7 best reasons to be a CISO

How harm reduction can more effectively reduce employee risky behavior

Network mistakes, misconfigurations cost companies millions

Advertisement

Tech Spotlight > Cloud [CSO] > Conceptual image of laptop users with cloud security overlay.

Five things security pros want from CNAPP

New research reveals what practitioners believe is most important for cloud security technology.

rocket launch startup cloud success growth badge

Security startups to watch for 2022

Security startups are often innovation leaders. These are some of the most interesting ones to watch as they tackle issues around cloud security, asset management and more.

DDOS attack

Google Cloud blocks largest HTTPS DDoS attack ever

Google says Cloud Armor protected a customer from a HTTPS DDoS attack that peaked at 46 million requests per second with links to the Mēris attack family.

Advertisement

two tiny figures study dashed lines with arrows indicating different directions or paths

NIST CSF 2.0 Workshop emphasizes global appeal, metrics and assessment

About 7,000 international workshop attendees heard discussions of NIST's plans for Cybersecurity Framework 2.0, which aims to offer more guidance on supply chain security, measurement, and implementation, among other topics.

Tech Spotlight > The Future of Work [CSO] > Laptop user with virtual security overlay.

New Deep Instinct partner program targets MSSPs fighting ransomware

Deep Instinct's Stratosphere program is indirectly aimed at small and medium-size businesses, which are increasingly turning toward MSSPs (managed security service providers).

CSO > IoT / Internet of Things, unencrypted/unsecured/vulnerable

Universal database of device vulnerability information launched

DeviceTotal's new repository includes security data for all devices on the market with the aim to better mitigate vulnerabilities.

p1200740

Google updates Chronicle with enhanced threat detection

Google Cloud’s Chronicle will now offer curated threat detection as part of its analytics initiative in the Chronicle SecOps suite.

Zero-trust

What is zk-SNARK?

An intro to the most popular zero-knowledge protocol

ransomware

Ransomware safeguards for small- to medium-sized businesses

Following these 40 safeguards from the Institute for Security and Technology will help protect SMBs from ransomware and other malware attacks.

Industry 4.0 / Industrial IoT / Smart Factory / robotics / automation

"Evil PLC Attack" weaponizes PLCs to infect engineering workstations

Researchers demonstrate a proof of concept where hijacked programmable logic controllers can compromise engineering workstations to allow lateral movement.

Advertisement

cso security hacker breach privacy ransomware malware attack gettyimages 1216075693 by towfiqu aham

Safe Security debuts two free risk assessment tools for businesses

Organizations can gauge their cybersecurity risk factors by using Safe Security’s new online calculators.

water infrastructure / wastewater treatment facility / sewage treatment plant

Exposed VNC instances threatens critical infrastructure as attacks spike

Threats surrounding Virtual Network Computing laid bare as attacks targeting critical infrastructure increase.

Developers work together to review lines of code in an office workspace.

Vulnerability eXploitability Exchange explained: How VEX makes SBOMs actionable

VEX adds context to software vulnerabilities to better inform risk assessment decisions.

gavel / abstract binary lines > court judgment / fine / penalty / settlement

The 12 biggest data breach fines, penalties, and settlements so far

Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $4.2 billion and counting.

A binary map of china.

3 ways China's access to TikTok data is a security risk

The security community weighs in on real-world scenarios in which China or other nations could operationalize data collected by online platforms and how to mitigate the risk.

From Our Advertisers