Insider
Get exclusive access to premium articles, product guides, reviews, how-tos, and more from CIO, CSO, Computerworld, InfoWorld, ITworld, and Network World - the best enterprise tech publications in the business. Learn more!
GitHub’s Mike Hanley: Today’s CISOs have to be out talking to customers
As the CISO role expands beyond conventional expectations, what it takes to be successful in the role is also changing, with customer focus and having a deep understanding of business context at the center, says GitHub CSO Mike Hanley....
SolarWinds CISO: Know your adversary, what they want, watch everything
The compromise of SolarWinds' Orion software changed the company's approach to security. Tim Brown shares some hard-won advice for how CISOs and software vendors should prepare for supply chain attacks.
Facebook outage a prime example of insider threat by machine
A buggy automated audit tool and human error took Facebook offline for six hours. Key lesson for CISOs: Look for single points of failure and hedge your bets.
How to configure Microsoft Defender for cloud-based attacks
Malware delivered through cloud services such as OneDrive or SharePoint will try to disable and evade Defender. These simple settings will help prevent that.
How Adobe reduced compliance fatigue
With compliance putting undo strain on product teams, Adobe SVP and CSO Mark Adams and team built an automation platform. The effort paid off in scale, speed, and reduced risk and earned the software provider a CSO50 award for...
How disinformation creates insider threats
Employees who believe disinformation are more susceptible to social engineering and phishing campaigns, and attackers know it.
NIST's new devsecops guidance to aid transition to cloud-native apps
The NIST guidance dives into technical and procedural nuances associated with implementing devsecops with cloud-native applications and microservices architectures.
5 steps to security incident response planning
Most firms will experience a breach or vulnerability that exposes sensitive data. Minimizing impact on business and reputation depends on having a strong response plan before an incident happens.
10 essential skills and traits of ethical hackers
Learn just what it takes to snag this demanding and rewarding job.
Reddit’s Allison Miller builds trust through transparency
Miller joined the social media company in February 2021, assuming a range of responsibilities, from security and privacy to trust and safety, that reflect broadening of the CISO position itself—a role she summarizes as “keeping...
How deepfakes enhance social engineering and authentication threats, and what to do about it
Cybercriminals are investing in deepfake technology to make social engineering and authentication bypass campaigns more effective. Here are strategies for defending against the most notable deepfake cyberthreats.
10 top API security testing tools
Application programming interfaces have become a favorite target for attackers. These tools and platforms (both commercial and open source) will help identify errors, vulnerabilities, and excessive permissions.
How to mitigate the Microsoft Office zero-day attack
Follow this advice to block malicious Office files from doing harm to your network even if you've implemented Microsoft's recommended actions.
The new math of cybersecurity value
An increasing number of CISOs are devising a new set of metrics to show how they’re impacting risk at their organizations.
8 pitfalls that undermine security program success
Don’t let these easy-to-overlook mistakes trip up your security strategy.
CISOs’ 15 top strategic priorities for 2021
Mitigating third-party risk, baking security into the development process, defending against ransomware attacks, keeping pace with digital transformation efforts—these are just a few things that are top-of-mind for CISOs today.
7 tips for better CISO-CFO relationships
A successful CISO/CFO relationship will help ensure an organization has the right resources for its risk profile.
5 riskiest mobile apps
Unsanctioned applications on corporate mobile devices is a security headache. Here are the five types of apps CISOs never want to find on corporate mobile devices, with strategies for mitigating the risks they pose.
10 security tools all remote employees should have
Compromised employee personal devices and accounts can disrupt and possibly threaten business security. Getting these tools into their hands will help.
How to review password quality in Active Directory
Regular reviews of the effectiveness of user, admin, and service passwords stored in Active Directory is a good idea. Here's how one password review tool works.
Become An Insider
Sign up now and get FREE access to
hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content.
Learn more.
Most Popular
![Digital bugs amid binary code. [security threats / malware / breach / hack / attack]](https://images.idgesg.net/images/article/2020/09/digital_bugs_amid_binary_code_security_threats_malware_breach_hack_attack_by_whatawin_gettyimages-1188254819_2400x1600-100858616-medium.3x2.jpg?auto=webp&quality=85,70)
BrandPosts
Learn more-
Sponsored by Microsoft Security
-
Sponsored by Juniper Networks
-
Sponsored by Devo