CSO | Security news, features and analysis about prevention, protection and business innovation.

CSO > breakthrough / penetration testing / sledgehammer breaking through a binary wall

InfoSec at Your Service

8 common pen testing mistakes and how to avoid them

Penetration testing is vital, but are you doing it right? Here are some common mistakes and advice on how to avoid them.

Michelle Drolet

Security Recruiter Directory

To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.

CSO staff

silver platter passwords exposed authentication hacked vulnerable security breach

Future Identity

4 authentication use cases: Which protocol to use?

Choosing the wrong authentication protocol could undermine security and limit future expansion. These are the recommended protocols for common use cases.

Susan Morrow

Cybersecurity > A mysterious and intricate padlock with complex circuits

What is cybersecurity? Definition, frameworks, jobs, and salaries

Cybersecurity is the practice of defending computers, networks, and data from malicious electronic attacks. Learn the skills, certifications and degrees you need to land a job in this challenging field.

Josh Fruhlinger

How to manage Windows 10 1903 and 1909 security updates

Your Windows update controls might be out of date if you haven't reviewed them since the 1803 update or earlier. Here are the new settings you need to know.

Susan Bradley

Tortoise-defense formation of the Spartans > warfare / war games / red team binary target / attack

Why BT's red team strikes for real

UK-based BT's red team conducts attacks on live systems without informing the rest of the business or the blue team defending it. BT Group CSO Les Anderson says this is key to the company's proactive approach to security.

Dan Swinhoe

IDG Contributor Network

Insider risk management – who’s the boss?

Where the buck should stop…why and why not.

Shawn M. Thompson

Good tech talent is still hard to find (how to bridge the gap)

Companies have big plans for digital transformation, but the lack of skilled IT talent remains an obstacle. Here’s how to cope.

Beth Stackpole

cloud security shield with checkmark / cloud / digital connections / cloud security expert / CASB

How to evaluate a CASB

All cloud access security brokers share core functionality, but they deliver it differently and they all have unique feature sets. Here's what you need to know before buying one.

David Strom

IDG Contributor Network

Insider threats: From McDonald’s Monopoly to today, how to address how little has changed

What have we learned this year? Insider threats haven’t changed much. Companies and people still focus on the bright, shiny new technologies or expected windfalls from major projects. Many ignore the governance, controls and processes...

Mitchell Parker

Popular Resources

View All

Cybersecurity awareness > A weary businessman holds hand to forehead at security training.

IT certifications and training center

Certifications show that you’re committed to your job, have specific skills and are willing to up your game. Check out our online training courses and guides to top certifications -- all part of your Insider Pro subscription.

Insider Pro staff

access management / access control / user connections / identities

Flex streamlines app access for 20k suppliers with IAM overhaul

Contract manufacturer Flex dumped its distributed identity and access management system for a more centralized, cloud-based option that better protects data and intellectual property.

Jaikumar Vijayan

A silhouette composed of a series of clocks > time / transition / impermanence

What it takes to be an interim CISO

Being an interim or virtual CISO (vCISO) comes with many of the same demands of permanent security leadership roles, but also has its own unique challenges and rewards.