Taylor Armerding

How to write an IT security engineer job description

How to write an information security architect job description

How to write an information security architect job description

A good information security architect straddles the business and technical worlds. Writing a solid, clear job description ensures that both sides understand the role.

The best of Black Hat: The consequential, the controversial, the canceled

The best of Black Hat: The consequential, the controversial, the canceled

Over the past two decades, the annual Black Hat conference has had its share of controversy. CSO looks back at the most significant talks and demonstrations.

How to write an information security analyst job description

How to write an information security analyst job description

A thorough, clear job description will ensure that security analysts stay on the same page with management expectations.

Closing the CVE gap: Is MITRE up to it?

Closing the CVE gap: Is MITRE up to it?

Critics say the The Common Vulnerabilities and Exposures (CVE) program, managed by MITRE, is falling far behind in its mission to catalog and identify all known vulnerabilities. Its defenders say a new model is closing that gap.

What is CVE, its definition and purpose?

What is CVE, its definition and purpose?

CVE is a program launched in 1999 by MITRE, a nonprofit that operates research and development centers sponsored by the federal government. Its purpose is to identify and catalog vulnerabilities in software or firmware into a free...

Medical devices at risk: 5 capabilities that invite danger

Medical devices at risk: 5 capabilities that invite danger

It isn't just certain connected medical devices that put patient data and physical safety at risk, it's specific capabilities and systems within which they operate that make them a broad, and vulnerable, attack surface.

Caught in the breach – what to do first

Caught in the breach – what to do first

Since there is no way to prevent every cyber attack, incident response is crucial. Experts at the MIT Sloan CIO Symposium talk about what to do immediately after the bad news hits.

AI: The promise and the peril

AI: The promise and the peril

Two panels at the MIT Sloan CIO Symposium this week focused on how to embrace the almost magical productivity benefits of artificial intelligence without leaving workers behind.

Cybersecurity ROI: Still a tough sell

Cybersecurity ROI: Still a tough sell

Cybersecurity is a wise investment. But as a panel of experts at the MIT Sloan CIO Symposium said, it is difficult to put an exact number on it.

Vocal theft on the horizon

Vocal theft on the horizon

Voice imitation technology has the potential to undermine yet another form of biometric authentication. Security experts say the key is to make sure the individual voice information is stored on the user’s device, not in a centralized...

Mixed reviews for Trump’s Executive Order on cybersecurity

Mixed reviews for Trump’s Executive Order on cybersecurity

Experts generally agree that President Trump’s cybersecurity Executive Order is well intended and a good start. But several of them have specific suggestions on how it could be improved.

Load More