Insider

Get exclusive access to premium articles, product guides, reviews, how-tos, and more from CIO, CSO, Computerworld, InfoWorld, ITworld, and Network World - the best enterprise tech publications in the business. Learn more!

mike hanley github cso

GitHub’s Mike Hanley: Today’s CISOs have to be out talking to customers

As the CISO role expands beyond conventional expectations, what it takes to be successful in the role is also changing, with customer focus and having a deep understanding of business context at the center, says GitHub CSO Mike Hanley....

timbrown solarwinds ciso 3x2

SolarWinds CISO: Know your adversary, what they want, watch everything

The compromise of SolarWinds' Orion software changed the company's approach to security. Tim Brown shares some hard-won advice for how CISOs and software vendors should prepare for supply chain attacks.

please stand by problem technical difficulties tv mistake test screen by filo getty

Facebook outage a prime example of insider threat by machine

A buggy automated audit tool and human error took Facebook offline for six hours. Key lesson for CISOs: Look for single points of failure and hedge your bets.

Antivirus / virus alert / warning / security threats / protection from attack

How to configure Microsoft Defender for cloud-based attacks

Malware delivered through cloud services such as OneDrive or SharePoint will try to disable and evade Defender. These simple settings will help prevent that.

mark adams adobe cso headshot

How Adobe reduced compliance fatigue

With compliance putting undo strain on product teams, Adobe SVP and CSO Mark Adams and team built an automation platform. The effort paid off in scale, speed, and reduced risk and earned the software provider a CSO50 award for...

Insider threats  >  Employees suspiciously peering over cubicle walls

How disinformation creates insider threats

Employees who believe disinformation are more susceptible to social engineering and phishing campaigns, and attackers know it.

noops code developer devops html web developer by mazimusnd getty

NIST's new devsecops guidance to aid transition to cloud-native apps

The NIST guidance dives into technical and procedural nuances associated with implementing devsecops with cloud-native applications and microservices architectures.

cyber attack alert / data breach

5 steps to security incident response planning

Most firms will experience a breach or vulnerability that exposes sensitive data. Minimizing impact on business and reputation depends on having a strong response plan before an incident happens.

CSO > breakthrough / penetration testing / hammer breaking binary glass

10 essential skills and traits of ethical hackers

Learn just what it takes to snag this demanding and rewarding job.

Allison Miller, CISO and vice president of trust, Reddit

Reddit’s Allison Miller builds trust through transparency

Miller joined the social media company in February 2021, assuming a range of responsibilities, from security and privacy to trust and safety, that reflect broadening of the CISO position itself—a role she summarizes as “keeping...

A binary mask.

How deepfakes enhance social engineering and authentication threats, and what to do about it

Cybercriminals are investing in deepfake technology to make social engineering and authentication bypass campaigns more effective. Here are strategies for defending against the most notable deepfake cyberthreats.

programmer developer devops apps developer code hacker dark secrets by peopleimages getty

10 top API security testing tools

Application programming interfaces have become a favorite target for attackers. These tools and platforms (both commercial and open source) will help identify errors, vulnerabilities, and excessive permissions.

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

How to mitigate the Microsoft Office zero-day attack

Follow this advice to block malicious Office files from doing harm to your network even if you've implemented Microsoft's recommended actions.

One person uses a calculator while another reviews financial data.

The new math of cybersecurity value

An increasing number of CISOs are devising a new set of metrics to show how they’re impacting risk at their organizations.

banana peel slip accident mistake fall by rapideye getty

8 pitfalls that undermine security program success

Don’t let these easy-to-overlook mistakes trip up your security strategy.

high priority gauge

CISOs’ 15 top strategic priorities for 2021

Mitigating third-party risk, baking security into the development process, defending against ransomware attacks, keeping pace with digital transformation efforts—these are just a few things that are top-of-mind for CISOs today.

Two business people connecting and solving a puzzle.

7 tips for better CISO-CFO relationships

A successful CISO/CFO relationship will help ensure an organization has the right resources for its risk profile.

mobile security login password

5 riskiest mobile apps

Unsanctioned applications on corporate mobile devices is a security headache. Here are the five types of apps CISOs never want to find on corporate mobile devices, with strategies for mitigating the risks they pose.

iPhone security

10 security tools all remote employees should have

Compromised employee personal devices and accounts can disrupt and possibly threaten business security. Getting these tools into their hands will help.

A large 'X' marks a conceptual image of a password amid hexadecimal code.

How to review password quality in Active Directory

Regular reviews of the effectiveness of user, admin, and service passwords stored in Active Directory is a good idea. Here's how one password review tool works.

Load More

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.