Careers | News, how-tos, features, reviews, and videos
CISOs are finding new measures to quantify the business value of cybersecurity investments that can show how a security team’s work supports a company’s top and bottom lines.
Given the deluge of news about hacks and attacks, cybersecurity’s focus on outside threats is understandable, but woe be to the CISO who doesn’t address inside risks early and often.
Reports identifying a $75 million ransom payment made in March by a Fortune 50 company raise some questions.
SEC risk management and disclosure rules can be overwhelming and fraught with difficulties. Steve Durbin, chief executive of the Information Security Forum, offers advice for coping with the hassles.
Once accepted, the attackers tell developers to download a Node.js project as part of a practical test. The trojanized project on launch deploys a RAT and infostealer malware targeting all major OS platforms.
CISOs should look to proactively incorporate new lessons in their incident response, disaster recovery, crisis communications, and contingency workforce playbooks — and revisit agreements with software providers.
Efforts to fix the 4 million global cyber pro shortfall may someday pay off. Until then, CISOs have practical solutions at their disposal.
Security leaders looking for bright new talent can benefit from a well-run internship program.
Although the court dismissed most of the SEC’s charges in its lawsuit against SolarWinds, the by far most serious charge – securities fraud by both the company and its CISO – survived. CISOs have little reason to celebrate.
From the Retamares military base in Madrid, CSO Spain receives an inside look at the Spanish team’s headquarters for Locked Shields 2024, a worldwide event for practicing coordination and cooperation in defense of cyberspace.