Videos
Angel Redoble, Chairman and Founding President of the Philippine Institute of Cyber Security Professionals, joins Xiou Ann Lim for this CSO Executive Sessions interview. They will discuss why organisations need a dedicated CISO, if CIOs should report...
Maria Carmela Migriño, Vice President and Group CISO of Meralco and subsidiaries, joins Xiou Ann Lim for this CSO Executive Sessions interview. They will explore areas of opportunity for strengthening cybersecurity in the energy industry, discuss Me...
Christopher Lek, Director at Nanyang Technological University, joins Xiou Ann Lim for this CSO Executive Sessions interview. They will discuss why it is important to understand the business drivers and cybersecurity culture in each organisation, chal...
Steven Sim, President of ISACA’s Singapore Chapter, joins Xiou Ann Lim for this CSO Executive Sessions interview. They will discuss how joining an association like ISACA would benefit cybersecurity professionals and students, what ISACA is doing to...
Jason Lau, CISO at Crypto.com, joins host Xiou Ann Lim for this CSO Executive Sessions interview. They will discuss how having a growth mindset is necessary to thrive in cybersecurity, how industry collaboration and data-sharing can help protect cryp...
Recently, U.S. Cyber Command confirmed it has acted against ransomware groups, underscoring the importance of cybersecurity to national security. Effective risk management frameworks, such as the NIST Cybersecurity Framework, can help organizations a...
VPNs are a remote work staple, but they’re hardly the most secure way to access corporate data. CSO Online’s UK Editor, Michael Hill, joins Juliet to explain why overreliance on VPNs poses a security risk, and what alternatives enterprises should...
The new Microsoft Defender for Business makes important Windows security features more available to small businesses.
CISO Joanna Burkey shares how HP, Inc. leverages a balanced, zero trust model that leans on modern tools and practices and diverse talent.
With more than 3 million cybersecurity roles estimated to be unfilled across the globe, security leaders must evolve their hiring and team development strategies. Learn what a smarter approach to recruitment and retention will mean for organizations.
XDR is one of security's buzziest acronyms—and for good reason. XDR, which stands for eXtended Detection and Response, promises to provide more timely and accurate threat detection by gathering and processing data from an integrated set of security...
As enterprises build up their mobile, edge and cloud deployments, they're being challenged to deliver a more efficient, scalable network-security architecture. Secure access service edge (SASE) is the convergence of security and networking in a cloud...
Set aside some time to inventory and analyze the software and settings on your network to identify risks.
With more than 35,000 employees covering the insurance needs of more than 6 million members in Pennsylvania, Delaware, West Virginia and New York, Highmark Health is an independent licensee of the Blue Cross Blue Shield Association. CISO Omar Khawaja...
Minneapolis-based Target Corporation serves guests at nearly 1,900 stores and at Target.com. Of all of the industries impacted severely by the pandemic, retail was one hit most drastically. Yet Target was one of those businesses that was able to tran...
With 24,000 employees and customers in more than 100 countries, Rockwell Automation is a global leader in industrial automation and digital transformation. As industries rely more and more on operational technology (OT), they can be vulnerable if the...
A new zero-day vulnerability allows attackers to gain network access through Microsoft 365 documents. Here’s how to stop it.
Celanese Corporation is a global chemical leader in the production of differentiated chemistry solutions and specialty materials used in most major industries and consumer applications. With IT and OT environments exposed to risk, the organization mu...
SMBs typically outsource some or all their IT services to an MSP. Here’s how to find one that takes security seriously.
Most businesses will have some PCs that they can’t update to Windows 11. Here’s how to keep those PCs from being a security weak link.
With more than 70,000 employees, BD is one of the largest global medical technology companies in the world and is advancing the world of health by improving medical discovery, diagnostics and the delivery of care. At BD, security spans a spectrum fro...
Understand these basic elements of computer forensics before you have to review log data for suspicious activity.
The new MITRE D3FEND knowledge graph of cybersecurity countermeasures offers solid guidance for Windows admins.
Here’s what your systems need before you can take advantage of Windows 11’s security features, and how to upgrade where possible.
As AI deployments proliferate for better decision making, they also present risks across a large spectrum – from job displacement and socioeconomic inequality, to automated bias, to data poisoning, privacy violations, and AI threats used by bad act...
With more than a half-million employees around the world, Accenture has a long history of supporting employees with technology as they visit clients. Those roots are what informed the organization’s traditional focus on the workstation, endpoint an...
Join IDC analysts Brandon Butler and Christopher Rodriguez as they talk with Network World’s Ann Bednarz about the SASE model for streamlining network access and improving security. Deployed as a cloud service, it blends SD-WAN’s network optimiza...
A single compromised password allowed attackers access to Colonial Pipeline’s network. Chaos ensued. This advice will help you avoid that fate.
Managing risk across an extended supply chain is extremely challenging for organizations of all sizes. The sheer volume of connected components that communicate, store, and process data will continue to expand the attack surface, and increase organiz...
Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads cryptomining code on the computer or by infecting a website or...
ADP’s Senior Director, ESI Business Security Office and Global Programs Omar Prunera leads the development of ADP’s Security Ambassadors for Excellence (S.A.F.E.) program to inform and train employees about security, improve their knowledge and b...
Before you worry about implementing the “best” security practices, make sure you’re doing these minimum practices.
Coast Capital Savings Director of Information Security Stephen Pedersen leads a team that focuses on cybersecurity along with fraud prevention and detection as it expands its business nationally through a digital banking platform. Join us to learn ho...
Brad Wells, Executive Director, Information Security, and Kandice Samuelson, Senior Director, IT Governance at PPD lead a team enhancing PPD's inventory tracking system that identifies PPD’s most valuable assets. Join us to learn how they distribut...
NTLM is a less secure protocol for authenticating network access. Follow these steps to begin migration off it.
CSO senior writer Lucian Constantin knows that paying ransomware demands should be avoided -- unless lives are on the line or the survival of a business is at stake. Join us as Lucian talks about the role of the ransomware negotiator, the person call...
Keep these key points regarding cloud vs. on-premises security as you move to the cloud.
The SolarWinds breach represents a tectonic shift in threat actor tactics, suggesting this kind of attack vector will be replicated. Not only were the attacker’s sophistication and technical proficiency high -- allowing them to stay in stealth mode...
Every CISO understands how passwords across the workforce are difficult to remember, drive up help desk costs, and impede workforce productivity with ongoing password change requirements. And while single sign-on environments reduce some inefficienci...
Richard Harknett, PhD., Co-Director of the Ohio Cyber Range Institute, has examined the SolarWinds hack that’s not only dominated the news for months, but is defined by the level of sophistication, persistence, and patience exhibited by the attacke...
The largest fuel pipeline in the United States, Colonial Pipeline, halted operations because of a ransomware attack. The attack was carried out by the cybercriminal group DarkSide. Much of the pipeline remains offline, although the pipeline operator ...
These are the most important actions to take once your Windows network is breached.
Today’s security challenges – from Solarwinds to ransomware, regulation, hybrid workforces, data privacy, critical infrastructure and more -- pose unique risks to various global regions. Join us as CSO’s editors around the world discuss the top...
Ransomware and other attackers will often try to escalate privileges once inside Windows systems. These tips can make that harder to do.
Security solutions from startup companies can be unique opportunities for an organization to fill critical gaps for a specific security need. That said, the way to consider a startup’s solution -- along with the relationship your organization has w...
IDG convened 30 senior IT executives as part of our CIO Think Tank Program to explore key opportunities and challenges with multicloud – including security issues IT leaders face in building a true multicloud architecture. Join us as we shed light ...
Research on the most common techniques attackers used to breach systems provides insight on where to focus your defenses.
PwC Chief Information and Technology Officer James Shira is an expert on managing security's big picture. With the growing focus on risk management from boards and senior leadership, James shares advice on keeping security and risk management a top p...
Follow this advice to help prevent domain password compromise or lateral movement should your password be compromised.
Changing the Kerberos password will help prevent golden ticket attacks on Active Directory.