featureHow to choose the right network security monitoring productNetwork security monitoring software is essential because it enhances security by detecting threats in real time and ensures operational efficiency by minimizing downtime and optimizing performance. Here’s what to look for.By Linda RosencranceMay 27, 20248 minsSecurity Monitoring SoftwareData and Information SecurityNetwork Security news analysis Emerging ransomware groups on the rise: Who they are, how they operateBy Lucian ConstantinMay 24, 20246 minsRansomwareCybercrimefeature Hijack of monitoring devices highlights cyber threat to solar power infrastructureBy Cynthia BrumfieldMay 23, 20249 minsEnergy IndustryUtilities IndustryCritical Infrastructure opinionThe art of saying no is a powerful tool for the CISO in the era of AIBy Clarke Rodgers May 27, 20245 minsCSO and CISOSecurity PracticesIT Leadership newsChrome patches fourth zero-day flaw this monthBy Lucian Constantin May 27, 20243 minsBrowser SecurityZero-day vulnerabilityVulnerabilities featureTop cybersecurity M&A deals for 2024By CSO Staff May 24, 202414 minsMergers and AcquisitionsData and Information SecurityIT Leadership newsKroll cyber threat landscape report: AI assists attackers By Lynn Greiner May 24, 20244 minsThreat and Vulnerability ManagementCybercrimeVulnerabilities news analysisMicrosoft amps up focus on Windows 11 security to address evolving cyberthreatsBy Lynn Greiner May 23, 20247 minsWindows Security news analysisRise of zero-day exploits reshape security recommendationsBy Lucian Constantin May 22, 20247 minsIncident ResponseZero-day vulnerabilitySecurity Practices More security newsnews analysisWindows Recall — a ‘privacy nightmare’?The Windows AI feature announced by Microsoft this week quickly drew criticism for recording regular screenshots of a user’s screen; one security expert compared it to keylogging software.By Matthew Finnegan May 24, 2024 1 minPrivacynewsTracking manual attacks may deliver zero-day previewsAccording to analysis from LexisNexis, human-based digital fraud attacks are increasing more quickly than bot-based attacks — a difference CISOs should leverage for their defenses.By Evan Schuman May 23, 2024 4 minsCyberattacksFraudCybercrimenewsLockBit no longer world’s No. 1 ransomware gangAfter dominating for eight months, LockBit has been overtaken by ransomware gang Play in the wake of a law enforcement crackdown and unmasking of LockBit’s alleged creator.By Viktor Eriksson May 23, 2024 2 minsRansomwareCybercrimenewsFake Pegasus spyware source code floods dark webScammers are selling randomly generated source codes, falsely associating them with the Pegasus spyware, and offering them for over a million dollars.By Gyana Swain May 23, 2024 4 minsHacker GroupsMalwarenewsCritical flaw found in Fluent Bit cloud services monitoring componentHyperscalers grapple with Linguistic Lumberjack vulnerability.By John Leyden May 23, 2024 4 minsCloud SecurityVulnerabilitiesnews analysisEU resilience regulation DORA has financial CISOs waiting for answersIn January 2025, a new EU regulation targeting operational resilience will enter into force impacting cyber security in the financial sector, and others as well. But many uncertainties remain. By Karin Lindström May 23, 2024 5 minsRegulationFinancial Services IndustryIncident ResponsenewsUS government could mandate quantum-resistant encryption from JulyPost-quantum encryption standards, once defined, will gradually become mandatory for government contractors.By Gyana Swain May 22, 2024 3 minsGovernment ITRegulationEncryptionnewsMicrosoft Azure’s Russinovich sheds light on key generative AI threatsGenerative AI models have a larger attack surface than many CSOs might think. Microsoft Azure’s CTO walked through some of the more significant challenges facing developers and defenders.By David Strom May 22, 2024 4 minsGenerative AIData and Information Securitynews analysisGlobal stability issues alter cyber threat landscape, ESET reportsWith conflict on the rise, regional APT groups are increasing activity, altering focus, and putting specific industries in their crosshairs. Here’s what CISOs should know.By Evan Schuman May 20, 2024 4 minsAdvanced Persistent ThreatsCyberattacksThreat and Vulnerability Managementnews analysisSEC rule for finance firms boosts disclosure requirementsAmendments to Regulation S-P requires broker-dealers, investment companies, registered investment advisers, and transfer agents to disclose incidents to customers.By Evan Schuman May 17, 2024 5 minsData BreachFinancial Services IndustryData PrivacynewsFCC proposes BGP security measuresProtecting the Border Gateway Protocol is as important as protecting the border.By Gyana Swain May 17, 2024 1 minRegulationNetwork SecuritynewsUS AI experts targeted in cyberespionage using SugarGh0st RATThreat actors use phishing techniques to obtain non-public information about generative artificial intelligence.By Lucian Constantin May 16, 2024 4 minsPhishingData and Information Security Show more Show less Explore a topic Generative AI Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security View all topics All topics Close Generative AI Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Popular topicsGenerative AI newsPalo Alto launches AI-powered solutions to fight AI-generated cyberthreatsBy Prasanth Aby Thomas May 09, 2024 3 minsGenerative AISecurity Software newsSecuriti adds distributed LLM firewalls to secure genAI applicationsBy Shweta Sharma Apr 30, 2024 4 minsGenerative AI newsTop cybersecurity product news of the weekBy CSO staff Apr 26, 2024 81 minsGenerative AISecurity View topic Cybercrime newsBreachForums seized by law enforcement, admin Baphomet arrestedBy Shweta Sharma May 16, 2024 4 minsData BreachCybercrime newsAdministrator of ransomware operation LockBit named, charged, has assets frozenBy Lucian Constantin May 07, 2024 3 minsAdvanced Persistent ThreatsHacker GroupsRansomware opinionWhat is the dark web? How to access it and what you’ll findBy Darren Guccione Apr 02, 2024 13 minsData BreachTechnology IndustryCybercrime View topic Careers featureCISSP certification: Requirements, training, exam, and costBy Josh Fruhlinger and CSO Staff May 28, 2024 10 minsCertificationsCareersSecurity featureAI governance and cybersecurity certifications: Are they worth it?By Maria Korolov May 06, 2024 12 minsCertificationsIT Training Careers featureThe CSO guide to top security conferencesBy CSO Staff May 01, 2024 15 minsTechnology IndustryIT SkillsEvents View topic IT Leadership opinionReducing CSO-CIO tension requires recognizing the signsBy David Gee May 22, 2024 1 minCIOCSO and CISOIT Leadership featureThe inside story of Cyber Command’s creationBy Cynthia Brumfield May 20, 2024 8 minsAerospace and Defense IndustryCSO and CISOMilitary featureSome strategies for CISOs freaked out by the specter of federal indictmentsBy Cynthia Brumfield May 10, 2024 7 minsCSO and CISOLegalSecurity Practices View topic Upcoming Events05/Jun virtual event ForwardTech Virtual ShowcaseJun 05, 2024Virtual Event Technology Industry 18/Jun in-person event FutureIT Chicago: Building the Digital Business with Cloud, AI and SecurityJun 18, 2024Chicago, IL Technology Industry 01/Jul in-person event SecureIT New York 2024Jul 01, 2024New York, NY Data and Information Security View all events In depth featureWho owns your data? SaaS contract security, privacy red flagsCompanies looking to use SaaS solutions should involve the security team in the procurement process and pay attention to contract language.By Andrada FiscuteanMar 27, 202410 mins Data and Information Security Read the Article Podcasts podcastsSponsored by Microsoft SecurityStrengthen and Streamline Your SecurityThis podcast series brought to you by Microsoft and IDG, will explore the core components of a modern security strategy, with insights and tips from leading security experts. We’ll discuss how ongoing and ever-changing threats, a growing security stack, and a shift to remote work make it difficult for CISOs and their security teams to balance enterprise-grade security with end-user productivity.4 episodesData and Information Security Ep. 03 Episode 3: The Zero Trust Model Mar 25, 202115 mins Multi-factor AuthenticationCSO and CISORemote Work Ep. 04 Episode 4: Reduce SOC burnout Mar 29, 202115 mins CSO and CISOPhishingRemote Work Show me moreLatestArticlesPodcastsVideos feature Third-party software supply chain threats continue to plague CISOs By David Strom May 28, 20248 mins Open SourceSecurity SoftwareSupply Chain brandpost Sponsored by Kytec and Cisco Innovating safely: Navigating the intersection of AI, network, and security May 28, 20245 mins Artificial Intelligence feature What is spear phishing? Examples, tactics, and techniques By Josh Fruhlinger May 24, 202414 mins PhishingCyberattacksFraud podcast CSO Executive Sessions India with Pradipta Kumar Patro, Global CISO and Head IT Platform, KEC International May 22, 202426 mins CSO and CISO podcast CSO Executive Sessions: The personality of cybersecurity leaders Apr 29, 202419 mins CSO and CISO podcast CSO Executive Sessions: Geopolitical tensions in the South China Sea – why the private sector should care Apr 02, 202416 mins CSO and CISO video CSO Executive Sessions India with Pradipta Kumar Patro, Global CISO and Head IT Platform, KEC International May 22, 202426 mins CSO and CISO video CSO Executive Sessions: The personality of cybersecurity leaders Apr 29, 202419 mins CSO and CISO video CSO Executive Sessions: Geopolitical tensions in the South China Sea – why the private sector should care Apr 01, 202416 mins CSO and CISO