Latest articles for CSO magazine

What is GPS spoofing? And how you can defend against it

What is GPS spoofing? And how you can defend against it

GPS spoofing definition GPS spoofing is an attack in which a radio transmitter located near the target is used to interfere with a legitimate GPS…

Google expands cloud security capabilities, including simpler configuration

Google expands cloud security capabilities, including simpler configuration

Google has announced 30 new features or enhancements of its Google Cloud platform that are designed to improve the ability of organizations to manage security…

What is AI fuzzing? And why it may be the next big cybersecurity threat

What is AI fuzzing? And why it may be the next big cybersecurity threat

AI fuzzing definition AI fuzzing uses machine learning and similar techniques to find vulnerabilities in an application or system. Fuzzing has been around for a…

What is quantum cryptography? It’s no silver bullet, but could improve security

What is quantum cryptography? It’s no silver bullet, but could improve security

Quantum cryptography definition Quantum cryptography, also called quantum encryption, applies principles of quantum mechanics to encrypt messages in a way that it is never read…

What is biometrics? And why collecting biometric data is risky

What is biometrics? And why collecting biometric data is risky

Biometric authentication uses physical or behavioral human characteristics to digitally identify a person to grant access to systems, devices or data. Examples of these biometric…

How security operations centers are adapting to the cloud era

How security operations centers are adapting to the cloud era

As more and more critical business functions depart the on-premises environment for the cloud, security operations centers (SOCs) face tough challenges in keeping up with…

8 old technologies that still play roles in security

8 old technologies that still play roles in security

It’s easy to assume newer is better, but technology that has been around for decades or longer still has a place in cybersecurity. In some…

Best antivirus software: 14 top tools

Best antivirus software: 14 top tools

The AV-TEST Institute recently tested the most popular Windows 10 client antivirus products on three primary criteria: protection, performance, and usability. Only six of the…

DDoS protection, mitigation and defense: 8 essential tips

DDoS protection, mitigation and defense: 8 essential tips

DDoS attacks are bigger and more ferocious than ever and can strike anyone at any time. According to Verizon’s latest DDoS trends report, the first…

What is the cyber kill chain? Why it’s not always the right approach to cyber attacks

What is the cyber kill chain? Why it’s not always the right approach to cyber attacks

As an infosec professional, you’ve likely heard about using a cyber kill chain, also known as a cyber attack lifecycle, to help identify and prevent…

What is the cyber kill chain? Why it's not always the right approach to cyber attacks

As an infosec professional, you’ve likely heard about using a cyber kill chain, also known as a cyber attack lifecycle, to help identify and prevent…

Why the best antivirus software isn’t enough (and why you still need it)

Why the best antivirus software isn’t enough (and why you still need it)

Traditional signature-based antivirus is notoriously bad at stopping newer threats such as zero-day exploits and ransomware, but it still has a place in the enterprise,…

Why even the best antivirus software isn't enough (and why you still need it)

Traditional signature-based antivirus is notoriously bad at stopping newer threats such as zero-day exploits and ransomware, but it still has a place in the enterprise,…

Best antivirus software: 13 top tools

Best antivirus software: 13 top tools

The AV-TEST Institute recently tested the most popular Windows 10 client antivirus products on three primary criteria: protection, performance, and usability. Only five of the…

What is enterprise risk management? How to put cybersecurity threats into a business context

What is enterprise risk management? How to put cybersecurity threats into a business context

Enterprise risk management (ERM) is the process of assessing risks to identify both threats to a company’s financial well-being and opportunities in the market. The…

7 best practices for working with cybersecurity startups

7 best practices for working with cybersecurity startups

Cybersecurity startups, not weighed down by legacy platforms, can be more nimble and innovative than their more established competitors, and can often offer more personalized…

4 top challenges to a secure digital transformation

4 top challenges to a secure digital transformation

Digital transformation is vital to many companies’ long-term survival, in that it can help them defend against agile startups, better meet customer expectations, find new…

What are next generation firewalls? How the cloud and complexity affect them

What are next generation firewalls? How the cloud and complexity affect them

Traditional firewalls track the domains that traffic is coming from and the ports it’s going to. Nextgen firewalls go beyond that — they also monitor…

Corporate pre-crime: The ethics of using AI to identify future insider threats

Corporate pre-crime: The ethics of using AI to identify future insider threats

To protect corporate networks against malware, data exfiltration and other threats, security departments have systems in place to monitor email traffic, URLs and employee behaviors.…

3 reasons companies fail to assess the scope of a data breach

3 reasons companies fail to assess the scope of a data breach

First comes the embarrassing breach announcement. Then, a few days or weeks later, another one — a few million stolen records were missed the first…

California Consumer Privacy Act: What you need to know to be compliant

California Consumer Privacy Act: What you need to know to be compliant

In late June, 2018, California passed a consumer privacy act, AB 375, that could have more repercussions on U.S. companies than the European Union’s General…

5 ways to hack blockchain in the enterprise

5 ways to hack blockchain in the enterprise

One of the hottest topics in cybersecurity circles is the enterprise blockchain. This is the same technology that underpins cryptocurrencies like Bitcoin. Simply defined, blockchain…

Hardware, software options emerge for runtime encryption

Hardware, software options emerge for runtime encryption

When it comes to cloud applications, enterprises have an encryption gap. Encrypting data while it is in storage is straightforward, even if many companies are…

Cloud functions present new security challenges

Cloud functions present new security challenges

Serverless apps are deployed over a cloud platform and are designed to use only the amount of computing resources needed to carry out a task.…

How privacy is moving data security to the top of corporate agendas

How privacy is moving data security to the top of corporate agendas

The European Union’s far-reaching General Data Protection Regulation (GDPR) goes into effect May 25, Facebook has had to answer to Congress for its ties with…

Why securing containers and microservices is a challenge

Why securing containers and microservices is a challenge

Containers are a small, fast, and easy-to-set-up way to deploy and run software across different computing environments. By holding an application’s complete runtime environment, including…

Verizon report: Ransomware top malware threat of 2017, moving into critical systems

Verizon report: Ransomware top malware threat of 2017, moving into critical systems

Verizon released its Data Breach Investigations Report (DBIR) this morning, the massive, in-depth analysis of last year’s security breaches, based on 53,000 security incidents from…

How to detect and prevent crypto mining malware

How to detect and prevent crypto mining malware

Hackers are turning to cryptojacking — infecting enterprise infrastructure with crypto mining software — to have a steady, reliable, ongoing revenue stream. As a result,…

Open source software security challenges persist

Open source software security challenges persist

This year’s Equifax breach was a reminder that open source software and components pose a giant risk to enterprise security despite their many benefits, especially…

SEC’s new cybersecurity guidance falls short

SEC’s new cybersecurity guidance falls short

The Securities and Exchange Commission (SEC) issued new guidance in February, urging senior executives and board members to pay closer attention to cybersecurity.   However,…