Advertisement
Must Read
11 top cloud security threats
More data and applications are moving to the cloud, which creates unique infosecurity challenges. Here are the "Treacherous 12," the top security threats organizations face when using cloud services.
Security spending up, but adoption of cutting-edge tools is slow
While security budgets are expected to increase over the next year, it’s not clear that spending is aimed at the right problems or that IT is up-to-date on the latest security practices. (Download our research report.)
Security Recruiter Directory
To find the right security job or hire the right candidate, you first need to find the right recruiter. CSO's security recruiter directory is your one-stop shop.
Advertisement
5 reasons users hate cybersecurity awareness training, and how to make them love it
If you want your security awareness training program to be effective, address these common user complaints.
Cybersecurity Snippets
3 actions to take during cybersecurity awareness month
Based on recent research, improving cybersecurity awareness among business executives, CIOs, and, yes, infosec professionals should be a goal for any organization.
Critical remote code execution flaw fixed in popular terminal app for macOS
Users of the iTerm2 terminal app are encouraged to update as soon as possible.
Rebuilding after NotPetya: How Maersk moved forward
In the wake of NotPetya attacks, Maersk’s IT and security teams embraced transparency, greater collaboration with business, and a risk-based approach.
6 known RCE vulnerabilities in enterprise VPNs and how to minimize the risk
Enterprise VPNs might not always be as safe as you think. Be aware of these RCE vulnerabilities in popular enterprise VPN solutions.
5 OT security takeaways CISOs need to communicate to stakeholders
Operational technology security requires a different approach than IT security. Here are key takeaways CSOs need to communicate to other executives and boards of directors.
Speaker disinvites at CyberCon spark controversy
NSA whistleblower Thomas Drake and Australian academic Dr. Suelette Dreyfus disinvited from speaking at CyberCon a week before the conference.
Advertisement
IDG Contributor Network
Autonomy and the death of CVEs?
Is the manual process of reporting bugs holding back the advent of automated tools?
Directory traversal explained: Definition, examples and prevention
In a path traversal attack, also known as directory traversal, an attacker enters information in a web form, URL address line, or another input method that gives them access to a file or directory that they shouldn't have access to....
7 ways 5G mobile networks will change IoT security, and how to prepare
Every internet of things security issue will be greatly magnified in a 5G environment. Address these seven areas before you deploy your own.
Justice Department takes another run at encryption backdoors with ‘lawful access’
Law enforcement officials and experts on the distribution of child pornography gathered on Friday to make the emotional, if not technological, case that tech companies should open up their encryption schemes to police investigating...
Zero-day vulnerability gives attackers full control of Android phones
Attackers are reportedly exploiting an unpatched vulnerability to take control of Android devices and potentially deliver spyware. The flaw affects phones models from multiple manufacturers including Google, Samsung, Huawei, LG and...
From Our Advertisers
-
Featured Sponsor HPEHow Hybrid Cloud Simplifies Data Sovereignty Challenges -
Sponsored by Hewlett Packard EnterpriseThe Cost-Squeezing Effect of Hybrid Cloud Economics -
Sponsored by Hewlett Packard EnterprisePay-As-You-Go Infrastructure for Your Hosted Datacenter: Introducing HPE -
Sponsored by BarracudaThreat Spotlight: Lateral Phishing