Insider
Get exclusive access to premium articles, product guides, reviews, how-tos, and more from CIO, CSO, Computerworld, InfoWorld, ITworld, and Network World - the best enterprise tech publications in the business. Learn more!
Why are people so bad at risk assessment? Blame the brain
Stakeholders and CISOs tend to have different perspectives on estimating the risk of a potential cybersecurity incident. Understanding the psychological aspects can help bridge the gap.
GitHub’s Mike Hanley: Today’s CISOs have to be out talking to customers
As the CISO role expands beyond conventional expectations, what it takes to be successful in the role is also changing, with customer focus and having a deep understanding of business context at the center, says GitHub CSO Mike Hanley....
SolarWinds CISO: Know your adversary, what they want, watch everything
The compromise of SolarWinds' Orion software changed the company's approach to security. Tim Brown shares some hard-won advice for how CISOs and software vendors should prepare for supply chain attacks.
Facebook outage a prime example of insider threat by machine
A buggy automated audit tool and human error took Facebook offline for six hours. Key lesson for CISOs: Look for single points of failure and hedge your bets.
How to configure Microsoft Defender for cloud-based attacks
Malware delivered through cloud services such as OneDrive or SharePoint will try to disable and evade Defender. These simple settings will help prevent that.
How software reliability can help drive software security
Adopting both devsecops and site reliability engineering concepts increases software availability and security by improving stability and shortening time to implement fixes.
How Adobe reduced compliance fatigue
With compliance putting undo strain on product teams, Adobe SVP and CSO Mark Adams and team built an automation platform. The effort paid off in scale, speed, and reduced risk and earned the software provider a CSO50 award for...
Conti ransomware explained: What you need to know about this aggressive criminal group
The Conti ransomware group is less likely to help victims restore encrypted files and more likely to leak exfiltrated data.
How disinformation creates insider threats
Employees who believe disinformation are more susceptible to social engineering and phishing campaigns, and attackers know it.
NIST's new devsecops guidance to aid transition to cloud-native apps
The NIST guidance dives into technical and procedural nuances associated with implementing devsecops with cloud-native applications and microservices architectures.
5 steps to security incident response planning
Most firms will experience a breach or vulnerability that exposes sensitive data. Minimizing impact on business and reputation depends on having a strong response plan before an incident happens.
10 essential skills and traits of ethical hackers
Learn just what it takes to snag this demanding and rewarding job.
Reddit’s Allison Miller builds trust through transparency
Miller joined the social media company in February 2021, assuming a range of responsibilities, from security and privacy to trust and safety, that reflect broadening of the CISO position itself—a role she summarizes as “keeping...
How deepfakes enhance social engineering and authentication threats, and what to do about it
Cybercriminals are investing in deepfake technology to make social engineering and authentication bypass campaigns more effective. Here are strategies for defending against the most notable deepfake cyberthreats.
10 top API security testing tools
Application programming interfaces have become a favorite target for attackers. These tools and platforms (both commercial and open source) will help identify errors, vulnerabilities, and excessive permissions.
How to mitigate the Microsoft Office zero-day attack
Follow this advice to block malicious Office files from doing harm to your network even if you've implemented Microsoft's recommended actions.
The new math of cybersecurity value
An increasing number of CISOs are devising a new set of metrics to show how they’re impacting risk at their organizations.
8 pitfalls that undermine security program success
Don’t let these easy-to-overlook mistakes trip up your security strategy.
The 10 most powerful cybersecurity companies
What makes these 10 security vendors the biggest power players? We break it down.
CISOs’ 15 top strategic priorities for 2021
Mitigating third-party risk, baking security into the development process, defending against ransomware attacks, keeping pace with digital transformation efforts—these are just a few things that are top-of-mind for CISOs today.
Become An Insider
Sign up now and get FREE access to
hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content.
Learn more.
BrandPosts
Learn more-
Sponsored by CrowdStrike
-
Sponsored by Netscout
-
Sponsored by Fortinet