Insider

Get exclusive access to premium articles, product guides, reviews, how-tos, and more from CIO, CSO, Computerworld, InfoWorld, ITworld, and Network World - the best enterprise tech publications in the business. Learn more!

CSO > global security

5 tips for globalizing security awareness training

Global organizations face particular cultural and linguistic challenges when it comes to awareness training. Here's how 2 companies met that challenge and what you can learn from their experience.

CSO > Password elimination [conceptual password security lock in a trash bin]

How First Citrus Bank got rid of employee passwords

The Florida bank rolled out passwordless authentication in February that relies on device biometrics of their smartphones.

CSO > Phishing attacks that bypass two-factor authentication

Phishing attacks that bypass 2-factor authentication are now easier to execute

Researchers released two tools--Muraen and NecroBrowser--that automate phishing attacks that can bypass 2FA. Most defenses won't stop them.

computer crime scene / hacked / infected / cybercrime / cyberattack

Why businesses don’t report cybercrimes to law enforcement

Law enforcement agencies estimate the number of cybercrimes that go unreported by businesses number in the millions. Here why and when you should report breaches and other cyber attacks.

compliance / control / constraints

5 ways compliance hurts security

The tasks of meeting regulatory requirements and providing true security that actually mitigates risk do not align. Here's how focusing exclusively on compliance can undermine security.

CSO  >  malware / security threat / skull and crossbones on a user's screens

4 tips for getting the most from threat intelligence

It’s easy to gather data on potential threats, but you have to know what to do with that intelligence if you want to improve your security stance.

hackathon students code programmer devops certification by rawpixel unsplash

28 DevSecOps tools for baking security into the development process

Catch and remediate application vulnerabilities earlier and help integrate security in the the development process with these five categories of DevSecOps tools.

Meltdown / Spectre / security vulnerabilities

How to update your Spectre, Meltdown mitigations for the Retpoline mitigation

Intel recently released a new mitigation for Spectre and Meltdown and some of their variants. Called Retpoline, it might not be enabled with the Windows 10 1809 update. Here's how to find out and implement.

Let's Encrypt automated encryption gears

How to automate Let’s Encrypt certificate authority in AWS using PowerShell

You can still automate Let's Encrypt even if your system requires a DNS challenge. Using these PowerShell scripts and Amazon Web Services' DNS service Route 53 will do the trick.

FireMon network security policy management

Review: FireMon clears the clutter for network security policy management

A pioneer in the field of network security policy management, FireMon provides full visibility into networks and devices, and overlays that knowledge with the rules, platforms, hardware and programs designed to protect it.

Asset-recovery team pulls dollar sign back from over the edge of a cliff; hacker/keyboard background

Act fast to recover assets after cyber fraud

Here's what companies can do to recover lost assets in the wake of a data theft or a BEC scam.

man with umbrella in lightning storm risk danger caution storm

How to establish your business’s risk tolerance

Knowing your business risk appetite allows you to align security efforts to the business needs, prioritizing resources and spending on those areas where organizational leaders have the least appetite for risk. Here's how to do it.

file sharing / data sync / shared records / eliminating redundancy of multiple identities

Can the re-use of identity data be a silver bullet for industry?

The ability to re-use identity data for individuals across different systems would greatly simplify authentication. Here's what it would take to make it happen.

security firewall breach hacker privacy battle id work getty

How to spot a scam: 14 red flags to watch for

Does your security awareness training program help your employees learn when someone is trying to scam them?

windows 7 logo on mirrors man with derby hat on dock

How to isolate a Windows 7 machine from your network

If you have a business reason to keep a Windows 7 system active past its 2020 end-of-life date, here's how to keep it from being a security liability on your network.

An engineer reviews strategy framework data.

How to implement and use the MITRE ATT&CK framework

The MITRE ATT&CK framework is a popular template for building detection and response programs. Here's what you'll find in its knowledgebase and how you can apply it to your environment.

network security / network traffic scanning connected devices

Review: How Awake Security uncovers malicious intent

This advanced network traffic monitoring platform identifies hidden threats and those that don’t use traditional malware, making it extremely powerful and useful in today’s threat environment.

CSO  >  secure mergers + acquisitions / handshake offer / extended hand / security shield / circuits

Why security needs to be involved early during mergers and acquisitions

M&A security can often be overlooked during deal making, leading to potential incidents down the line. Here's how UK newspaper Racing Post dealt with three acquisitions in three years, each with its own security requirements.

CSO > collaboration / teamwork / empathy

How Microsoft builds empathy between its security and development teams

Ongoing cross-training, threat information sharing, executive support and a strong threat modeling infrastructure helps the company's security and development staff work collaboratively.

CSO > Invalidated cyber insurance

Does your cyber insurance cover social engineering? Read the fine print

Some cyber insurance policies will pay only a small fraction of damages if an attacker used social engineering. Here's how to estimate the risk.

Load More

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.