UNITED STATES

Welcome! Here are the latest Insider stories.

More Insider Sign Out

Features

vcmar pedersen steve copy

video

Expanding fraud prevention and detection and cybersecurity at scale

Coast Capital Savings Director of Information Security Stephen Pedersen leads a team that focuses on cybersecurity along with fraud prevention and detection as it expands its business nationally through a digital banking platform....

CSO > secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

Top cybersecurity M&A deals for 2021

The cybersecurity market is hot, and vendors are buying competitors to solidify their position or acquiring other firms to expand their offerings.

Multifactor authentication > Mobile phone verification of a permission request for laptop login.

Hacking 2FA: 5 basic attack methods explained

As two-factor authentication becomes more widespread, criminals seek novel ways to subvert it. Here's what you need to know.

phishing threat

What are phishing kits? Web components of phishing attacks explained

A phishing kit is the back-end to a phishing attack. It's the final step in most cases, where the criminal has replicated a known brand or organization.

CSO > Invalidated cyber insurance

17 cyber insurance application questions you'll need to answer

Recent high-profile security incidents have tightened requirements to qualify for cyber insurance. These are the tougher questions insurance carriers are now asking.

Social engineering / social media security / privacy breach / fraud

How cybercriminals turn ‘harmless’ stolen or leaked data into dollars

By merging data from multiple sources, cybercriminals can build profiles of hacked account owners to enable other attacks or increase the effectiveness of social engineering campaigns.

A virtual checkmark in digital system / standards / quality control / certification / certificates

HITRUST explained: One framework to rule them all

HITRUST is a cybersecurity framework that seeks to unify the rules for many other existing regulatory and industry frameworks, including HIPAA, GDPR, PCI-DSS, and more.

malware attack

6 most common types of software supply chain attacks explained

Not all software supply chain attacks are the same. Here are the methods attackers currently use to corrupt legitimate software through third parties.

hands hold a string of lightbulbs hands at sunset / ideas / brainstorming / invention / innovation

CIO Think Tank Roadmap Report: Reinventing IT

As companies accelerate out of pandemic disruption, how can IT meet increasing demands — and reap unprecedented benefits? In a series of virtual roundtables, dozens of IT leaders offered key insights about the road ahead.

vcmar ppd

video

Aligning security, compliance and privacy across inventory tracking

Brad Wells, Executive Director, Information Security, and Kandice Samuelson, Senior Director, IT Governance at PPD lead a team enhancing PPD's inventory tracking system that identifies PPD’s most valuable assets. Join us to learn how...

Many keys, one lock > Brute-force credential stuffing.

Credential stuffing explained: How to prevent, detect, and defend against it

Credential stuffing is the automated use of collected usernames and passwords to gain fraudulent access to user accounts.

Detecting phishing attempts > A magnifying lens spots a hook trying to catch a fish.

5 best practices for conducting ethical and effective phishing tests

Phishing tests have become a popular feature of cybersecurity training programs, but they should follow ethical frameworks to ensure they don’t do more harm than good.

teamwork / developers / programmers / collaboration / group conversation, discussion, gesturing

Tailor security training to developers to tackle software supply chain risks

Software developers need specialized security awareness training to help them spot supply chain risk and avoid being victimized by attackers.

An anonymous hooded figure surrounded by an abstract network of connections and data.

The 10 most dangerous cyber threat actors

These are the most notorious global cybercriminal and state-sponsored groups according to security researchers.

vulnerable breach cyberattack hacker

How API attacks work, and how to identify and prevent them

Attackers know how to get around WAFs and API gateways when targeting APIs. Here's how some companies are coping with the rapid increase in API attacks.

vcmar constantin lucian copy

video

The role of ransomware negotiators and what they can and can’t do

CSO senior writer Lucian Constantin knows that paying ransomware demands should be avoided -- unless lives are on the line or the survival of a business is at stake. Join us as Lucian talks about the role of the ransomware negotiator,...

woman on smartphone city network security leader iot

The CSO role today: Responsibilities and requirements for the top security job

The CSO is the executive responsible for the organization's entire security posture, both physical and cyber, and has the big picture view of the company's operational risk.

Tech Spotlight > Cybersecurity [CSO] > Hands gesture in conversation

8 things CISOs should be thinking about, but probably aren't

CISOs need to cover all the security bases. The problem is, some of the bases are easy to overlook.

Load More

Popular Resources

eBook
Sponsored

11 Monitoring Platform Capabilities for Enterprise DevOps Teams
eBook
Sponsored

5 Essential Elements of an Agile CMS
White Paper

Don't Take Cloud Security For Granted
eBook
Sponsored

Expert Clarity on DevOps Chaos
eBook
Sponsored

Key skills for corporate growth

See All

Most Popular

BrandPosts

Sponsored by Fortinet

Driving Digital Innovations and High Performance On and Off the Race Track
Sponsored by Sophos

Changing the Narrative Around Attack Victim Shaming
Sponsored by ExtraHop

The Importance of Network Data in Cloud Workload Security