featureMicrosoft-blasting CSRB report offers roadmap for better cloud securityThe Cyber Safety Review Board’s report slammed Microsoft's security practices over 2023 intrusion but also delivered a wealth of recommendations crucial for cloud service providers.By Cynthia BrumfieldApr 10, 20249 minsCloud SecurityData and Information SecuritySecurity Practices news analysis AI tools likely wrote malicious script for threat group targeting German organizationsBy Lucian ConstantinApr 10, 20244 minsAdvanced Persistent ThreatsThreat and Vulnerability ManagementSecurity Practicesnews Boys’ club mentality still a barrier to women’s success in cybersecurity careersBy John LeydenApr 10, 20245 minsCareersSecurity newsGathid’s new access mapping tech promises affordable and streamlined IAMBy Shweta Sharma Apr 10, 20243 minsIdentity and Access ManagementSecurity Software opinionWhy global warnings about China’s cyber-espionage matter to CISOsBy Christopher Burgess Apr 10, 20248 minsCSO and CISOGovernmentSocial Engineering news analysisResearchers uncover evasion data exfiltration techniques that can be exploited in SharePointBy Lucian Constantin Apr 09, 20246 minsThreat and Vulnerability ManagementData and Information SecurityNetwork Security newsCohesity partners with Intel to solve insider threat challengesBy Prasanth Aby Thomas Apr 09, 20243 minsEncryptionSecurity Software newsSysdig digs up a ransomware gang in stealth for over a decade By Shweta Sharma Apr 09, 20244 minsRansomware feature5 groups that support diversity in cybersecurity By Linda Rosencrance Apr 09, 20248 minsCSO and CISOCertificationsHuman Resources More security newsnewsUS Environmental Protection Agency hack exposes data of 8.5 million users The leaked database has personal information of users including name, email, phone numbers, and address.By Shweta Sharma Apr 08, 2024 3 minsData Breachnews analysisGoogle Chrome aims to solve account hijacking with device-bound cookiesNew feature is designed to stop bad actors from intrusions that rely on stealing session cookies by using TPM crypto processors to securely store keys locally.By Lucian Constantin Apr 05, 2024 8 minsBrowser SecurityInternet SecurityIdentity and Access ManagementnewsAn onslaught of security flaws pushes Ivanti into security redesign Ivanti plans to revamp core engineering and security operations to arm against frequent and evolved adversary activities. By Shweta Sharma Apr 05, 2024 3 minsSecurity SoftwareVulnerabilitiesnewsNew CISO appointments 2024Keep up with news of CSO, CISO, and other senior security executive appointments.By CSO Staff Apr 05, 2024 10 minsCSO and CISOIT JobsIT GovernancenewsTop cybersecurity product news of the weekNew product and service announcements from Fortinet, Trustwave, Sonrai, Black Kite and MineBy CSO staff Apr 05, 2024 74 minsGenerative AISecuritynewsCyberattack forces Omni Hotels to shut down its IT systemsOmni shut down its IT systems in response to an attack it faced on Friday, disrupting key operations including reservations, payments, and point-of-sale systems. By Shweta Sharma Apr 04, 2024 4 minsCyberattacksnews analysisChinese APT group deploys defense-evading tactics with new UNAPIMON backdoorWidespread campaign employs DLL hijacking and abuses VMware Tools through injected malware.By Lucian Constantin Apr 04, 2024 5 minsAdvanced Persistent ThreatsHacker GroupsHackingnewsUS government blames 2023 Exchange breach on ‘preventable’ security failures by MicrosoftThe US Department of Homeland Security’s Cyber Safety Review Board is calling for industrywide change to help prevent high-impact situations.By Sascha Brodsky Apr 03, 2024 4 minsData BreachGovernmentData and Information SecuritynewsSecurity concerns could be holding back AI projectsWhile considering AI adoption, most organizations are concerned about data privacy, integrity, and security. By Shweta Sharma Apr 03, 2024 4 minsRisk Managementnews analysisDangerous XZ Utils backdoor was the result of years-long supply chain compromise effortCaught before it could do widespread damage, the sophisticated vulnerability could have been one of the highest-impact software supply chain breaches to date.By Lucian Constantin Apr 02, 2024 10 minsData and Information SecuritySupply ChainVulnerabilitiesnewsGoogle agrees to delete a ton of user data to settle ‘incognito’ lawsuitThe agreement on the settlement over the $5 billion class action lawsuit also includes Google’s pledge to enhance its disclosure policies.By Prasanth Aby Thomas Apr 02, 2024 4 minsBrowser SecurityData PrivacyLegalnewsAT&T suffers critical breach impacting 73 million customersData released on the dark web impacts 7.6 million existing account holders and 65.4 million past subscribers.By Shweta Sharma Apr 01, 2024 4 minsData Breach Show more Show less Explore a topic Generative AI Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security View all topics All topics Close Generative AI Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Popular topicsGenerative AI featureKeeping up with AI: OWASP LLM AI Cybersecurity and Governance ChecklistBy Chris Hughes Mar 14, 2024 10 minsGenerative AISecurity PracticesOpen Source newsMicrosoft reveals general availability of Copilot for SecurityBy Samira Sarraf Mar 13, 2024 4 minsGenerative AIThreat and Vulnerability Management featureGenerative AI poised to make substantial impact on DevSecOpsBy Maria Korolov Mar 11, 2024 12 minsDevSecOpsGenerative AI View topic Cybercrime opinionWhat is the dark web? How to access it and what you’ll findBy Darren Guccione Apr 02, 2024 13 minsData BreachTechnology IndustryCybercrime newsThe US indicts 7 Chinese nationals for cyber espionageBy Sandeep Budki Mar 26, 2024 6 minsCyberattacksCybercrime news analysisNew phishing campaign targets US organizations with NetSupport RATBy Lucian Constantin Mar 21, 2024 3 minsPhishingCyberattacksMalware View topic Careers featureRecruit for diversity: Practical ways to remove bias from the hiring processBy Aimee Chanthadavong Apr 01, 2024 8 minsCareers featureThe CSO guide to top security conferencesBy CSO Staff Apr 01, 2024 17 minsTechnology IndustryIT SkillsEvents opinionAre you okay? Understanding the world of a CISOBy Tyler Farrar Mar 28, 2024 5 minsCSO and CISOCareers View topic IT Leadership featureWhen the boss doesn’t fit: Cybersecurity workforce more diverse than its managersBy Christine Wong Mar 26, 2024 10 minsCSO and CISOHuman ResourcesIT Leadership opinionThe cybersecurity skills shortage: A CISO perspectiveBy Jon Oltsik Mar 26, 2024 6 minsCSO and CISOIT SkillsIT Training featureWhy more women aren’t CISOs and how to change thatBy Rosalyn Page Mar 21, 2024 13 minsCSO and CISOCareersIT Leadership View topic Upcoming Events11/Apr virtual event Data, Analytics & AI SummitApr 11, 2024Virtual Summit Data and Information Security 14/May in-person event FutureIT Boston 2024: AI, Data, & Tech LeadershipMay 14, 2024Boston, MA IT Leadership 18/Jun in-person event FutureIT Chicago: Building the Digital Business with Cloud, AI and SecurityJun 18, 2024Chicago, IL Technology Industry View all events In depth featureWho owns your data? SaaS contract security, privacy red flagsCompanies looking to use SaaS solutions should involve the security team in the procurement process and pay attention to contract language.By Andrada FiscuteanMar 27, 202410 mins Data and Information Security Read the Article Podcasts podcastsSponsored by Microsoft SecurityStrengthen and Streamline Your SecurityThis podcast series brought to you by Microsoft and IDG, will explore the core components of a modern security strategy, with insights and tips from leading security experts. We’ll discuss how ongoing and ever-changing threats, a growing security stack, and a shift to remote work make it difficult for CISOs and their security teams to balance enterprise-grade security with end-user productivity.4 episodesData and Information Security Ep. 03 Episode 3: The Zero Trust Model Mar 25, 202115 mins Multi-factor AuthenticationCSO and CISORemote Work Ep. 04 Episode 4: Reduce SOC burnout Mar 29, 202115 mins CSO and CISOPhishingRemote Work Show me moreLatestArticlesPodcastsVideos feature US federal agencies get first crack at expanded Microsoft 365 logging capabilities By Susan Bradley Apr 08, 20247 mins Windows SecurityNetwork SecuritySecurity Practices feature General Data Protection Regulation (GDPR): What you need to know to stay compliant By Michael Nadeau Apr 04, 202421 mins ComplianceData and Information SecurityPrivacy brandpost Sponsored by Fortinet Strengthening cyber resiliency through collaboration By Suzanne Spaulding, Fortinet Strategic Advisory Council Apr 03, 20246 mins Security podcast CSO Executive Sessions: Geopolitical tensions in the South China Sea – why the private sector should care Apr 02, 202416 mins CSO and CISO podcast CSO Executive Sessions: 2024 International Women's Day special Mar 13, 202410 mins CSO and CISO podcast CSO Executive Sessions: Former convicted hacker Hieu Minh Ngo on blindspots in data protection Feb 20, 202421 mins CSO and CISO video CSO Executive Sessions: Geopolitical tensions in the South China Sea – why the private sector should care Apr 01, 202416 mins CSO and CISO video CSO Executive Sessions: 2024 International Women's Day special Mar 13, 202410 mins CSO and CISO video LockBit feud with law enforcement feels like a TV drama Mar 05, 202456 mins RansomwareArtificial Intelligence