CSO–So-called confidential computing approaches allow data to remain encrypted while in use. That’s best done in hardware, and IBM, AMD and Intel are following different paths, each with its own trade-offs.
IBM, Intel, AMD take different routes to hardware-based encryption Read More »
CSO–Stressed and stretched, IT security teams look to automation for relief from high volumes of alerts from their detection and response systems. Here’s how three organizations started on the path to automated incident response.
Getting started with security automation Read More »
CSO–California’s new privacy law, AB 375, might not burden security as much as the GDPR, but details are subject to change.
California Consumer Privacy Act (CCPA): What you need to know to be compliant Read More »
CSO–Can’t update your old security information and event management system now? Use this advice to maintain its effectiveness.
8 ways to get more life out of an old SIEM Read More »
CSO–Aflac says artificial intelligence made its honeypot rollout faster, less complicated, and it produces high-quality alerts. A healthcare facility deploys deception technology for protection during the COVID crisis.
AI-powered deception technology speeds deployment, improves results Read More »
CSO–Any organization that processes credit card payments risks large fines and loss of their merchant accounts if they are not PCI DSS compliant when a breach occurs. Here’s what CISOs need to know.
8 PCI DSS questions every CISO should be able to answer Read More »
Executive management anxiety over the California Consumer Privacy Act will rise as the enforcement deadline looms. Security managers will need to know the answers to these questions.
9 CCPA questions every CISO should be prepared to answer Read More »
APIs now account for 40% of the attack surface for all web-enabled apps. OWASP has identified 10 areas where enterprises can lower that risk.
What you need to know about the new OWASP API Security Top 10 list Read More »
Jira is just the most recent company to expose its customers via a path traversal vulnerability. This risk is easily avoidable, but developers keep making the same mistake.
Directory traversal explained: Definition, examples and prevention Read More »
Every internet of things security issue will be greatly magnified in a 5G environment. Address these seven areas before you deploy your own.
7 ways 5G mobile networks will change IoT security, and how to prepare Read More »
Cybercriminals follow the money, and you need look no further than Toyota Boshoku’s recent $37 million loss to see why many are turning to BEC scams.
Business email compromise attacks cost millions, losses doubling each year Read More »
Hackers are now using rich personally identifying information, including device types and browser versions, cookies and web histories, and even voice recordings to gain account access or commit fraud.
Rich PII enables sophisticated impersonation attacks Read More »
When enterprises adopt new technology, security is often on the back burner. It can seem more important to get new products or services to customers and internal users as quickly as possible and at the lowest cost. Good security can be slow and expensive. Artificial intelligence (AI) and machine learning (ML) offer all the same
How secure are your AI and machine learning projects? Read More »
Whether through fraud or legitimate purchase, cybercriminals increasingly depend on mainstream services to support their activities.
6 ways cybercriminals use commercial infrastructure Read More »
Cyber criminals are targeting application programming interfaces to steal sensitive data. Recent exposures and hacks at companies like Venmo, Facebook and Google present lessons to improve API security.
6 API security lessons from the Venmo breach Read More »
