Tag: CSO Online

This article has been indexed from CSO Online Edge computing is gaining traction quickly – with some analysts deeming it the next great revolution in technology. Some of the industry’s biggest players are making significant investments in edge computing to…

Read more →

This article has been indexed from CSO Online We compared Zoom, Microsoft Teams, Cisco Webex, Google Meet, BlueJeans, and GoToMeeting in real-world tests to see which videoconferencing platforms perform best for business users. Here’s how they stack up. Read the…

Read more →

This article has been indexed from CSO Online OSINT definition Open source intelligence (OSINT) is the practice of collecting information from published or otherwise publicly available sources. OSINT operations, whether practiced by IT security pros, malicious hackers, or state-sanctioned intelligence operatives,…

Read more →

This article has been indexed from CSO Online Following the epic ransomware attacks on Colonial Pipeline and top meat producer JBS, some government officials have called on Congress and the administration to ban organizations from making ransom payments to threat…

Read more →

This article has been indexed from CSO Online The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO)…

Read more →

This article has been indexed from CSO Online If trends continue, 2021 may be remembered as the year hybrid work went mainstream. As organizations look toward their post-COVID operations, many of them are planning to let a significant number of…

Read more →

This article has been indexed from CSO Online Anti-virus pioneer John McAfee was found dead in a Spanish prison cell on Wednesday June 25, 2021. According to Spanish authorities, the cause of the 75-year-old’s death was suicide. [ Learn 12…

Read more →

This article has been indexed from CSO Online The over-the-internet firmware update and OS recovery feature present in 128 Dell computer models suffers from certificate validation and other flaws that could allow man-in-the-middle (MitM) attackers to compromise the devices at…

Read more →

This article has been indexed from CSO Online 2021 is shaping up to be an active year for mergers and acquisitions in the cybersecurity industry. March alone saw more than 40 firms being acquired. The level of activity is driven…

Read more →

This article has been indexed from CSO Online Antiquated infrastructure in the United States is not confined to crumbling roads and bridges. Recent events have shown that connected devices in our cell towers, pipelines, water treatment facilities and power grids…

Read more →

This article has been indexed from CSO Online Jason Lee joined Zoom in June 2020 to become the videoconferencing platform’s CISO. The company was midway through a 90-day security plan launched to address security and privacy issues exacerbated by Zoom’s…

Read more →

This article has been indexed from CSO Online Every time I read about another attack, I am always interested in how the attackers gained initial access into the network. With the recent Colonial Pipeline attack, the initial infection point was…

Read more →

This article has been indexed from CSO Online Asset disposal normally isn’t one of those burning topics that is top-of-mind for CISOs, yet every CISO must be able to address it when asked to describe their information technology asset disposal…

Read more →

This article has been indexed from CSO Online As if 2020 didn’t present enough challenges, it also brought an increase in distributed denial-of-service (DDoS), ransomware, and malware attacks. And as anyone who has suffered through one or more of these network security…

Read more →

This article has been indexed from CSO Online President Biden’s executive order (EO) on cybersecurity, released on May 12, is a sprawling and comprehensive document that aims to redress weaknesses in the digital security ecosystem. It is peppered with nearly…

Read more →

This article has been indexed from CSO Online More cloud computing solutions, remote and work-from-home systems and internet-connected devices increase risk from an expanded attack surface. The best way to reduce the number of vulnerabilities is to establish a proper…

Read more →

This article has been indexed from CSO Online The exploitation of Exchange Server vulnerabilities has highlighted the importance of visibility for securing critical server infrastructure. Microsoft quickly patched the vulnerability, but there remain important points to note. First, the type…

Read more →

This article has been indexed from CSO Online It seems like not a day goes by without another ransomware attack making headlines. And where do many of these attacks start? In your users’ email inboxes. To read this article in…

Read more →

This article has been indexed from CSO Online As the COVID-19 pandemic triggered a massive shift in internet usage, cybercriminals quickly pounced, launching more than 10 million distributed denial-of-service (DDoS) attacks aimed at crippling targets with a heavy reliance on online…

Read more →

This article has been indexed from CSO Online Three weeks after releasing patches for a critical vulnerability in VMware vCenter, thousands of servers that are reachable from the internet remain vulnerable to attacks. VMware vCenter is used by enterprises to…

Read more →

This article has been indexed from CSO Online Researchers claim to have discovered the identity of the operators of Hades ransomware, exposing the distinctive tactics, techniques, and procedures (TTPs) they employ in their attacks. Hades ransomware first appeared in December…

Read more →

This article has been indexed from CSO Online With the new era of Windows as a service, Microsoft is rolling out changes to the operating system twice a year. Many of those changes will allow you to improve your security…

Read more →

This article has been indexed from CSO Online No one expects trust to be broken when they engage trusted individuals and companies to safeguard that which requires security, such as protected health information (PHI) and personally identifiable information (PII). Yet…

Read more →

This article has been indexed from CSO Online Before 1983, finding a resource on the burgeoning collection of networks and computers that would become the internet meant either having to know the IP address or having to reference a manually…

Read more →

This article has been indexed from CSO Online Protecting systems and devices has never been more challenging. Attack surfaces continue to expand and cybercriminals use increasingly sophisticated methods to gain entry into organizations. It’s a mistake to think that small…

Read more →

This article has been indexed from CSO Online It’s no secret that the scope and severity of ransomware attacks are on the rise. Yet, what often flies under the radar of small and medium-size businesses (SMBs) is that the target…

Read more →

This article has been indexed from CSO Online Deeply interwoven third-party vendor relationships have fundamentally changed business. They’ve allowed organizations to establish complex supply chains and sophisticated digital capabilities. Yet, all the gain isn’t without a good deal of pain.…

Read more →

This article has been indexed from CSO Online Driven in part by the pandemic, cloud computing adoption has reached new heights. These five articles take a close look at the implications. Read the original article: The great cloud computing surge

Read more →

This article has been indexed from CSO Online Security in the public cloud is based on the concept of shared responsibility: The largest cloud service providers deliver a secure, hyperscale environment, but it’s up to the customer to protect everything…

Read more →

This article has been indexed from CSO Online The Biden Administration has been thrown into a thicket of cybersecurity troubles in its first six months, forcing the White House to issue complex cybersecurity executive orders, directives and policy changes in…

Read more →

This article has been indexed from CSO Online HP recently announced the findings of a new report – Blurred Lines & Blindspots – a comprehensive global study assessing organizational cyber risk in an era of remote work. The report shows that changing work…

Read more →

This article has been indexed from CSO Online HP recently announced the findings of a new study – Nation States, Cyberconflict, and the Web of Profit – showing that nation state cyberattacks are becoming more frequent, varied, and open, moving us closer to…

Read more →

This article has been indexed from CSO Online Security researchers are tracking new DDoS extortion activity by threat actor group Fancy Lazarus. The attacks have been primarily targeting US and global organizations from a range of sectors including energy, financial,…

Read more →

This article has been indexed from CSO Online There is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of…

Read more →

This article has been indexed from CSO Online Ransomware has a long history, dating back to the late 1980s. Today, it’s generating billions of dollars in revenue for the criminal groups behind it. Victims incur recovery costs even if they…

Read more →

This article has been indexed from CSO Online Cloud adoption has accelerated in the past year as organizations scrambled to support a remote workforce. Despite this rapid adoption and growth, companies often misunderstand a key cloud concept: the shared responsibility…

Read more →

This article has been indexed from CSO Online SD-WAN has been one of the most rapidly adopted technologies of the last decade. According to a 2020 IDG Research Services report, SD-WAN adoption increased from 35% to 54% between 2017 and…

Read more →

This article has been indexed from CSO Online We all want to abide by security best practices, but who decides what is best? If something is best for one firm, it is best for all? Too often we do not…

Read more →

This article has been indexed from CSO Online Malware attacks against cloud containers are nothing new, but these attacks have primarily focused on Linux deployments because they are the most common and where containers were born. Now, attackers are targeting…

Read more →

This article has been indexed from CSO Online Digital innovation continues to transform the network as part of an effort to increase operational agility and more efficiently meet the needs of customers and employees. At the same time, workers are…

Read more →

This article has been indexed from CSO Online The Justice Department announced yesterday that it had seized 63.7 bitcoins currently valued at approximately $2.3 million that allegedly represents some portion of a May 8 payment by the Colonial Pipeline company…

Read more →

This article has been indexed from CSO Online Every week brings another report of someone leaving an unsecured online storage container filled with sensitive customer data. Some are astounding in terms of severity, such as what happened in November 2020,…

Read more →

This article has been indexed from CSO Online The volume and velocity of data breaches are on the rise, and so are the costs. To read this article in full, please click here (Insider Story) Read the original article: 10…

Read more →

This article has been indexed from CSO Online In December 2020, the US Government Accounting Office (GAO) made 145 recommendations to 23 federal agencies relating to supply chain risks. In May 2021, the GAO’s director of information technology and cybersecurity,…

Read more →

This article has been indexed from CSO Online The Amazon Web Services identity and access management (IAM) mechanism is complex, and not fully understanding its particularities often leads to misconfigurations and exposed cloud assets. Researchers from cloud security firm Lightspin…

Read more →

This article has been indexed from CSO Online The bug bounty program landscape has undergone significant evolution in the last few years. Organizations of varying sizes and across industries commonly invest in some form of bug bounty model as the…

Read more →

This article has been indexed from CSO Online The May ransomware attack on Colonial Pipeline exposed the country’s significant vulnerability to cyberthreats. To read this article in full, please click here (Insider Story) Read the original article: Ransomware response: What…

Read more →

This article has been indexed from CSO Online Digital innovation has driven engineering advances for many sectors, including our businesses, homes, transportation and energy systems, and entertainment. The motor speedway is no stranger to the advanced technologies arising both inside…

Read more →

This article has been indexed from CSO Online Looking for a qualified candidate or new job? CSO’s security recruiter directory is your one-stop shop. The recruiters listed below can help you find your next chief information security officer (CISO) or…

Read more →

This article has been indexed from CSO Online Editor’s note: This article, originally published on April 5, 2021, has been updated to reflect recent developments.  Details of the 2020 SolarWinds attack continue to unfold, and it may be years before…

Read more →

This article has been indexed from CSO Online 2021 is shaping up to be an active year for mergers and acquisitions in the cybersecurity industry. March alone saw more than 40 firms being acquired. The level of activity is driven…

Read more →

This article has been indexed from CSO Online Multi-factor authentication (MFA) continues to embody both the best and worst of business IT security practice. As Roger Grimes wrote in this article about two-factor hacks three years ago, when MFA is…

Read more →

This article has been indexed from CSO Online Editor’s note: This article, originally published on August 7, 2018, has been updated to include new information on phishing kit features. Phishing is a social attack, directly related to social engineering. Commonly…

Read more →

This article has been indexed from CSO Online I recently had to renew the cyber insurance policy for the office and it was interesting to see the evolution of questions asked over the years. At first, most of the cyber…

Read more →

This article has been indexed from CSO Online Now nearly halfway into 2021, more than two-dozen high-profile data breaches have already occurred, some involving brands such as Facebook, LinkedIn, Instagram, US Cellular, T-Mobile, Geico and Experian. Data stolen during those…

Read more →

This article has been indexed from CSO Online The Sunburst campaign underscored the inherent risk of technology to the public and private organizations who use it. It is important to examine what happened, look for opportunities to improve, and move…

Read more →

This article has been indexed from CSO Online The cybersecurity skills gap is a global problem that must be addressed if we hope to stay ahead of today’s motivated cybercriminals. With this being said, there are strong synergies between military…

Read more →

This article has been indexed from CSO Online Software supply chain incidents have been making headlines recently. Despite similarities among these security incidents, not all supply chain attacks are created equal. To read this article in full, please click here…

Read more →

This article has been indexed from CSO Online HITRUST definition HITRUST is a cybersecurity framework that seeks to unify the rules for many other existing regulatory and industry frameworks, including HIPAA, GDPR, PCI-DSS, and more. The idea is that organizations…

Read more →

This article has been indexed from CSO Online The Russian hacking group behind the supply chain attack that poisoned software updates for the SolarWinds Orion platform has been perfecting its email-based attacks over the past few months to plant backdoors…

Read more →

This article has been indexed from CSO Online The Transportation Safety Administration (TSA), an arm of the US Department of Homeland Security (DHS), released a Security Directive on Enhancing Pipeline Cybersecurity. TSA released the document two days after the Biden…

Read more →

This article has been indexed from CSO Online As companies accelerate out of pandemic disruption, how can IT meet increasing demands — and reap unprecedented benefits? In a series of virtual roundtables, dozens of IT leaders offered key insights about…

Read more →

This article has been indexed from CSO Online The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO)…

Read more →

This article has been indexed from CSO Online What is credential stuffing? Credential stuffing is the automated use of collected usernames and passwords to gain fraudulent access to user accounts. Billions of login credentials have landed in the hands of…

Read more →

This article has been indexed from CSO Online Today’s enterprises know the advantages of leveraging multi- and hybrid cloud environments. In fact, more than 90% now have multi-cloud and hybrid (public/private) cloud environments included as a critical component of their…

Read more →

This article has been indexed from CSO Online Older protocols are hard to kill. From consumer-based protocols like SMBv1 to network-based protocols like Windows NT LAN Manager (NTLM), we typically need time and planning to move off protocols that we…

Read more →

This article has been indexed from CSO Online Phishing simulations—or phishing tests—have become a popular feature of cybersecurity training programs in organizations of all sizes. One can see the appeal: phishing tests allow security staff to craft and send emails…

Read more →

This article has been indexed from CSO Online Victim shaming is never OK. Unfortunately, in some organizations, employees who fall victim to a social engineering ploy that leads to a ransomware attack are blamed for their actions. “Shaming and blaming…

Read more →

This article has been indexed from CSO Online A lack of cohesion between software development teams and cybersecurity functions compounds the software supply chain risks faced by organizations, making it all the more urgent for cybersecurity leaders and their teams…

Read more →

This article has been indexed from CSO Online CISOs will have to manage new security challenges in a post-pandemic world. Reconfigured workplaces and employee health considerations, as well as increased threats, have been foisted on organizations just as many security…

Read more →

This article has been indexed from CSO Online It’s well known by now that the consequences of a successful ransomware attack go well beyond the financial loss of paying ransom. Damage to brand and reputation, lost productivity, and compromised data—even…

Read more →

This article has been indexed from CSO Online When hacking began many decades ago, it was mostly the work of enthusiasts fueled by their passion for learning everything they could about computers and networks. Today, nation-state actors are developing increasingly…

Read more →

This article has been indexed from CSO Online On the heels of three major cybersecurity incidents over the past six months—the SolarWinds and Microsoft Exchange supply chain attacks and the Colonial Pipeline ransomware attack—government officials and some in the private…

Read more →

This article has been indexed from CSO Online Cloud workloads are deployed into highly dynamic environments, often utilizing and coexisting with a wide variety of cloud providers and third-party platforms and services. The workloads themselves can range from legacy applications…

Read more →

This article has been indexed from CSO Online The cyber attack on Colonial Pipeline is the latest in an increasing number of ransomware attacks that have been targeting both private enterprise and the public sector. In this case, it appears…

Read more →

This article has been indexed from CSO Online Four years ago, the WannaCry ransomware variant spread like wildfire, infecting and encrypting over 230,000 computers at public- and private-sector organizations worldwide, and inflicting hundreds of millions, if not billions, of dollars…

Read more →

This article has been indexed from CSO Online In early May, fitness company Peloton announced that it had exposed customer account data on the internet. Anyone could access users’ account data from Peloton’s servers, even if the users set their…

Read more →

This article has been indexed from CSO Online There are any number of bad actors behind cyber attacks these days. From enterprising criminals to nation-states to hacktivists to malicious insiders, there are multiple possibilities of who is behind it when…

Read more →

This article has been indexed from CSO Online CSO definition A CSO is a departmental leader responsible for information security, corporate security or both. That’s the simplest answer to the question “What is a CSO?”, and one that our founding…

Read more →

This article has been indexed from CSO Online CISOs have plenty of issues on their minds, everything from building a secure infrastructure to blocking ransomware attacks to ensuring that internal staff doesn’t misuse or steal data. With so many responsibilities…

Read more →

This article has been indexed from CSO Online The dramatic increase in telework and the transition to cloud-based applications means more people are working from remote locations on personal and company-provided devices. Security and IT teams have adjusted their strategies…

Read more →

This article has been indexed from CSO Online We all have at least part of our data in the cloud. Most of us still have servers located locally or perhaps in a local datacenter or in redundant regions throughout the…

Read more →

This article has been indexed from CSO Online It’s human nature to want some type of “silver bullet” that will solve complicated problems like curing the common cold. But complex problems almost inevitably require complex solutions. Hundreds of different viruses…

Read more →

This article has been indexed from CSO Online The UK government’s Department for Digital, Culture, Media and Sport (DCMS) is considering new measures to enhance the security of digital supply chains and third-party IT services. As a result, managed service…

Read more →

This article has been indexed from CSO Online CISOs have an array of ever-improving tools to help spot and stop malicious activity: network monitoring tools, virus scanners, software composition analysis (SCA) tools, digital forensics and incident response (DFIR) solutions, and…

Read more →

This article has been indexed from CSO Online Ransomware has taken center stage in the cybercrime ecosystem, causing over $1 billion in losses last year around the world and earning criminals hundreds of millions of dollars in profits. At the…

Read more →

This article has been indexed from CSO Online A well-crafted resume will attract recruiters, HR pros and hiring managers, but getting it just right is a daunting task. To jump start the process, Insider Pro has assembled this collection of…

Read more →

This article has been indexed from CSO Online I’ve been blogging about what should be the “big 3” topics at this week’s (virtual) RSA conference.  I started with a blog about XDR followed by another about Zero Trust.  My final…

Read more →

This article has been indexed from CSO Online Many in mainstream media have characterized the DarkSide attack on Colonial Pipeline, which operates a significant portion of the nation’s critical energy infrastructure, as a wake-up call for CIOs and CISOs. If…

Read more →

This article has been indexed from CSO Online A set of vulnerabilities in Wi-Fi’s basic design offers a long-standing and widespread threat vector, but the probability of compromise remains low. Read the original article: ‘FragAttack’ flaws threaten Wi-Fi, but not…

Read more →

This article has been indexed from CSO Online There is nothing like attending a face-to-face event for career networking and knowledge gathering, and we don’t have to tell you how helpful it can be to get a hands-on demo of…

Read more →

This article has been indexed from CSO Online Capping a dramatic week that saw major oil pipeline provider Colonial Pipeline crippled by a ransomware attack, the Biden administration released a highly anticipated, far-reaching and complex Executive Order on Improving the…

Read more →

This article has been indexed from CSO Online Given the widely dispersed workforce, and the likelihood of a hybrid workspace going forward, it’s not surprising that endpoint security is a top priority among CSOs, according to the IDG 2020 Security…

Read more →

This article has been indexed from CSO Online Criminals are exploiting the very tools used by security teams. Sophos researchers have recently observed an increase in attacks in which criminals target tools used by incident responders and penetration testers. These…

Read more →

This article has been indexed from CSO Online Trust has always been a critical consideration for security. Firewalls were invented because people outside the network were inherently less trustworthy than those inside the network, especially when it came to things…

Read more →

This article has been indexed from CSO Online DarkSide is a ransomware threat that has been in operation since at least August 2020 and was used in a cyberattack against Georgia-based Colonial Pipeline, leading to a major fuel supply disruption…

Read more →

SOAR: Meaning and definition SOAR is the name for a relatively new kind of security platform that coordinates information produced by a wide range of security tools and automate much of their analysis and protective responses. SOAR, which stands for…

Read more →

Once a breach occurs, you’ll want to identify what the attackers accessed and how they accessed the data. This information helps you identify if you need to notify users that their data has been breached and learn how to protect…

Read more →

Visibility into network traffic, endpoints, cloud infrastructure, and more is crucial – especially considering the sophistication of cyber threats, the widely distributed workforce, and the escalation of cloud adoption. Yet, many organizations have developed silos over time. Networking, IT, and…

Read more →

As organizations increasingly shift to cloud, the IT infrastructure becomes riddled with complexity. SecOps, NetOps, and ITOps teams have their hands full using multiple tools to manage data and applications across the distributed environment. For SecOps in particular, tying these…

Read more →