Features

CSO > Azure automation for Let's Encrypt certificates

How Azure Active Directory helps manage identity for remote users

Still using Active Directory to manage identity for remote workers? You might want to consider moving to Azure Active Directory.

library / repository / binders and boxes on shelves in a large archive

The 7 deadly sins of records retention

Record retention is both a fact of life and a growing headache for organizations burdened by a spiraling number of regulations and legal obligations. Here are worst (and best) practices for securing data and documents.

boardroom job opening executive in silhouette empty chair new job

Does it matter who the CISO reports to?

Reporting relationships are more than lines on an org chart, they're lines of authority. Ultimately, who the CISO reports to may say more about an organization's maturity than it does about an individual's effectiveness.

ransomware attack

Ryuk ransomware explained: A targeted, devastatingly effective attack

Ryuk ransomware attacks are targeted to the most vulnerable, most likely to pay companies and are often paired with other malware such as TrickBot.

conference / convention / audience / applause / clapping

The CSO guide to top security conferences, 2021

Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you.

deepfakes fake news tv head manipulation superimposed brainwashed

How and why deepfake videos work — and what is at risk

Once the bailiwick of Hollywood special effects studios with multi-million-dollar budgets, now anyone can download deepfake software and use machine learning to make believable fake videos. This makes a lot of people nervous.

CSO > breakthrough / penetration testing / sledgehammer breaking through a binary wall

5 tips for a successful penetration testing program

Proper preparation is key to finding the real weaknesses and vulnerabilities in your network through a pentest. These are the five things you need to do before starting.

Security system alert, warning of a cyberattack.

The SolarWinds Senate hearing: 5 key takeaways for security admins

Testimony by key security executives in the US Senate reveal how unprepared most organizations are for supply chain attacks. Here are the lessons security admins should learn from it.

backdoor / abstract security circuits, locks and data blocks

5 questions CISOs should be able to answer about software supply chain attacks

The SolarWinds attack put a spotlight on the threats that compromised third-party software present organizations. Here are the top questions executive management, boards and partners are asking CISOs about their preparedness.

CSO  >  secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms

7 critical IT policies you should have in place

Putting a framework of IT policies that should be the foundation of every company's security plan.

cybersecurity boards

5 ways to grow the cybersecurity workforce in 2021

The cybersecurity workforce shortage and related skills gap stubbornly persists. Risks will continue to grow in 2021, so it’s vital that organization take action to grow their cybersecurity workforce. Here's five ways to attract...

A woman extends her hand in greeting / agreement / partnership / teamwork / hiring

4 ways COVID-19 has changed security hiring forever

One year in, the COVID-19 pandemic has had significant, and likely permanent, impacts on information security hiring. Here are the changes that experts say are here to stay.

cloud security lock

3 best practices to protect sensitive data in the cloud

Follow these three essential best practices to protect customer or proprietary data in cloud apps and infrastructure.

Lady Justice statue with scales, law books. [regulation / compliance / legal liability / fairness]

FISMA basics: What federal agencies and contractors need to know

FISMA, or the Federal Information Security Management Act, is a U.S. federal law passed in 2002 that seeks to establish guidelines and cybersecurity standards for government tech infrastructure, and in so doing protect government...

hacker / cryptocurrency attack

What is cryptojacking? How to prevent, detect, and recover from it

Criminals are using ransomware-like tactics and poisoned websites to get your employees’ computers to mine cryptocurrencies. Here’s what you can do to stop it.

Aspects of employment / communication / networking / partnership / collaboration / teams / hiring

8 new roles today’s security team needs

Demand for cybersecurity professionals remains sky-high. Make sure you're hiring for the right roles.

ransomware

5 reasons why the cost of ransomware attacks is rising

The ransom is still a tiny portion of the total cost of a ransomware attack, but associated costs are increasing.

Tech Spotlight   >   Cybersecurity [CSO]   >   Hands cradle an abstract, virtual security matrix.

Cybersecurity in 2021: Stopping the madness

The challenges are greater than ever. But security pros have learned a lot – and with luck, the right strategic defenses can help even the highest-value targets withstand severe attacks.

Tech Spotlight   >   Cybersecurity [CSO]   >   Hands gesture in conversation

4 ways to keep the cybersecurity conversation going after the crisis has passed

Executives and board members focus more on cybersecurity when there’s immediate danger. Here’s how CISOs can use a crisis like SolarWinds to translate security into business strategy.

gavel / abstract binary lines  >  court judgment / fine / penalty / settlement

The biggest data breach fines, penalties, and settlements so far

Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $1.3 billion and counting.

Load More