Features
Consumers are done with passwords, ready for more innovative authentication
Surveys indicate that consumers are becoming more open to biometrics and multi-factor authentication.
4 lessons from recent Microsoft Azure cloud vulnerabilities
The discovery of serious vulnerabilities in Azure's Cosmos database and Linux VM shows you can't take cloud security for granted. Here's how to reduce the risk from current and future vulnerabilities.
CISA's Cloud Security Technical Reference Architecture: Where it succeeds and where it falls short
CISA's reference architecture will help federal government agencies improve cloud security, but it relies too much on outdated guidance.
How to choose an endpoint protection suite
Endpoint protection has come a long way since the days of dedicated antivirus servers. Here are the basic and more advanced features to look for in an enterprise endpoint protection suite.
Seven strategies for building a great security team
The dangers of a dysfunctional security team are easy to imagine, ranging from difficulty attracting and retaining talent to putting your organization at risk. These seven steps can make a world of difference.
Security Recruiter Directory
To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.
10 top API security testing tools
Application programming interfaces have become a favorite target for attackers. These tools and platforms (both commercial and open source) will help identify errors, vulnerabilities, and excessive permissions.
The Kaseya ransomware attack: A timeline
REvil's ransomware attack on software provider Kaseya underscored the threats to supply chains that ransomware groups pose. Here is an up-to-date timeline of the attack.
How to mitigate the Microsoft Office zero-day attack
Follow this advice to block malicious Office files from doing harm to your network even if you've implemented Microsoft's recommended actions.
CRISC certification: Your ticket to the C-suite?
Certified in Risk and Information Systems Control (CRISC) is a certification that focuses on enterprise IT risk management. Learn about the exam, prerequisites, study guides, and potential salary.
The new math of cybersecurity value
An increasing number of CISOs are devising a new set of metrics to show how they’re impacting risk at their organizations.
7 unexpected ransomware costs
Indirect costs related to a ransomware attack can add up over time. These are the expenses and financial risks that CISOs should be aware of.
Social engineering explained: How criminals exploit human behavior
Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems or data.
HP CISO Joanna Burkey: Securing remote workers requires a collaborative approach
New research finds 91% of IT teams feel pressure to compromise cybersecurity for WFH business continuity. HP CISO Joanna Burkey urges security leaders to tackle workforce IT conflicts to secure the remote and hybrid workplace.
![Tech Spotlight > Cybersecurity [CSO] > Hands gesture in conversation](https://images.idgesg.net/images/article/2021/03/spot_cybersecurity_02_cso_hands_gestures_talking_by_rawpixel_cc0_abstract_security_by_jeff_hu_gettyimages-1221975486_hero-100879634-small.3x2.jpg?auto=webp){kind=tracking}
How CISOs and CIOs should share cybersecurity ownership
CISOs and CIOs weigh in on how their cybersecurity responsibilities are evolving with changes in the business environment and threat landscape.
How to find a security-savvy MSP
Not all managed service providers are strong on security. Here's how to weed out those that will put your small- to medium-sized business at risk.
Steganography explained and how to protect against it
Steganography is reasonably easy to implement yet difficult to detect, which is why threat actors use it to deliver malware, evade detection, and gain persistence.
![Tech Spotlight > Cloud [CSO] > Conceptual image of laptop users with cloud security overlay.](https://images.idgesg.net/images/article/2021/06/spot_cloud_3x2_03_cso_laptop_users_with_ccloud_security_overlay__by_metamorworks_gettyimages-1132912672_b-100891925-small.3x2.jpg?auto=webp)
8 top cloud security certifications
Cloud security skills are in high demand. These certs will help you demonstrate your cloud security know-how.
8 pitfalls that undermine security program success
Don’t let these easy-to-overlook mistakes trip up your security strategy.
