Risk Management | CSO Online

Editor’s picks: Managing modern risks

Download the AI Risk Management Enterprise Spotlight

We explore the risks to both IT and the business from the use of AI. The goal of your risk management efforts should be to gain the most value from AI as a result.

By CSOonline.com and CIO.com staff

03 Mar 20251 min

Risk Management

Enterprise Buyer’s Guides

DSPM buyer’s guide: Top 12 data security posture management tools

DSPM tools help security teams to look at the entire data environment and find shadow data, reducing the risk of data loss

02 Apr 2024 14 mins

Data and Information Security Enterprise Buyer’s Guides Risk Management

Buyer’s guide: How to choose a certificate management tool

19 May 2022 11 mins

Encryption Enterprise Buyer’s Guides Internet Security

Linux, macOS users infected with malware posing as legitimate Go packages

Threat actors are typosquatting popular Go packages such as Hypert and Layout to drop malware on Linux and macOS systems.

By Shweta Sharma

07 Mar 20253 mins

MalwareSecurity

8 obstacles women still face when seeking a leadership role in IT

By Christina Wood

07 Mar 20258 mins

CareersIT Leadership

What is risk management? Quantifying and mitigating uncertainty

By Josh Fruhlinger

07 Mar 202510 mins

IT Governance FrameworksIT LeadershipRisk Management

Chinese APT Silk Typhoon exploits IT supply chain weaknesses for initial access

By Lucian Constantin

06 Mar 20256 mins

Advanced Persistent ThreatsGovernmentHacker Groups

US charges 12 Chinese hackers in major government-backed espionage campaign

By Gyana Swain

06 Mar 20255 mins

CybercrimeSecurity

Badbox Android botnet disrupted through coordinated threat hunting

By Shweta Sharma

06 Mar 20254 mins

Android SecuritySecurity

60% of cybersecurity pros looking to change employers

By John Leyden

06 Mar 20255 mins

CareersIT Leadership

The risks of standing down: Why halting US cyber ops against Russia erodes deterrence

By Christopher Whyte

06 Mar 20258 mins

Advanced Persistent ThreatsCSO and CISOThreat and Vulnerability Management

Ransomware goes postal: US healthcare firms receive fake extortion letters

By John E. Dunn

05 Mar 20256 mins

RansomwareSecurity

Articles

DOGE’s US worker purge has created a spike in insider risk

Summarily firing workers who have access to national secrets is creating a nearly unprecedented environment for classified data exposure, writes CIA Distinguished Career Intelligence Medal awardee Christopher Burgess.

By Christopher Burgess

25 Feb 2025 6 mins

CSO and CISOGovernmentGovernment IT

UK monitoring group to classify cyber incidents on earthquake-like scale

The Cyber Monitoring Centre (CMC) aims to establish a ‘consistent and objective framework’ to provide clarity to enterprise insurance buyers.

By John Leyden

12 Feb 2025 5 mins

Data BreachIT Governance FrameworksIncident Response

Why honeypots deserve a spot in your cybersecurity arsenal

Honeypots are another tool in the toolbox for proactive cybersecurity leaders looking to get insight into what the bad guys are doing and help mitigate organizational risks.

By Chris Hughes

05 Feb 2025 6 mins

Advanced Persistent ThreatsRisk ManagementSecurity Practices

7 tips for improving cybersecurity ROI

From scenario-based risk assessments to leveraging AI, security leaders share advice on squeezing more value out of your current cybersecurity investments.

By John Edwards

04 Feb 2025 8 mins

CSO and CISOIT StrategyROI and Metrics

Download the Agentic AI Enterprise Spotlight

In this issue, we explore the emerging field of agentic AI, which brings more autonomy to IT-managed systems — with both promise and peril.

By CSO, InfoWorld, and CIO.com staff

02 Feb 2025 1 min

Generative AIIT StrategyRisk Management

Warning to FortiGate admins: You need to run a compromise assessment now

This comes after stolen configuration data and passwords from a two-year old hack were leaked last week.

By Howard Solomon

23 Jan 2025 5 mins

CyberattacksData BreachRisk Management

7 top cybersecurity projects for 2025

A new year opens to both fresh and persistent cybersecurity challenges. These key projects should be at the top of your 2025 to-do list.

By John Edwards

21 Jan 2025 8 mins

Cloud SecurityData and Information SecurityIT Governance

The 7 most in-demand cybersecurity skills today

Evolving IT strategies and emerging technologies and threats have organizations shuffling their cyber skills want lists, according to a recent survey of IT security managers conducted by ISC2.

By Eric Frank

12 Dec 2024 11 mins

Application SecurityCloud SecurityCompliance

11 biggest financial sector cybersecurity threats

Banks, investment, and insurance firms can expect ransomware, DDoS, compliance, and AI to be their top risks.

By John Leyden

20 Nov 2024 11 mins

PhishingRansomwareRegulation

The 10 biggest issues CISOs and cyber teams face today

From escalating cyber threats to questions about resources and security’s role in the enterprise, cyber leaders are reshaping their agendas to address several key long-standing and emerging concerns.

By Mary K. Pratt

28 Oct 2024 10 mins

CSO and CISOCyberattacksRegulation

77% of CISOs fear next big breach will get them fired

Increased pressures are putting CISOs in the hot seat, but should they bear all the blame when the inevitable comes?

By Evan Schuman

28 Oct 2024 3 mins

CSO and CISOData BreachIncident Response

7 risk management mistakes CISOs still make

Given its importance and complexity, risk management is a trap door for many CISOs. Here are seven ways to keep your enterprise from inadvertently falling into a security crisis.

By John Edwards

22 Oct 2024 8 mins

Risk ManagementSecurity