishing and other credential-based attacks is essential but expecting employees to man the front lines against intrusions is a mistake, experts say. Harmony between staff psychology and...

conference / convention / audience / applause / clapping

The CSO guide to top security conferences

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

manager scanning workforce data via antimalware picture id1022805724

8 things to consider amid cybersecurity vendor layoffs

Cybersecurity vendor layoffs raise several issues for CISOs and customers, not the least of which are security and risk-related factors. Here are 8 things to consider if your security vendor has announced significant staff cuts.

Ransomware  >  A coin-operated lock ransoming an encrypted system.

What is Ransom Cartel? A ransomware gang focused on reputational damage

The group combines data encryption with data theft and threatens to release stolen information on their website. But Ransom Cartel ups its game by threatening to send sensitive information to victim’s partners, competitors, and news...

social media - collaboration tools - communication

How to build a public profile as a cybersecurity pro

High-profile cybersecurity professionals share their paths, tips, and learnings for those interested in creating a personal brand.

A circuit key at the center of a system of integrated security: endpoints/devices/networks/apps/etc.

Top 7 CIAM tools

Customer identity and access management (CIAM) is the basis to improve management and control of third parties’ access to a business. Here are the top seven CIAM tools currently in the market.

big data merger and acquisition big business smb

Top cybersecurity M&A deals for 2022

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.

security system vulnerabilities - a grid of locks with several unlocked

EPSS explained: How does it compare to CVSS?

The Exploit Prediction Scoring System has its shortcomings, but it can complement CVSS to help better prioritize and assess vulnerability risk.

targeted holiday attacks  >  a red bow impaled by a hook, surrounded by abstract binary code

Online retailers should prepare for a holiday season spike in bot-operated attacks

On the naughty list this year are a host of bad actors employing a huge variety of different bot attacks that can have a big impact on retail websites. Fortunately, there are steps cybersecurity professionals can take to mitigate the...

man looking through binocs spy hacker breach infiltrate gettyimages 164644457 by selimaksan 2400x16

Know thy enemy: thinking like a hacker can boost cybersecurity strategy

Putting on a red hat and trying to understand the motivations, expectations, behaviors, and goals of bad actors can be a key part of a solid cybersecurity plan.

secure remote work

How remote working impacts security incident reporting

Security teams must update their security incident reporting policies and processes to account for remote work or risk exposure to increased threats.

A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

Android Security

Android security: Which smartphones can enterprises trust?

A broad range of vendors means a broad range of security issues to understand and assess. But three Android vendors meet the highest security standards — and one should be avoided.

3 security vendors

Build a mature approach for better cybersecurity vendor evaluation

Establishing a thorough, well-planned in-house strategy for assessing cybersecurity vendors and their products is a hallmark of an organization’s maturity and can avoid hassles, headaches, and unnecessary expense.

API security alert / software development / application flow chart diagram

How Cisco keeps its APIs secure throughout the software development process

Cisco’s API-for-an-API project unifies API security tools and weaves security through all stages of the software process.

Load More