CPRA explained: New California privacy law ramps up restrictions on data use
The California Privacy Rights Act more closely aligns with the EU’s General Data Protection Regulation. Mid-sized companies not yet GDPR compliant face the biggest impact.
Category: CSO
How secure are your AI and machine learning projects?
CSO—Artificial intelligence and machine learning bring new vulnerabilities along with their benefits. Here’s how several companies have minimized their risk.
How to protect backups from ransomware
CSO—Ransomware is getting smarter, attacking backups to prevent recovery. Prevent this from happening by taking a few simple steps.
Supply chain attacks show why you should be wary of third-party providers
CSO—The weak link in your enterprise security might lie with partners and suppliers. Here’s how to understand and mitigate that risk.
IBM, Intel, AMD take different routes to hardware-based encryption
CSO—So-called confidential computing approaches allow data to remain encrypted while in use. That’s best done in hardware, and IBM, AMD and Intel are following different paths, each with its own trade-offs.
Getting started with security automation
CSO—Stressed and stretched, IT security teams look to automation for relief from high volumes of alerts from their detection and response systems. Here’s how three organizations started on the path to automated incident response.
California Consumer Privacy Act (CCPA): What you need to know to be compliant
CSO—California’s new privacy law, AB 375, might not burden security as much as the GDPR, but details are subject to change.
8 ways to get more life out of an old SIEM
CSO—Can’t update your old security information and event management system now? Use this advice to maintain its effectiveness.
AI-powered deception technology speeds deployment, improves results
CSO—Aflac says artificial intelligence made its honeypot rollout faster, less complicated, and it produces high-quality alerts. A healthcare facility deploys deception technology for protection during the COVID crisis.
8 PCI DSS questions every CISO should be able to answer
CSO—Any organization that processes credit card payments risks large fines and loss of their merchant accounts if they are not PCI DSS compliant when a breach occurs. Here’s what CISOs need to know.
9 CCPA questions every CISO should be prepared to answer
Executive management anxiety over the California Consumer Privacy Act will rise as the enforcement deadline looms. Security managers will need to know the answers to these questions.
What you need to know about the new OWASP API Security Top 10 list
APIs now account for 40% of the attack surface for all web-enabled apps. OWASP has identified 10 areas where enterprises can lower that risk.
Directory traversal explained: Definition, examples and prevention
Jira is just the most recent company to expose its customers via a path traversal vulnerability. This risk is easily avoidable, but developers keep making the same mistake.
7 ways 5G mobile networks will change IoT security, and how to prepare
Every internet of things security issue will be greatly magnified in a 5G environment. Address these seven areas before you deploy your own.
Business email compromise attacks cost millions, losses doubling each year
Cybercriminals follow the money, and you need look no further than Toyota Boshoku’s recent $37 million loss to see why many are turning to BEC scams.