Insider

Get exclusive access to premium articles, product guides, reviews, how-tos, and more from CIO, CSO, Computerworld, InfoWorld, ITworld, and Network World - the best enterprise tech publications in the business. Learn more!

iPhone security
Conceptual image of a network labeled 'Zero Trust.'

Aspects of employment / communication / networking / partnership / collaboration / teams / hiring

The state of security hiring: Jobs, skills, and salaries

We look at the trends in cybersecurity hiring today, including the most in-demand jobs and skills and the hottest markets—and what it will take to attract and retain top talent.

A vault door security mechanism with abstract circuits. / increase security / harden against attacks

Best Mitre D3FEND advice to harden Windows networks

Mitre's recently released D3FEND matrix offers sound guidance for any security admin or CISO looking to harden a Windows network against attack.

A lost businessman wanders amid conflicting directional signs through the fog.

8 biases that will kill your security program

CISOs and their security teams often hold cognitive biases that get in the way of making the right risk management and incident response decisions. Here are eight of the most common to avoid.

data analytics / risk assessment / tracking data or trends

Move over XDR, it's time for security observability, prioritization, and validation (SOPV)

Independent tools and data repositories are coming together for better threat management, impacting organizations, security professionals, and the industry. We need to take the same approach to security hygiene and posture management....

vulnerable breach cyberattack hacker

Securing CI/CD pipelines: 6 best practices

Criminals are exploiting vulnerabilities in continuous integration/continuous delivery pipelines to steal sensitive information, mine cryptocurrencies, and deliver malicious code.

Windows security and protection [Windows logo/locks]

How to check for Active Directory Certificate Services misconfigurations

Recently discovered Microsoft Windows AD CS configuration errors could give attackers account and domain control. Here's how to audit AD CS for vulnerable configurations.

Ransomware  >  An encrypted system, held ransom with lock + chain, displays a dollar sign.

How to control ransomware? International cooperation, disrupting payments are key, experts say

Anti-ransomware acts or regulations will require global cooperation, experts say. In the meantime, ransomware victims should cooperate quickly and fully with authorities.

typewriter are you ready prepare contingency disaster recovery

Tabletop exercises: Six sample scenarios

Tabletop exercises are a low-stress, high-impact way to test your plans for handling a crisis. Here are some tips for getting the most out of the process, plus six scenarios you can use to start your journey.

CSO  >  Botnet  >  Robots amid a blue binary matrix

Botnet attacks on APIs: Why most companies are unprepared

The use of botnets to target applications for illegal and unethical purposes is growing, yet implementation of bot detection tools and best practices lags.

healthcare data breach / medical patient privacy security violation

5 biggest healthcare security threats for 2021

Healthcare organizations can expect ransomware, botnets, cloud misconfigurations, web application attacks, and phishing to be their top risks.

A hook is cast at laptop email with fishing lures amid abstract data.
Tip

4 steps to prevent spear phishing

Your users are in the crosshairs of the best attackers out there. Follow these steps to better protect them.

Tech Spotlight   >   Cloud [CSO]   >   Conceptual image of laptop users with cloud security overlay.

AWS, Google Cloud, and Azure: How their security features compare

Each cloud platform differs in the security tools and features it offers customers to help them protect their cloud assets.

keeping the cloud secure cloud security lock padlock private cloud

The shared responsibility model explained and what it means for cloud security

The shared responsibility model (SRM) delineates what you, the cloud customer is responsible for, and what your cloud service provider is responsible for.

Microsoft Windows security  >  Windows laptop + logo with binary lock and key

6 minimum security practices to implement before working on best practices

Every Windows network admin can improve their security posture by focusing on these six basic areas.

CSO > Invalidated cyber insurance

17 cyber insurance application questions you'll need to answer

Recent high-profile security incidents have tightened requirements to qualify for cyber insurance. These are the tougher questions insurance carriers are now asking.

Social engineering / social media security / privacy breach / fraud

How cybercriminals turn ‘harmless’ stolen or leaked data into dollars

By merging data from multiple sources, cybercriminals can build profiles of hacked account owners to enable other attacks or increase the effectiveness of social engineering campaigns.

malware attack

6 most common types of software supply chain attacks explained

Not all software supply chain attacks are the same. Here are the methods attackers currently use to corrupt legitimate software through third parties.

vulnerable breach cyberattack hacker

How API attacks work, and how to identify and prevent them

Attackers know how to get around WAFs and API gateways when targeting APIs. Here's how some companies are coping with the rapid increase in API attacks.

Load More

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.