Article, CSO and Technology - Cyber Security Informer

Exposure Management Works When the CIO and CSO Are in Sync

Security Boulevard

APRIL 28, 2025

In this post, Tenable CIO Patricia Grant looks at how the CIO/CSO relationship is key to a successful exposure management program. When I first joined Tenable, one of the first things I did was sit down with our CSO, Robert Huber , to align on how we were going to work together. So, my advice to fellow CIOs: Stay close to your CSO.

CSO

CSO Risk Cyber Risk CISO

The CSO role today: Responsibilities and requirements for the top security job

CSO Magazine

MAY 20, 2021

CSO definition. A CSO is a departmental leader responsible for information security, corporate security or both. That's the simplest answer to the question "What is a CSO?", At many companies, the term CSO is still used in this way. To read this article in full, please click here

CSO

CSO CISO Information Security Technology

CSO's ultimate guide to security and privacy laws, regulations, and compliance

CSO Magazine

JANUARY 28, 2021

CSO's ultimate guide to security and privacy laws, regulations, and compliance Security and privacy laws, regulations, and compliance: The complete guide This directory includes laws, regulations and industry guidelines with significant security and privacy impact and requirements. To read this article in full, please click here

CSO

CSO Financial Services Consumer Protection Data privacy

Recent shadow IT related incidents present lessons to CISOs

CSO Magazine

AUGUST 12, 2021

Sign up for CSO newsletters. ]. Operating within an enclaved system means direct user access to more advanced technologies from their workstations wasn’t happening. They do have the challenge of employees using technology and applications with capabilities that far outstrip their ability to keep up.

CISO

CISO CSO Technology Government

11 technologies improving database security

CSO Magazine

JULY 12, 2021

Now, sophisticated tools and technologies are making it possible for database developers to have their cake and, to stay in metaphor, not count the calories by keeping the information private. To read this article in full, please click here (Insider Story)

Technology

Why CISO roles require business and technology savvy

CSO Magazine

OCTOBER 12, 2022

This was a few years ago, and one can only guess that the role had been created by a technologist who didn’t care about or didn’t understand the business—or, inversely by a businessperson who didn’t understand enough about technology. To read this article in full, please click here In either case, the disconnect is real.

CISO

CISO Technology Advertising

New Intel CPU-level threat detection capabilities target ransomware

CSO Magazine

JANUARY 19, 2021

Keep up on the latest thought leadership, insights, how-to, and analysis on IT security through CSO Online’s newsletters. ]. These include things like trusted execution, virtualization, memory encryption, runtime BIOS resilience and threat detection technology ( Intel TDT ). To read this article in full, please click here

Threat Detection

Threat Detection CSO Ransomware Mobile

What is physical security? How to keep your facilities and devices safe from on-site attackers

CSO Magazine

AUGUST 4, 2021

Get the latest from CSO by signing up for our newsletters. ]. To read this article in full, please click here All the firewalls in the world can’t help you if an attacker removes your storage media from the storage room. Learn what you need to know about defending critical infrastructure. |

Artificial Intelligence

Artificial Intelligence CSO IoT Firewall

Biden memo, infrastructure deal deliver cybersecurity performance goals and money

CSO Magazine

JULY 30, 2021

Get the latest from CSO by signing up for our newsletters. ]. To read this article in full, please click here Both efforts aim to prepare the nation for the next significant cybersecurity incidents, making up for lost time due to the previous administration's relative inattention to the topic.

Cybersecurity

Cybersecurity CSO Technology

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

CSO Magazine

AUGUST 3, 2021

The US General Accountability Office (GAO) issued the 19-page report , “Cybersecurity and Information Technology: Federal Agencies need to Strengthen Efforts to Address High-Risk Areas” on July 29. Sign up for CSO newsletters. ]. To read this article in full, please click here

CSO

CSO Cybersecurity Government Accountability

How deepfakes enhance social engineering and authentication threats, and what to do about it

CSO Magazine

OCTOBER 25, 2021

Deepfake technology is an escalating cybersecurity threat to organizations. Get the latest from CSO by signing up for our newsletters. ] Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here Learn what makes these 6 social engineering techniques so effective. |

Social Engineering

Social Engineering Engineering Authentication CSO

Top cybercrime gangs use targeted fake job offers to deploy stealthy backdoor

CSO Magazine

APRIL 6, 2021

Check out these 11 phishing prevention tips for best technology practices, employee education and social media smarts. | Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Cybercrime

Cybercrime CSO Education Media

6 zero trust myths and misconceptions

CSO Magazine

OCTOBER 18, 2021

Interest in zero trust is surging, according to IDG’s 2020 Security Priorities Study, with 40% of survey respondents saying they are actively researching zero trust technologies, up from only 11% in 2019, and 18% of organizations indicating they already have zero trust solutions, more than double the 8% in 2018.

CSO

CSO Marketing Technology

6 risk factors to know when hiring an MSSP

CSO Magazine

AUGUST 13, 2021

Sign up for CSO newsletters. ]. The analyst firm discovered that CISOs everywhere are struggling to justify their spending on MSSPs to non-security executives because of a lack of proper metrics and because of technology complexity—among other things. To read this article in full, please click here

Risk

Risk CSO CISO Technology

US charges four suspected Chinese spies who coordinated APT40 hackers

CSO Magazine

JULY 19, 2021

Sign up for CSO newsletters. ]. According to the indictment , the APT40 group operated out of a company called Hainan Xiandun Technology Development that was used as a front by the Hainan State Security Department (HSSD), an arm of MSS in the province of Hainan. To read this article in full, please click here

CSO

CSO Technology Cybersecurity

Coca-Cola trade secret theft underscores importance of insider threat early detection

CSO Magazine

APRIL 6, 2021

She is accused of trade secret theft and economic espionage after allegedly stealing bisphenol-A-free (BPA-free) technologies owned by several companies, including her former employers Coca-Cola and Eastman Chemical Company. The value placed on the development of the stolen technologies is $119.6 Sign up for CSO newsletters. ].

CSO

CSO Threat Detection Technology Cybersecurity

Top cybersecurity M&A deals for 2022

CSO Magazine

JANUARY 14, 2022

Many of the 2021 transactions CSO reported were in the identity and cloud security markets, especially toward the end of the year. Recorded Future’s acquisition of SecurityTrails is an early 2022 example, as it adds attack surface monitoring technology to Recorded Future’s offerings. To read this article in full, please click here

CSO

CSO Cybersecurity Marketing Technology

Chris Wysopal: Open source is becoming a national security risk

CSO Magazine

MAY 25, 2022

Chris Wysopal, founder and chief technology officer of application security company Veracode, sat down with CSO Senior Writer Lucian Constantin at a recent Security Summit to discuss just that. To read this article in full, please click here

CSO

CSO Risk Software Government

Google launches Secure AI Framework to help secure AI technology

CSO Magazine

JUNE 9, 2023

Google, owner of the generative AI chatbot Bard and parent company of AI research lab DeepMind, said a framework across the public and private sectors is essential for making sure that responsible actors safeguard the technology that supports AI advancements so that when AI models are implemented, they’re secure-by-default.

Technology

Technology Risk

How to choose an endpoint protection suite

CSO Magazine

SEPTEMBER 28, 2021

Studies show that CSO readers are most likely to know that endpoint protection is the modern iteration of the antivirus tools of previous generations. To read this article in full, please click here Okay, I made that first part up, but the second part is, of course, true. Endpoint protection covers much more than antimalware.

Antivirus

Antivirus CSO Spyware Phishing

BrandPost: The state of operational technology and cybersecurity

CSO Magazine

MAY 26, 2023

Today, the convergence of operational technology (OT) and IT networks is accelerating because organizations can use the data collected by physical equipment and Industrial Internet of Things (IIoT) devices to identify issues and increase efficiency. To read this article in full, please click here

Technology

Technology Cybersecurity Data collection Internet

GAO calls out US government agencies: Get your supply chain security act together

CSO Magazine

JUNE 8, 2021

In May 2021, the GAO’s director of information technology and cybersecurity, Vijay A. Get the latest from CSO by signing up for our newsletters. ]. To read this article in full, please click here D’Souza, testified before Congress on supply chain risks.

Government

Government CSO Risk Accountability

5 best practices for designing application logs

CSO Magazine

AUGUST 11, 2021

Sign up for CSO newsletters. ]. Schmitt, who is now in her early 30s, has always been passionate about technology, so she didn't buy into this. To read this article in full, please click here She shouldn't worry—maybe it's just stress.

CSO

CSO Technology Cybersecurity

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan

CSO Magazine

OCTOBER 6, 2021

The goal of the attacks is the theft of information about the victims' infrastructure, technology and critical assets. [ Sign up for CSO newsletters ! ] To read this article in full, please click here How well do you know these 9 types of malware and how to recognize them.

CSO

CSO Technology Malware

Threat intelligence programs poised for growth

CSO Magazine

JUNE 12, 2023

In my last CSO article , I detailed cybersecurity professionals’ opinions on the characteristics of a mature cyber-threat intelligence (CTI) program. To read this article in full, please click here

CSO

CSO Cyber threats Technology Cybersecurity

Uber CISO's trial underscores the importance of truth, transparency, and trust

CSO Magazine

MAY 19, 2022

Case in point: A federal judge recently ordered Uber Technologies to work with its former CSO, Joseph Sullivan (who held the position from April 2015 to November 2017), and review a plethora of Uber documents that Sullivan has requested in unredacted form for use in his defense in the upcoming criminal trial.

CISO

CISO CSO Data breaches Media

BrandPost: Three Essential Security Technologies to Combat Ransomware

CSO Magazine

SEPTEMBER 29, 2021

This can be attributed to a perfect storm of factors: To read this article in full, please click here In fact, a recent ransomware survey demonstrates that ransomware has become the top threat concern for most organizations globally.

Ransomware

Ransomware Technology

Johnson & Johnson CISO Marene Allison: ‘You can’t sit on today’s technology’

CSO Magazine

JULY 15, 2022

To read this article in full, please click here “It’s important to understand I’m here to protect this company that is focused on human healthcare. It’s a very, very important mission that I take seriously every single day.” Allison is accustomed to missions.

CISO

CISO Technology Manufacturing Healthcare

Morgan Stanley’s Rachel Wilson on the democratization of cybercrime

CSO Magazine

APRIL 12, 2022

Wilson was opening keynote speaker at the recent CSO UK Security Summit where she reflected upon the biggest changes in the risk and security landscape and how CISOs must respond to lead teams and embrace emerging opportunities. To read this article in full, please click here What follows are highlights from that presentation.

Cybercrime

Cybercrime CSO CISO Technology

BrandPost: Overcoming the Top Technology, Process, and People Challenges Faced by CISOs

CSO Magazine

DECEMBER 19, 2022

First, is the tie to their current technology, which often suffers from complexity and siloed operations that prevent automation. Many organizations struggle to define the right process within their teams, technology stacks, and across users and suppliers. To read this article in full, please click here

CISO

CISO Technology

IT asset disposal is a security risk CISOs need to take seriously

CSO Magazine

JUNE 21, 2021

Asset disposal normally isn’t one of those burning topics that is top-of-mind for CISOs, yet every CISO must be able to address it when asked to describe their information technology asset disposal (ITAD) program. Sign up for CSO newsletters. ]. . Sign up for CSO newsletters. ].

CISO

CISO Risk CSO Accountability

BrandPost: Your Employees Aren’t the Problem—It’s Your Technology

CSO Magazine

OCTOBER 15, 2021

To read this article in full, please click here After all, the increase in remote work naturally leads to increased insider risk. And for those who have cast their security spotlight on external threats, maybe this is a timely wake-up call to look within (quite literally).

Technology

Technology Risk Cybersecurity

BrandPost: The Cybercrime Crisis: Advanced & Automated DDoS Technology is Essential NOW

CSO Magazine

NOVEMBER 5, 2021

To read this article in full, please click here But as this Infographic shows, the avidity of the threat actors’ response is a clear indicator of the need for an integrated global response to combat the cybercrime crisis.

Cybercrime

Cybercrime Technology DDOS

DXC Technology says global network is not compromised following Latitude Financial breach

CSO Magazine

MARCH 30, 2023

Soon after Latitude Financial revealed it suffered a cyber attack, DXC Technology quietly published a note on its website stating its global network and customer support networks were not compromised. To read this article in full, please click here

Technology

Technology Insurance Cyber Attacks

How Carrier’s product security team delivers the ‘right support for the right product’

CSO Magazine

AUGUST 29, 2022

United Technologies, which had spun off Carrier, took the existing product security function with it. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ]. “We We didn’t want to replicate what United Technologies was doing, because it was focused on aerospace. To read this article in full, please click here

CSO

CSO Technology Cybersecurity

SecureAuth unveils new end-to-end access and authentication solution

CSO Magazine

JUNE 2, 2022

The platform, Arculix, combines orchestration, passwordless technology and continuous authentication and can be deployed out of the box with any industry-standard identity provider as an end-to-end solution or as augmentation to an existing identity and access management (IAM) scheme. To read this article in full, please click here

Authentication

Authentication Artificial Intelligence CSO Passwords

Tracking device technology: A double-edged sword for CISOs

CSO Magazine

MARCH 6, 2023

To read this article in full, please click here Now we see that Google is jumping into the fray, with the soon-to-be-released tracking device in development apparently codenamed “Grogu” (after the Baby Yoda character in the “Star Wars” spinoff “The Mandalorian”).

CISO

CISO Technology Cybersecurity

CompTIA Security+: Prerequisites, obectives, and cost

CSO Magazine

AUGUST 2, 2021

CompTIA Security+ is a security certification offered by the Computing Technology Industry Association (CompTIA), a U.S.-based To read this article in full, please click here based trade and industry nonprofit. Like any well-regarded certification, CompTIA Security+ can help boost your career and your earning power.

Technology

7 tenets of zero trust explained

CSO Magazine

JULY 27, 2021

For that reason, the National Institute of Standards and Technology (NIST) published NIST SP 800-207 Zero Trust Architecture , which describes the following seven tenets of zero trust. To read this article in full, please click here (Insider Story)

Architecture

Architecture Technology

Preparing for the quantum-safe encryption future

CSO Magazine

MARCH 17, 2022

Organizations, technology providers, and internet standards will therefore soon be required to transition to quantum-safe encryption. To read this article in full, please click here

Encryption

Encryption Banking Technology Internet

SASE is coming, but adoption will be slow (especially for large enterprises)

CSO Magazine

APRIL 29, 2021

Large enterprises have been better able to adapt to this new reality, having access to larger IT budgets and skilled employees, but small and medium-sized businesses are struggling to keep up with the access control, monitoring and threat detection technologies needed to defend their local and remote assets.

Architecture

Architecture Threat Detection Technology

Top 8 cybersecurity predictions for 2022

CSO Magazine

JANUARY 6, 2022

While enterprises tout their efforts to accelerate digital transformation efforts, for security leaders in business there is a dark side to the rapid deployment of new technology. Meanwhile, CSOs also must help ensure their organizations are in compliance with new regulations. To read this article in full, please click here

Digital transformation

Digital transformation Cybersecurity Technology

Botnet attacks on APIs: Why most companies are unprepared

CSO Magazine

JUNE 29, 2021

As with many new technologies, security is lagging behind. To read this article in full, please click here (Insider Story) As companies move applications to the cloud and expose functionality via application programming interfaces (APIs), criminals have been moving quickly to take advantage of this newly exposed attack surface.

Technology

McAfee, FireEye merger yields Trellix, a unified XDR security company

CSO Magazine

JANUARY 21, 2022

Trellix, a new company formed from the merger of cybersecurity giants McAfee Enterprise and FireEye, is intent on becoming the leader in XDR (extended detection and response) technology by combining applications from both of the formerly separate companies into an interoperable suite of products for threat prevention, detection and response.

Technology

Technology Cybersecurity

Exposure Management Works When the CIO and CSO Are in Sync

The CSO role today: Responsibilities and requirements for the top security job

Trending Sources

CSO's ultimate guide to security and privacy laws, regulations, and compliance

Recent shadow IT related incidents present lessons to CISOs

11 technologies improving database security

Why CISO roles require business and technology savvy

New Intel CPU-level threat detection capabilities target ransomware

What is physical security? How to keep your facilities and devices safe from on-site attackers

Biden memo, infrastructure deal deliver cybersecurity performance goals and money

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

How deepfakes enhance social engineering and authentication threats, and what to do about it

Top cybercrime gangs use targeted fake job offers to deploy stealthy backdoor

6 zero trust myths and misconceptions

6 risk factors to know when hiring an MSSP

US charges four suspected Chinese spies who coordinated APT40 hackers

Coca-Cola trade secret theft underscores importance of insider threat early detection

Top cybersecurity M&A deals for 2022

Chris Wysopal: Open source is becoming a national security risk

Google launches Secure AI Framework to help secure AI technology

How to choose an endpoint protection suite

BrandPost: The state of operational technology and cybersecurity

GAO calls out US government agencies: Get your supply chain security act together

5 best practices for designing application logs

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan

Threat intelligence programs poised for growth

Uber CISO's trial underscores the importance of truth, transparency, and trust

BrandPost: Three Essential Security Technologies to Combat Ransomware

Johnson & Johnson CISO Marene Allison: ‘You can’t sit on today’s technology’

Morgan Stanley’s Rachel Wilson on the democratization of cybercrime

BrandPost: Overcoming the Top Technology, Process, and People Challenges Faced by CISOs

IT asset disposal is a security risk CISOs need to take seriously

BrandPost: Your Employees Aren’t the Problem—It’s Your Technology

BrandPost: The Cybercrime Crisis: Advanced & Automated DDoS Technology is Essential NOW

DXC Technology says global network is not compromised following Latitude Financial breach

How Carrier’s product security team delivers the ‘right support for the right product’

SecureAuth unveils new end-to-end access and authentication solution

Tracking device technology: A double-edged sword for CISOs

CompTIA Security+: Prerequisites, obectives, and cost

7 tenets of zero trust explained

Preparing for the quantum-safe encryption future

SASE is coming, but adoption will be slow (especially for large enterprises)

Top 8 cybersecurity predictions for 2022

Botnet attacks on APIs: Why most companies are unprepared

McAfee, FireEye merger yields Trellix, a unified XDR security company

Stay Connected