feature7 open source security tools too good to ignoreThese must-have open-source tools help CISOs and their teams scan for vulnerabilities, analyze protocols, run forensics, and support threat intelligence and encryption.By Peter Wayner and Fahmida RashidJun 27, 202412 minsOpen SourceSecurity feature What is digital executive protection and how does it work?By Deb RadcliffJun 26, 20248 minsCSO and CISOCyberattacksEmployee Protectionfeature 6 ways the CISO role is evolving todayBy Esther SheinJun 25, 202412 minsCSO and CISOCareersIT Leadership newsMicrosoft-owned vendor blamed for massive healthcare breachBy Shweta Sharma Jun 26, 20243 minsData BreachIdentity and Access Management opinionContinuous red-teaming is your only AI risk defenseBy David Gee Jun 26, 20247 minsPenetration TestingData and Information SecurityRisk Management opinionEvaluating crisis experience in CISO hiring: What to look for and look out forBy Christopher Whyte Jun 25, 20248 minsCSO and CISOHuman ResourcesSecurity Practices newsDid hackers steal 33TB of data from the Federal Reserve?By Shweta Sharma Jun 25, 20244 minsData BreachHacker Groups featureAre you a CISO who doesn’t know jack?By Christine Wong Jun 24, 202410 minsCSO and CISOHuman ResourcesIT Skills feature12 hottest IT security certs for higher pay todayBy Eric Frank Jun 20, 202413 minsCertificationsIT SkillsCareers More security newsnewsCyberattackers are using more new malware, attacking critical infrastructureBetween January and March of this year, there was a 40% increase in new malware over the previous reporting period, with critical infrastructure the biggest target, according to BlackBerry's Global Threat Intelligence Report.By Lynn Greiner Jun 27, 2024 2 minsCyberattacksMalwarenewsMicrosoft warns of novel jailbreak affecting many generative AI modelsAbusers can trick the model into ignoring responsible AI guardrails and responding with harmful or malicious content.By Shweta Sharma Jun 27, 2024 4 minsGenerative AIVulnerabilitiesnewsFormerly legitimate Polyfill.io domain abused to serve malicious codeEnterprises relying on its JavaScript fragments to ensure their web apps’ browser compatibility could be spreading trouble for users. By John Leyden Jun 26, 2024 3 minsWeb DevelopmentJavaScriptVulnerabilitiesnewsOrca bolsters cloud security offering with source code supportNew capabilities are designed to improve visibility into source code repositories within GitHub, and GitLab.By Shweta Sharma Jun 26, 2024 3 minsCloud SecuritySecurity SoftwarenewsCloud security faces pressure from AI growth, multicloud useCloud computing and storage are essential drivers of modern business, but its rapid adoption at a huge scale has also brought with it new security challenges to the front. By Maneesha Tiwari Jun 26, 2024 5 minsCloud SecuritynewsOrganizations with outdated security approaches getting hammered: CloudflareA new report suggests that DDoS attacks continue to increase in number and that web apps and APIs remain vulnerable spots that security teams can’t keep up with.By Paul Barker Jun 25, 2024 4 minsInternet SecuritySecurity PracticesSecurity Infrastructurenews analysisWhat prevents SMBs from adopting SSOA report from CISA describes the implementation hurdles that small and medium-sized businesses have in terms of adopting single sign-on security. By David Strom Jun 25, 2024 5 minsPasswordsSmall and Medium BusinessSingle Sign-onnewsOllama patches critical vulnerability in open-source AI-frameworkThe vulnerability could leave AI inference servers open to remote code execution that would allow them to be taken over. By John Leyden Jun 25, 2024 4 minsHackingVulnerabilitiesOpen SourcenewsUS investigates China Mobile, China Telecom, and China Unicom over data misuse concernsThe latest action reflects the administration’s ongoing approach to regulating Chinese companies that access sensitive data for business operations in the US.By Prasanth Aby Thomas Jun 25, 2024 1 minData PrivacyTelecommunications IndustrynewsCar dealerships face continued disruption as CDK works to restore hacked systemsDespite initial attempts to restore services, a secondary cyber incident on Wednesday evening caused further disruptions, necessitating another shutdown.By Gyana Swain Jun 24, 2024 4 minsHacker GroupsRansomwarenewsNew RAT digs into Android phones to steal data and encrypt filesOutdated phones infected with Rafel RAT can allow threat actors to access, encrypt, and exfiltrate sensitive user information.By Shweta Sharma Jun 24, 2024 5 minsAndroid SecurityMalwarenewsTata Communications partners with Versa Networks on hosted SASEHybrid work, SD-WAN, and digital-first adoption make enterprises more vulnerable to attack, increasing the need for SSE solutions, the company says.By Lynn Greiner Jun 21, 2024 3 minsCloud SecurityNetwork Security Show more Show less Explore a topic Generative AI Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security View all topics All topics Close Generative AI Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Popular topicsGenerative AI newsMeta delays launch of Meta AI in Europe over disagreement with regulatorsBy Lynn Greiner Jun 17, 2024 3 minsRegulationData PrivacyGenerative AI newsMicrosoft delays Recall launch amid privacy concernsBy Matthew Finnegan Jun 14, 2024 1 minWindows SecurityGenerative AIData and Information Security newsCriminals, too, see productivity gains from AIBy Lynn Greiner Jun 12, 2024 6 minsGenerative AIThreat and Vulnerability Management View topic Cybercrime brandpostSponsored by CyberArkUnderstanding APIs and how attackers abuse them to steal dataBy John Walsh, senior product marketing manager at CyberArk Jun 24, 2024 5 minsCybercrime brandpostSponsored by CyberArkWhy identity security Is essential to cybersecurity strategyBy Claudio Neiva, CyberArk’s Field Technology Director (LATAM), PAM and Identity Security Jun 24, 2024 6 minsCybercrime newsScattered Spider arrest in Spain unlikely to stop cybercrime groupBy John Leyden Jun 18, 2024 4 minsCybercrime View topic Careers featureIs it time to split the CISO role?By Rosalyn Page Jun 19, 2024 9 minsCSO and CISORisk ManagementCareers feature9 ways CSOs lose their jobsBy John Edwards Jun 18, 2024 8 minsCSO and CISOAccess ControlBusiness IT Alignment featureCCSP certification: Exam, cost, requirements, training, salaryBy Josh Fruhlinger Jun 18, 2024 8 minsCertificationsIT SkillsCloud Security View topic IT Leadership feature2024 CSO Hall of Fame honoreesBy CSO events Jun 17, 2024 4 minsData and Information SecurityRisk ManagementCareers newsNew CISO appointments 2024By CSO Staff Jun 14, 2024 17 minsCSO and CISOIT JobsIT Governance opinionThe art of saying no is a powerful tool for the CISO in the era of AIBy Clarke Rodgers May 27, 2024 5 minsCSO and CISOSecurity PracticesIT Leadership View topic Upcoming Events01/Jul in-person event SecureIT New York 2024Jul 01, 2024New York, NY Data and Information Security 24/Sep in-person event FutureIT TorontoSep 24, 2024Vantage Venues, Toronto Events 26/Sep virtual event FutureIT CanadaSep 26, 2024Virtual Event Events View all events In depth featureWho owns your data? SaaS contract security, privacy red flagsCompanies looking to use SaaS solutions should involve the security team in the procurement process and pay attention to contract language.By Andrada FiscuteanMar 27, 202410 mins Data and Information Security Read the Article Podcasts podcastsSponsored by Microsoft SecurityStrengthen and Streamline Your SecurityThis podcast series brought to you by Microsoft and IDG, will explore the core components of a modern security strategy, with insights and tips from leading security experts. We’ll discuss how ongoing and ever-changing threats, a growing security stack, and a shift to remote work make it difficult for CISOs and their security teams to balance enterprise-grade security with end-user productivity.0 episodeData and Information Security Ep. 03 Episode 3: The Zero Trust Model Mar 25, 202115 mins Multi-factor AuthenticationCSO and CISORemote Work Ep. 04 Episode 4: Reduce SOC burnout Mar 29, 202115 mins CSO and CISOPhishingRemote Work Show me moreLatestArticlesPodcastsVideos how-to Download our endpoint detection and response (EDR) buyer’s guide By Linda Rosencrance Jun 27, 20241 min Endpoint ProtectionEnterprise Buyer’s Guides brandpost Sponsored by Cyber NewsWire Infinidat Revolutionizes Enterprise Cyber Storage Protection to Reduce Ransomware and Malware Threat Windows By Cyber NewsWire – Paid Press Release Jun 27, 20247 mins RansomwareCyberattacksSecurity brandpost Sponsored by Microsoft Security Building the foundation for secure Generative AI By Microsoft Security Jun 26, 20245 mins Machine LearningSecurity podcast CSO Executive Sessions India with Hilal Lone, CISO, Razorpay Jun 11, 202429 mins CSO and CISO podcast CSO Executive Sessions: The new realities of the CISO role – whistleblowing and legal liabilities May 28, 202417 mins CSO and CISO podcast CSO Executive Sessions India with Pradipta Kumar Patro, Global CISO and Head IT Platform, KEC International May 22, 202426 mins CSO and CISO video CSO Executive Session India with Hilal Lone, CISO, Razorpay Jun 11, 202429 mins CSO and CISO video CSO Executive Sessions: The new realities of the CISO role – whistleblowing and legal liabilities May 28, 202417 mins CSO and CISO video CSO Executive Sessions India with Pradipta Kumar Patro, Global CISO and Head IT Platform, KEC International May 22, 202426 mins CSO and CISO