Insider

Get exclusive access to premium articles, product guides, reviews, how-tos, and more from CIO, CSO, Computerworld, InfoWorld, ITworld, and Network World - the best enterprise tech publications in the business. Learn more!

CSO > secure mergers + acquisitions / floating puzzles pieces / abstract security mechanisms
Feature

Top cybersecurity M&A deals for 2021

Multifactor authentication > Mobile phone verification of a permission request for laptop login.
Feature

Hacking 2FA: 5 basic attack methods explained

CSO > Invalidated cyber insurance
Feature

17 cyber insurance application questions you'll need to answer

Recent high-profile security incidents have tightened requirements to qualify for cyber insurance. These are the tougher questions insurance carriers are now asking.

Social engineering / social media security / privacy breach / fraud
Feature

How cybercriminals turn ‘harmless’ stolen or leaked data into dollars

By merging data from multiple sources, cybercriminals can build profiles of hacked account owners to enable other attacks or increase the effectiveness of social engineering campaigns.

light string in a jar at sunset / lightbulbs / ideas / innovation / brainstorming
Opinion

Defining linchpins: An industry perspective on remediating Sunburst

The concept of linchpin software can be useful in assessing risk and focusing security efforts, but it comes with challenges.

malware attack
Feature

6 most common types of software supply chain attacks explained

Not all software supply chain attacks are the same. Here are the methods attackers currently use to corrupt legitimate software through third parties.

secure system / network security policy management
How-To

How to prepare for the demise of Windows NT LAN Manager

NTLM is a less secure protocol for authenticating Windows network access. Follow these steps to begin migration off it or to limit its use.

Detecting phishing attempts > A magnifying lens spots a hook trying to catch a fish.
Feature

5 best practices for conducting ethical and effective phishing tests

Phishing tests have become a popular feature of cybersecurity training programs, but they should follow ethical frameworks to ensure they don’t do more harm than good.

teamwork / developers / programmers / collaboration / group conversation, discussion, gesturing
Feature

Tailor security training to developers to tackle software supply chain risks

Software developers need specialized security awareness training to help them spot supply chain risk and avoid being victimized by attackers.

An anonymous hooded figure surrounded by an abstract network of connections and data.
Feature

The 10 most dangerous cyber threat actors

These are the most notorious global cybercriminal and state-sponsored groups according to security researchers.

vulnerable breach cyberattack hacker
Feature

How API attacks work, and how to identify and prevent them

Attackers know how to get around WAFs and API gateways when targeting APIs. Here's how some companies are coping with the rapid increase in API attacks.

Tech Spotlight > Cybersecurity [CSO] > Hands gesture in conversation
Feature

8 things CISOs should be thinking about, but probably aren't

CISOs need to cover all the security bases. The problem is, some of the bases are easy to overlook.

cloud security expert casb binary cloud computing cloud security by metamorworks getty 100803072 or
Feature

What cloud providers can and can't do to protect your data

Moving data to the cloud requires a sense of shared responsibility for security. Here's how cloud providers protect your data and what you still must do yourself.

DDOS attack
Feature

DDoS attacks: Stronger than ever and increasingly used for extortion

Low cost and ease of execution drive a resurgence in distributed denial of service attacks as criminals profit from extorting victims.

SD-WAN > The concept of a visual transition from hardware cables to software code.
Opinion

5 things CISOs want to hear about SASE at the RSA Conference

Organizations are planning for secure access service edge (SASE) but have questions on how to get from their current state to converged, cloud-delivered networking and security. They’ll be looking for answers at RSA.

8 getting breached is bad for business
Feature

Minimizing damage from a data breach: A checklist

How you respond to a data breach and the amount of damage it causes depends on how well prepared you are. Have you done everything on this list?

questions to ask a vendor curious hand with question mark tablet ipad by stevanovicigor getty
Feature

What CISOs really want from security vendors

Less risk? Better security? Value for dollars spent? Check, check, and check. But of all the things CISOs want from security vendors, trusted partnership tops the list. Here's how leading CISOs find and foster those relationships.

A virtual sphere of photos of individuals appears against a cityscape.
Feature

3 steps to smarter cybersecurity hiring and team building

Amid the global cybersecurity skills shortage, organizations and security leaders must shift their hiring and team development approach to have fewer barriers, be more diverse, and take the long view.

Ransomware > A masked criminal ransoms data for payment.
How-To

How malicious Office files and abused Windows privileges enable ransomware

Ransomware groups most often gain entry to Windows networks through malicious Office documents and then move laterally by abusing Windows privileges. Here's how to defend against both.

Conceptual image of three figures running toward a goal, along trend lines drawn by a large hand.
Feature

5 key qualities of successful CISOs, and how to develop them

CISOs today need significantly different skillsets to cybersecurity leaders of the past as they become more critical to business success.

Load More