Advertisement

Cloud security threats  >  Lightning strikes a digital landscape via binary clouds.

11 top cloud security threats

More data and applications are moving to the cloud, which creates unique infosecurity challenges. Here are the "Treacherous 12," the top security threats organizations face when using cloud services.


budget piggy bank spending savings security spending

Security spending up, but adoption of cutting-edge tools is slow

While security budgets are expected to increase over the next year, it’s not clear that spending is aimed at the right problems or that IT is up-to-date on the latest security practices. (Download our research report.)


Recruiter attracts leads  >  Using a horseshoe magnet on a group of figurines.

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.


Advertisement

Cybersecurity awareness  >  A weary businessman holds hand to forehead at security training.

5 reasons users hate cybersecurity awareness training, and how to make them love it

If you want your security awareness training program to be effective, address these common user complaints.


Cybersecurity awareness  >  A man with a binary blindfold finds his way through question marks.
Cybersecurity Snippets

3 actions to take during cybersecurity awareness month

Based on recent research, improving cybersecurity awareness among business executives, CIOs, and, yes, infosec professionals should be a goal for any organization.


security risk - phishing / malware / social engineering

Critical remote code execution flaw fixed in popular terminal app for macOS

Users of the iTerm2 terminal app are encouraged to update as soon as possible.


Maersk container ship / shipping containers / abstract data

Rebuilding after NotPetya: How Maersk moved forward

In the wake of NotPetya attacks, Maersk’s IT and security teams embraced transparency, greater collaboration with business, and a risk-based approach.


VPN security vulnerabilities  >  VPN alert / warning / network servers

6 known RCE vulnerabilities in enterprise VPNs and how to minimize the risk

Enterprise VPNs might not always be as safe as you think. Be aware of these RCE vulnerabilities in popular enterprise VPN solutions.


Industry 4.0 / Industrial IoT / Engineer reviews virtual interface for robotics.

5 OT security takeaways CISOs need to communicate to stakeholders

Operational technology security requires a different approach than IT security. Here are key takeaways CSOs need to communicate to other executives and boards of directors.


conference / convention / audience / applause / clapping

Speaker disinvites at CyberCon spark controversy

NSA whistleblower Thomas Drake and Australian academic Dr. Suelette Dreyfus disinvited from speaking at CyberCon a week before the conference.


Advertisement

detection radar computer bug threats identify breach  by the lightwriter kao studio getty
IDG Contributor Network

Autonomy and the death of CVEs?

Is the manual process of reporting bugs holding back the advent of automated tools?


train tracks converge / rails switch / paths merge / convergence / directory traversals

Directory traversal explained: Definition, examples and prevention

In a path traversal attack, also known as directory traversal, an attacker enters information in a web form, URL address line, or another input method that gives them access to a file or directory that they shouldn't have access to....


5G mobile wireless network technology

7 ways 5G mobile networks will change IoT security, and how to prepare

Every internet of things security issue will be greatly magnified in a 5G environment. Address these seven areas before you deploy your own.


open door with sunlight shining through

Justice Department takes another run at encryption backdoors with ‘lawful access’

Law enforcement officials and experts on the distribution of child pornography gathered on Friday to make the emotional, if not technological, case that tech companies should open up their encryption schemes to police investigating...


android anti virus security

Zero-day vulnerability gives attackers full control of Android phones

Attackers are reportedly exploiting an unpatched vulnerability to take control of Android devices and potentially deliver spyware. The flaw affects phones models from multiple manufacturers including Google, Samsung, Huawei, LG and...