Security

Find network and information security news, reviews and analysis, covering data protection, privacy, endpoint security, and security management.

ethical hacking
android security

CISOs

How to write a CISO job description

The chief information security officer has a big, mission critical job. Make sure you spell out the CISO's duties and expectations for the role.

The modern guide to staying safe online

5 reasons to take a fresh look your security policy

Evolving ransomware and DDoS attacks, new technology such as IoT, and changing user behavior are all good reasons to revise your security policy.

Blackhat_2017
video

Stop blaming users for security misses

Does the message to users about security need to change? Or does IT need to rebuild infrastructure so users can worry less about security? Wendy Nather, principal security strategist at Duo Security, talks with CSO senior writer...

Movie preview test pattern

Top security tools of 2017

From deception and endpoint security to cloud security and traffic analysis, we review some of the most innovative and useful security tools from today's most important cybersecurity technology categories.

Las Vegas Sign for Blackhat DefCon Event [by Skeeze / CC0 via Pixabay]

Black Hat and DEF CON: The evolution of Hacker Summer Camp

It’s been 20 years since the first Black Hat Briefings conference. How has this staple of the cybersecurity industry changed over the years?

Oracle headquarters

Oracle’s monster update emphasizes flaws in critical business applications

Oracle hasn’t been “just” a database company in a long time, and nowhere is that more evident than in its quarterly critical patch update release, where the bulk of the fixes are in business applications like PeopleSoft and E-Business...

disaster recovery plan ts

7 things your IT disaster recovery plan should cover

Enterprise networks and data access can be knocked out without warning, thanks to natural and man-made disasters. You can’t stop them all from happening, of course, but with a good disaster recovery plan you can be better prepared for...

The dark web goes corporate

It's just as shady and dangerous as ever, but something has changed in the way the dark web does business, and it will look very familiar to IT buyers.

construction building crane architecture

How to write an information security architect job description

A good information security architect straddles the business and technical worlds. Writing a solid, clear job description ensures that both sides understand the role.

Cloud Security

Top cloud security controls you should be using

Human error is one of the top reasons for data breaches in the cloud, as administrators forget to turn on basic security controls. Whether it is Amazon Web Services, Microsoft Azure, or Google Cloud Platform, keep these rules in mind...

hiring software developers

Four ways to use open data sources to find cybersecurity candidates

Publicly available data from government and other sources can help you find the right security talent.

Black Hat 2015

The best of Black Hat: The consequential, the controversial, the canceled

Over the past two decades, the annual Black Hat conference has had its share of controversy. CSO looks back at the most significant talks and demonstrations.

IBM Z mainframe

IBM wants you to encrypt everything with its new mainframe

IBM wants businesses to use its new z14 mainframe to encrypt pretty much everything -- an approach to security it calls pervasive encryption.

we're hiring sign jobs careers public domain

Six entry-level cybersecurity job seeker failings

More cybersecurity job openings mean more entry-level candidates are entering the market. These are the common mistakes they make when apply and interviewing for an opening.

thread weave colorful network web

What is IoT?

Our overview of the patchwork of technologies that makes up the Internet of Things, and the major issues facing IoT.

ransomware

Who is a target for ransomware attacks?

While any enterprise is a possible ransomware target, some are more likely than others to be caught in a cybercriminal’s crosshairs.

cybersecurity skills and talent shortage

Look beyond job boards to fill cybersecurity jobs

The cybersecurity staffing shortage is reaching crisis proportions, and companies are looking beyond the traditional channels of job boards and headhunters to find and hire new talent. Here are some of the unconventional ways...

cybersecurity skills and talent shortage

Why linguistics can't always identify cyber attackers' nationality

The security whodunnit: analyzing the language used in an attack is just one tool to assign attribution, and it’s not always reliable.

Load More