Features

woman on smartphone city network security leader iot

What is a Chief Security Officer? Understanding this critical role

The Chief Security Officer (CSO) is the executive responsible for the organization's entire security posture, both physical and cyber, and has the big picture view of the company's operational risk.

cyber resilience shock absorber

What is cyber resilience? Building cybersecurity shock absorbers for the enterprise

Sure, you’ve prepared for attacks and breaches, but how well can core business processes function when a crisis hits?

aerial view of shipping containers [by StockSnap - CC0 via Pixabay]

Why securing containers and microservices is a challenge

Their granularity, deployment speed, and data traffic volume require new approaches to securing container environments.

03 patch

Evaluating patch management software: 6 key considerations

Given the breadth of software systems in any given organization and the volume of patches being released by vendors, patch management software is a critical capability within IT environments today. Here's how to choose the tools...

thumbs up positive attitude congratulations happy employees staff

Branding infosec: Why security should consider its own internal advertising campaign

A positivity campaign raised security awareness — and improved performance — at Finning International.

vulnerable gdpr breach security cyber attack

GDPR-defined personal data can be hard to find—here's where to look

The General Data Protection Regulation (GDPR) puts the onus on organizations to better manage and personal data. But do they know where to find it? We list the areas most likely to be overlooked.

pc antivirus

The best antivirus? Kaspersky leads in latest tests, but that's only part of the story

Ransomware and other threats often get through signature-based antivirus protection, giving it a bad rap. However, antivirus tools still play an important role in the enterprise security strategy.

draft eprivacy regulation   privacy by design

Data and privacy breach notification plans: What you need to know

Failure to report breaches within the rules of the many global data and privacy protection regulations can result in penalties. Planning ahead will help avoid that.

agile devops

How lean development improved software security at Fannie Mae

Continual improvement methodologies strengthen security, shorten dev cycles and help the c-suite see infosec’s value.

CSO: Have you met these hackers? [slide 01]

10 types of hackers and how they'll harm you

Understanding the different types of hackers, what motivates them, and the malware they use can help you identify the attacks you are most likely to face and how to properly defend yourself and your organization.

European Union, EU

General Data Protection Regulation (GDPR) requirements, deadlines and facts

GDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that...

security risk - phishing / malware / social engineering

What is cross-site scripting (XSS)? Low-hanging fruit for both attackers and defenders

With XSS, attackers enter malicious code into a web form or web app URL to trick the application into doing something it's not supposed to do.

recruiting thinkstock

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

social certs hp

Top cyber security certifications: Who they're for, what they cost, and which you need

Expand your skills, know-how and career horizons with these highly respected cyber security certifications.

Adobe logo and products reflected in displays.

Adobe’s CSO talks security, the 2013 breach, and how he sets priorities

Brad Arkin has led Adobe's new approach to security and aims to make sure one of history’s biggest data breaches doesn’t happen again.

patch

6 steps for a solid patch management process

Patch management is simply the practice of updating software – most often to address vulnerabilities. Although this sounds straightforward, patch management is not an easy process for most IT organizations. Here are the steps you need...

data breach thinkstock

Verizon report: Ransomware top malware threat of 2017, moving into critical systems

DDoS attacks are also on the rise, but spying reports are down. Fewer people are clicking on phishing links.

fact fiction debunk myths truth

5 myths of API security

In light of Panera Bread’s API-related data breach, here what is — and isn’t — true about protecting application programming interfaces.

scale balance compare apple os versus windows 10 os

Microsoft Windows 10 vs. Apple macOS: 18 security features compared

Here's how the world's two most popular desktop OSes keep systems and data safe from malware, unauthorized access, hardware exploits and more.

digital money - binary code

How to detect and prevent crypto mining malware

Hackers are placing crypto mining software on devices, networks, and websites at an alarming rate. These tools can help spot it before it does great harm.

Load More