Latest articles for CSO magazine

Every internet of things security issue will be greatly magnified in a 5G environment. Address these seven areas before you deploy your own.

Cybercriminals follow the money, and you need look no further than Toyota Boshoku’s recent $37 million loss to see why many are turning to BEC…

Hackers are now using rich personally identifying information, including device types and browser versions, cookies and web histories, and even voice recordings to gain account…

When enterprises adopt new technology, security is often on the back burner. It can seem more important to get new products or services to customers…

Whether through fraud or legitimate purchase, cybercriminals increasingly depend on mainstream services to support their activities.

Cyber criminals are targeting application programming interfaces to steal sensitive data. Recent exposures and hacks at companies like Venmo, Facebook and Google present lessons to…

It’s often difficult to make log files and other data from legacy applications accessible to security information and event management systems. Here are some options…

Low code does not mean low risk. By allowing more people in an enterprise to develop applications, low-code development creates new vulnerabilities and can hide…

Breaches from attacks that defeat or run around endpoint protection measures are on the rise. Here’s how attackers do it.

The Florida bank rolled out passwordless authentication in February that relies on device biometrics of their smartphones.

The U.S. Global Positioning System, part of a network of global navigation satellite systems (GNSS), is vulnerable to attacks that could disrupt many industries. Here’s…

New tools and services will help make it easier for enterprises to manage security with Google products as well as with Amazon and in their…

Pairing artificial intelligence or machine learning with traditional fuzzing techniques creates a powerful tool to find application or system vulnerabilities — for both researchers and…

In the arms race between white and black hats, the infosec industry looks to quantum cryptography and quantum key distribution (QKD). That may be just…

Biometrics has the potential to make authentication dramatically faster, easier and more secure than traditional passwords, but companies need to be careful about the biometric…

Moving data and processes to the cloud presents challenges for enterprise SOCs. Here’s how the industry and business are finding new ways to collect, monitor…

Newer isn’t always better, at least where cybersecurity is concerned. For some applications, these older technologies are still effective ways to protect data and systems.

These top-ranking Windows 10 client antivirus products were tested on three primary criteria: protection, performance, and usability.

Protecting your network from DDoS attacks starts with planning your response. Here, security experts offer their best advice for fighting back.

As an infosec professional, you’ve likely heard about using a cyber kill chain, also known as a cyber attack lifecycle, to help identify and prevent…

Antivirus software can’t keep up with new malware or variants of known malware, but it still plays a role in an overall endpoint protection strategy.

Traditional signature-based antivirus is notoriously bad at stopping newer threats such as zero-day exploits and ransomware, but it still has a place in the enterprise,…

These top-ranking Windows 10 client antivirus products were tested on three primary criteria: protection, performance, and usability.

Cybersecurity risks are now a key part of the ERM process. Here’s how infosec professionals should talk about cybersecurity risk and assess its impact.

Cybersecurity startups, not weighed down by legacy platforms, can be more nimble and innovative than their more established competitors, and can often offer more personalized…

Improving cybersecurity is becoming a driving factor for starting digital transformation projects. Mistakes in implementation, however, can be costly.

Nextgen firewalls add features like behavioral analytics, malware detection, and content monitoring to prevent unauthorized access and data exfiltration. They could do much more in…

To protect corporate networks against malware, data exfiltration and other threats, security departments have systems in place to monitor email traffic, URLs and employee behaviors.…

First comes the embarrassing breach announcement. Then, a few days or weeks later, another one — a few million stolen records were missed the first…

California’s new privacy law, AB 375, might not burden security as much as the GDPR, but details are subject to change.