Welcome! Here are the latest Insider stories.

More Insider Sign Out

Features

international flags / global business discussion

22 notable government cybersecurity initiatives in 2022

Countries across the globe are taking on cybersecurity threats. Here are the most notable initiatives they've introduced in 2022.

hacker linkedin scam romance scam on social media phishing heart

How cybercriminals use public online and offline data to target employees

A LinkedIn post about getting a new job turned into a potential phishing scam. Similar incidents are more common than you might think.

What are the new Windows 11 22H2 security features?

The September Windows 11 update add protections against malicious applications and drivers, phishing, credential misuse, and more.

A binary mask.

The deepfake danger: When it wasn’t you on that Zoom call

Deepfakes pose a real threat to security and risk management and it’s only going to get worse as the technology develops and bad actors can access malicious offerings such as deepfakes as a service.

A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

Multifactor authentication > A mobile phone displays a digital key to a lock on a user's laptop.

Multi-factor authentication fatigue attacks are on the rise: How to defend against them

LAPSUS$ is just one cybercriminal group that has breached networks of large companies such as Uber and Microsoft by spamming employees with MFA authentication requests.

A man with an umbrella appears waist-deep in water against a city skyline. [multiple-exposure]

D&O insurance not yet a priority despite criminal trial of Uber’s former CISO

The cost is too high and the risk too low to offer CISOs directors-and-officers insurance at many companies. Protective governance policies might make more sense.

SAP sign

Most common SAP vulnerabilities attackers try to exploit

Unpatched systems, misconfigurations and vulnerable custom code are making SAP environments a top target for cyberattacks.

team trust risk gap help assistance challenge

5 ways to grow the cybersecurity workforce

The cybersecurity workforce shortage and related skills gap stubbornly persists. Here are five ways to attract talent now.

A group discussion takes place around a table in an office workspace.

Collaboration is key to balance customer experience with security, privacy

Security and privacy teams working with sales, marketing and design ensures a good user experience while protecting data and maintaining regulatory compliance.

rocket launch startup cloud success growth badge

Security startups to watch for 2022

Security startups are often innovation leaders. These are some of the most interesting ones to watch as they tackle issues around cloud security, asset management and more.

software development / application testing / planning / flow chart / diagram

U.S. government issues guidance for developers to secure the software supply chain: Key takeaways

The U.S. NSA, CISA and ODNI created the Securing the Software Supply Chain guide to focus on the software development lifecycle.

12 famous passwords used through the ages

Passwords seem like a recent thing, but they've been in use for a long time. Here are a dozen of the more memorable ones.

Hands type on a laptop keyboard.

Recommended security resources for Microsoft Active Directory

These resources will keep you up to date on how to best protect your Active Directory domains.

Tech Spotlight > Cloud [CSO] > Conceptual image of laptop users with cloud security overlay.

CNAPP buyers guide: Top tools compared

Cloud native application protection platforms aim to provide a complete cloud security solution, but some are more complete than others.

Abstract Java code

8 notable open-source security initiatives of 2022

Vendors, collectives and governments are contributing to improve the security of open-source code, software, and development amid organizations’ increasing use of open-source resources.

gavel / abstract binary lines > court judgment / fine / penalty / settlement

The 12 biggest data breach fines, penalties, and settlements so far

Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $4.4 billion and counting.

conference / convention / audience / applause / clapping

The CSO guide to top security conferences

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

Load More

Most Popular

BrandPosts

Sponsored by Juniper Networks

You can’t have zero trust without visibility
Sponsored by Devo

Moving Security Technologies to the Cloud? 4 Tips for CISOs
Sponsored by Microsoft Security

Extortion Economics: Ransomware’s New Business Model