Features

digital identity / authentication

Consumers are done with passwords, ready for more innovative authentication

Surveys indicate that consumers are becoming more open to biometrics and multi-factor authentication.

A broken link in a digital chaing / weakness / vulnerability

4 lessons from recent Microsoft Azure cloud vulnerabilities

The discovery of serious vulnerabilities in Azure's Cosmos database and Linux VM shows you can't take cloud security for granted. Here's how to reduce the risk from current and future vulnerabilities.

keeping the cloud secure cloud security lock padlock private cloud

CISA's Cloud Security Technical Reference Architecture: Where it succeeds and where it falls short

CISA's reference architecture will help federal government agencies improve cloud security, but it relies too much on outdated guidance.

Security threat   >   One endpoint on a network has been compromised.

How to choose an endpoint protection suite

Endpoint protection has come a long way since the days of dedicated antivirus servers. Here are the basic and more advanced features to look for in an enterprise endpoint protection suite.

intro crew highly effective teams rowing

Seven strategies for building a great security team

The dangers of a dysfunctional security team are easy to imagine, ranging from difficulty attracting and retaining talent to putting your organization at risk. These seven steps can make a world of difference.

A man and woman sit on opposite sides of an office desk, in discussion.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

programmer developer devops apps developer code hacker dark secrets by peopleimages getty

10 top API security testing tools

Application programming interfaces have become a favorite target for attackers. These tools and platforms (both commercial and open source) will help identify errors, vulnerabilities, and excessive permissions.

red padlock cybersecurity threat ransomeware

The Kaseya ransomware attack: A timeline

REvil's ransomware attack on software provider Kaseya underscored the threats to supply chains that ransomware groups pose. Here is an up-to-date timeline of the attack.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

How to mitigate the Microsoft Office zero-day attack

Follow this advice to block malicious Office files from doing harm to your network even if you've implemented Microsoft's recommended actions.

job growth climbing the corporate ladder promotion stairs corporate govenernance new job nathan dum

CRISC certification: Your ticket to the C-suite?

Certified in Risk and Information Systems Control (CRISC) is a certification that focuses on enterprise IT risk management. Learn about the exam, prerequisites, study guides, and potential salary.

One person uses a calculator while another reviews financial data.

The new math of cybersecurity value

An increasing number of CISOs are devising a new set of metrics to show how they’re impacting risk at their organizations.

A U.S. dollar sign casts a question mark shadow.

7 unexpected ransomware costs

Indirect costs related to a ransomware attack can add up over time. These are the expenses and financial risks that CISOs should be aware of.

Social media threat / danger / risk >  Text bubbles interact, one bearing skull + crossbones

Social engineering explained: How criminals exploit human behavior

Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems or data.

Joanna Burkey, CISO, HP

HP CISO Joanna Burkey: Securing remote workers requires a collaborative approach

New research finds 91% of IT teams feel pressure to compromise cybersecurity for WFH business continuity. HP CISO Joanna Burkey urges security leaders to tackle workforce IT conflicts to secure the remote and hybrid workplace.

Tech Spotlight   >   Cybersecurity [CSO]   >   Hands gesture in conversation

How CISOs and CIOs should share cybersecurity ownership

CISOs and CIOs weigh in on how their cybersecurity responsibilities are evolving with changes in the business environment and threat landscape.

managed security service providers

How to find a security-savvy MSP

Not all managed service providers are strong on security. Here's how to weed out those that will put your small- to medium-sized business at risk.

Encrypted blocks of multicolored data cubes rolling out.

Steganography explained and how to protect against it

Steganography is reasonably easy to implement yet difficult to detect, which is why threat actors use it to deliver malware, evade detection, and gain persistence.

Tech Spotlight   >   Cloud [CSO]   >   Conceptual image of laptop users with cloud security overlay.

8 top cloud security certifications

Cloud security skills are in high demand. These certs will help you demonstrate your cloud security know-how.

banana peel slip accident mistake fall by rapideye getty

8 pitfalls that undermine security program success

Don’t let these easy-to-overlook mistakes trip up your security strategy.

iot security startups hot highlights planets rocket lock security

18 cybersecurity startups to watch

Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management,...

Load More