news analysisDHS unveils one common platform for reporting cyber incidentsAhead of CISA cyber incident reporting regulations, DHS issued a report on harmonizing 52 cyber incident reporting requirements, presenting a model common reporting platform that could encompass them all.By Cynthia BrumfieldSep 25, 202310 minsRegulationRegulationRegulation feature Top cybersecurity M&A deals for 2023By CSO StaffSep 22, 202324 minsMergers and AcquisitionsData and Information SecurityIT LeadershipbrandpostSponsored by TXOne Networks Proactive OT security requires visibility + preventionSep 21, 20234 minsSecurity featureThe biggest data breach fines, penalties, and settlements so farBy Michael Hill Sep 18, 202314 minsData BreachSecurity newsNew CISO appointments 2023By CSO Staff Sep 15, 202322 minsCSO and CISOCareersSecurity brandpostSponsored by Microsoft Security5 cyber hygiene strategies to help prevent cyber attacks By Microsoft Security Sep 14, 20236 minsSecurity brandpostSponsored by CiscoPartnering up on XDR: A rising tide lifts all security teamsBy Pete Bartolik Sep 13, 20234 minsSecurity brandpostSponsored by CyberArkOperationalizing identity security in the public cloudBy Paddy Viswanathan Sep 12, 20237 minsSecurity brandpostSponsored by CyberArkThe 7 types of non-human identities to secureBy Kristen Bickerstaff Sep 12, 20238 minsSecurity ArticlesbrandpostSponsored by SophosStressed Out and Overwhelmed, SecOps Teams Struggle to Keep UpBad actors are always finding new techniques. And security tools are always finding new alerts. How can SecOps stay out in front with so much noise? Aug 28, 2023 3 minsSecuritybrandpostSponsored by Microsoft SecurityCyberthreats are taking center fieldSports organizers, regional host facilities, and even event attendees face a heightened degree of cyber risk due to increasingly connected environments. Securing these environments is a top priority today.By Microsoft Security Aug 28, 2023 SecurityopinionHacking the future: Notes from DEF CON's Generative Red Team ChallengeA challenge at the DEF CON hacker convention in Las Vegas was billed as the first instance of a live event tackling a generative AI system. By Christopher Burgess Aug 28, 2023 5 minsHackingGenerative AISecuritybrandpostSponsored by CiscoInsights from a CISO Survival GuideCisco's CISO Survival Guide set out to uncover how modern enterprises should be secured given the uniquely evolving challenges of Identity management, data protection, software supply chain integrity, and ongoing cloud migration—all in the face of Generative AI-induced disruption.By Pete Bartolik Aug 24, 2023 4 minsSecuritybrandpostSponsored by FortinetWebshells: Why an old tactic is still relevantBy Aamir Lakhani, Global Security Strategist and Researcher, Fortinet Aug 24, 2023 6 minsSecuritybrandpostSponsored by CiscoNavigating the AI frontier: cybercrime's evolution and defense strategiesThis article focuses on the dual effects of AI on cybercrime and its implications for defense.By Dr. Giannis Tziakouris, Senior Incident Responder at Cisco Talos Intelligence Group Aug 23, 2023 4 minsSecuritybrandpostSponsored by CiscoAdapting tools & tactics to fight modern ransomwareMany backup solutions rely on snapshots taken every 24 hours, but that leaves a substantial amount of data at risk in the event of an attack. That's where extended detection and response (XDR) comes in.By Pete Bartolik Aug 22, 2023 4 minsSecurityopinionAre you prepared for the rise of the artificial intelligence CISO?It’s inevitable that AI systems will be tasked with more and more cybersecurity responsibilities. It is time to start thinking about how the roles of human CISOs and AI will evolve.By Christopher Whyte Aug 21, 2023 13 minsCSO and CISOGenerative AISecurity PracticesfeatureTasks that bog down security teams (and what to do about them)Budgetary and staffing issues are putting pressure on CISOs and other security leaders. Here are 10 tasks that typically bog cyber teams down and what some security chiefs did to solve the problems. By Mary K. Pratt Aug 21, 2023 13 minsCSO and CISOHuman ResourcesBusiness IT AlignmentbrandpostSponsored by SophosPrevention First: Don’t Neglect Endpoint SecurityAmong talk of newer and buzzier technologies like MDR and XDR, security experts say it is still essential to lock down the endpoint first. Aug 18, 2023 3 minsSecuritybrandpostSponsored by Microsoft SecurityFrom reactive to proactive: The next evolution of threat intelligenceWhat is CTI (cyber threat intelligence)? More importantly, how can your organization take a more preemptive position in the current threat landscape?By Jason Harrison, Director of Specialist Management, Microsoft Security Aug 18, 2023 4 minsSecuritybrandpostSponsored by TXOne NetworksWhat would an OT cyberattack really cost your organization? Attackers are growing more imaginative, and OT systems are both target- and vulnerability-rich. Join the discussion today. Aug 15, 2023 6 minsSecurity Show more Show less View all Upcoming Events02/Oct-04/Oct awards CSO50 Conference + AwardsOct 02, 2023Phoenix, AZ CSO and CISOCybercrimeSecurity 07/Dec virtual summit CSO's Future of Cybersecurity SummitDec 07, 2023Virtual CSO and CISOCyberattacksSecurity View all events Resources whitepaper How JLL gained visibility into nearly 100k endpoints with Tanium With many employees working remotely, often without a VPN, this real-estate services firm needed an accurate and complete way to determine which endpoints needed patching - fast! They leveraged Tanium to achieve this The post How JLL gained visibility into nearly 100k endpoints with Tanium appeared first on Whitepaper Repository. By Tanium Inc 19 Sep 2023Business OperationsData and Information SecuritySecurity whitepaper Combating Ransomware with the Zerto Cyber Resilience Vault By American Digital and Hewlett Packard Enterprise 19 Sep 2023CyberattacksData and Information SecuritySecurity whitepaper ESG Report: The Long Road Ahead to Ransomware Preparedness By Cohesity 18 Sep 2023Browser SecurityNetwork SecuritySecurity View all Podcasts podcastsStrengthen and Streamline Your SecurityThis podcast series brought to you by Microsoft and IDG, will explore the core components of a modern security strategy, with insights and tips from leading security experts. We'll discuss how ongoing and ever-changing threats, a growing security stack, and a shift to remote work make it difficult for CISOs and their security teams to balance enterprise-grade security with end-user productivity.4 episodesData and Information Security Ep. 03 Episode 3: The Zero Trust Model Mar 25, 202115 mins Multi-factor AuthenticationCSO and CISORemote Work Ep. 04 Episode 4: Reduce SOC burnout Mar 29, 202115 mins CSO and CISOPhishingRemote WorkVideo on demand videoWhat is the NIST Cybersecurity Framework? How risk management strategies can mitigate cyberattacksRecently, U.S. Cyber Command confirmed it has acted against ransomware groups, underscoring the importance of cybersecurity to national security. Effective risk management frameworks, such as the NIST Cybersecurity Framework, can help organizations assess risk and mitigate or protect against ransomware attacks or other cyber incidents. Cynthia Brumfield, analyst, CSO Online contributor and author of the new book, “Cybersecurity Risk Management: Mastering the Fundamentals Using the NIST Cybersecurity Framework”, joins Juliet to discuss what the NIST framework is and how IT teams can apply its advice to best protect their organizations. Dec 21, 2021 18 minsRisk ManagementSecurity HP turns to zero trust to defend against emerging threats Nov 05, 2021 25 minsZero TrustHPSecurity Closing the skills gap with smarter cybersecurity hiring and team development Oct 30, 2021 33 minsHiringIT SkillsSecurity Preparing for XDR: What CISOs should be doing now Oct 22, 2021 23 minsThreat and Vulnerability ManagementSecurity See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos news Chinese state actors behind espionage attacks on Southeast Asian government By Shweta Sharma Sep 25, 20234 mins Advanced Persistent ThreatsCyberattacks feature How to pick the best endpoint detection and response solution By Linda Rosencrance Sep 25, 202310 mins Intrusion Detection SoftwareSecurity Monitoring SoftwareData and Information Security brandpost Unmasking ransomware threat clusters: Why it matters to defenders Sep 21, 20233 mins Cybercrime podcast CSO Executive Sessions Australia with Nicole Neil, Director of Information Security at Seer Medical Sep 20, 202312 mins CSO and CISO podcast CSO Executive Sessions Australia with Siddiqua Shaheen, Head of Cyber Governance at Lander & Rogers Sep 07, 202317 mins CSO and CISO podcast CSO Executive Sessions / ASEAN: IHH Healthcare's Francis Yeow on defining the CISO role Sep 06, 202310 mins CSO and CISO video CSO Executive Sessions Australia with Nicole Neil, Director of Information Security at Seer Medical Sep 20, 202312 mins CSO and CISO video What is zero trust security? Sep 06, 20233 mins AuthenticationZero TrustNetwork Security video CSO Executive Sessions / ASEAN: IHH Healthcare's Francis Yeow on defining the CISO role Sep 06, 202310 mins CSO and CISO