opinionChoosing AI: the 7 categories cybersecurity decision-makers need to understandWhat exactly is an AI system anyway? CISOs are increasingly relying on AI to support decision-making — here’s how to look at the systems available in today’s products and what they can accomplish.By Christopher Whyte08 Nov 202410 minsCSO and CISOSecurity PracticesSecurity Software feature Top 5 security mistakes software developers makeBy David Strom07 Nov 202410 minsDevSecOpsApplication Securityfeature Security associations CISOs should know aboutBy Rosalyn Page06 Nov 20249 minsCSO and CISOCareersIT Leadership newsThe US Department of Defense has finalized cyber rules for its suppliers By John P. Mello Jr. 08 Nov 20245 minsRegulationAerospace and Defense IndustryGovernment newsSchneider Electric suffers data breach, exposing critical project and user dataBy Gyana Swain 06 Nov 20244 minsData Breach opinionKicking dependency: Why cybersecurity needs a better model for handling OSS vulnerabilitiesBy Chris Hughes 06 Nov 202411 minsThreat and Vulnerability ManagementSupply ChainSecurity Software newsMicrosoft Authenticator passkey support to be native in JanuaryBy Evan Schuman 05 Nov 20248 minsAuthenticationIdentity Management Solutions news24% of CISOs actively looking to leave their jobsBy Evan Schuman 05 Nov 20243 minsCSO and CISOCareers feature10 ways hackers will use machine learning to launch attacksBy Maria Korolov 05 Nov 202411 minsHackingMachine LearningCybercrime More security newsnewsAndroxgh0st botnet integrates Mozi payloads to target IoT devicesThe malware has added exploits for more web applications and devices to its arsenal and some of them seem to be inherited from an older botnet called Mozi.By Lucian Constantin 08 Nov 2024 5 minsBotnetsThreat and Vulnerability ManagementVulnerabilitiesnewsUS consumer protection agency bans employee mobile calls amid Chinese hack fearsEmployees have been instructed to switch to secure platforms after a telecom infrastructure breach linked to China.By Gyana Swain 08 Nov 2024 4 minsHackingnewsCisco IoT wireless access points hit by severe command injection flawCritical flaw affects URWB access points used in outdoor and industrial environments. By John E. Dunn 07 Nov 2024 1 minWireless SecurityNetwork SecurityVulnerabilitiesnewsBeware malicious NPM packages, Checkmarx warns‘Package confusion’ attack against NPM used to trick developers into downloading malwareBy John E. Dunn 07 Nov 2024 1 minApplication SecuritynewsInfostealers are using BYOVD to steal critical system dataKaspersky Labs claims to have blocked over 11k info-stealing attempts that used the BYOVD technique.By Shweta Sharma 07 Nov 2024 3 minsVulnerabilitiesSecurityfeatureDDoS attacks: Definition, examples, techniques, and how to defend themDistributed denial of service (DDoS) attacks have been part of the criminal toolbox for decades — and they’re only growing more prevalent and stronger.By Josh Fruhlinger and Lucian Constantin 07 Nov 2024 11 minsDDoSCyberattacksnewsFive-country attack on cybercrooks welcomed by security expertArrest of 41 suspects more important than takedown of 22,000 malicious IP addresses, he argues.By Howard Solomon 06 Nov 2024 6 minsCybercrimeLegalnewsWas your last DocuSign-ed bill legitimate? Check againA novel phishing campaign abuses DocuSign APIs to send fake invoices at scale.By Shweta Sharma 06 Nov 2024 2 minsPhishingAPIsnewsMan arrested in Canada allegedly linked to Snowflake data theftsUS requested the arrest and extradition of a man accused of the Ticketmaster and AT&T hacks.By Howard Solomon 05 Nov 2024 4 minsData BreachHackingnewsSource code alleged to be Nokia’s is for sale onlineIntelBroker says they obtained Nokia source code and other data from a third-party contractor; Nokia says it has found no signs of a breach.By Shweta Sharma 05 Nov 2024 3 minsData BreachSecuritynewsVMware’s AI query tool could be best for junior threat team members, say analystsIntelligent Assist will be released in Q1 next year to help SOC teams understand what's behind alerts, Broadcom announces.By Howard Solomon 05 Nov 2024 5 minsCloud SecurityData and Information SecuritynewsOkta’s ‘secure by design’ pledge suffers a buggy setbackOkta’s AD/LDAP authentication flaw allows an attacker to login without a password.By Shweta Sharma 05 Nov 2024 4 minsAuthenticationVulnerabilitiesSecurity Show more Show less Explore a topic Generative AI Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security View all topics All topics Close Generative AI Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Spotlight: AI in EnterpriseArticles * Buyer’s GuideWe showcase practical AI deployments, implementation strategies, and real-world considerations such as for data management and AI governance that IT and business leaders alike should know before plunging into AI. View all Popular topicsGenerative AI newsSecuriti to help businesses build secure, compliant Gen AI with a new toolBy Shweta Sharma 29 Oct 2024 3 minsGenerative AISecurity SoftwareSecurity newsCISOs have to get on top of AI technologies, warns MicrosoftBy Howard Solomon 24 Oct 2024 9 minsCSO and CISOGenerative AI opinionBeyond ChatGPT: The rise of agentic AI and its implications for securityBy Stephen Kaufman 22 Oct 2024 16 minsGenerative AISecurity View topic Cybercrime news analysisNation state actors increasingly hide behind cybercriminal tactics and malwareBy Lucian Constantin 01 Nov 2024 8 minsAdvanced Persistent ThreatsCyberattacksThreat and Vulnerability Management interviewHow Interpol is adapting to the ever-evolving cybercrime landscapeBy Mario Moreno 25 Oct 2024 8 minsGovernment ITGovernmentCyberattacks newsLockbit dismantling progressesBy Florian Maier 02 Oct 2024 2 minsRansomwareCybercrime View topic Careers opinionThe rise of the vCISO: From niche to necessity?By Dr. Mark Shmulevich 31 Oct 2024 6 minsCareersIT LeadershipSecurity featureThe CSO guide to top security conferencesBy CSO Staff 31 Oct 2024 4 minsTechnology IndustryIT SkillsEvents featureHow CISOs can turn around low-performing cyber prosBy Andrada Fiscutean 30 Oct 2024 11 minsCSO and CISOCareersSecurity View topic IT Leadership how-toDownload the AI in the Enterprise (for Real) SpotlightBy CIO.com and InfoWorld contributors 01 Nov 2024 1 minMachine LearningIT GovernanceIT Leadership featureSecurity priorities emphasize CISO role on the riseBy Esther Shein 23 Oct 2024 9 minsCSO and CISOIT StrategyIT Leadership featureWhat makes a great CISOBy Rosalyn Page 21 Oct 2024 8 minsCSO and CISOCareersIT Leadership View topic Upcoming Events21/Nov in-person event FutureIT New York: Building the Digital Business with Cloud, AI and Security21 Nov 2024New York, NY Digital TransformationIT Management View all events In depth featureWho owns your data? SaaS contract security, privacy red flagsCompanies looking to use SaaS solutions should involve the security team in the procurement process and pay attention to contract language.By Andrada Fiscutean27 Mar 202410 mins Data and Information Security Read the Article Podcasts podcastsSponsored by Microsoft SecurityStrengthen and Streamline Your SecurityThis podcast series brought to you by Microsoft and IDG, will explore the core components of a modern security strategy, with insights and tips from leading security experts. We’ll discuss how ongoing and ever-changing threats, a growing security stack, and a shift to remote work make it difficult for CISOs and their security teams to balance enterprise-grade security with end-user productivity.0 episodeData and Information Security Ep. 03 Episode 3: The Zero Trust Model 25 Mar 202115 mins Multi-factor AuthenticationCSO and CISORemote Work Ep. 04 Episode 4: Reduce SOC burnout 29 Mar 202115 mins CSO and CISOPhishingRemote Work Show me moreLatestArticlesPodcastsVideos brandpost Sponsored by Microsoft Security Why AI is the final missing piece of the CNAPP puzzle By Ron Matchoro, Head of Product, Microsoft Defender for Cloud – Data & AI Security 07 Nov 20245 mins Cloud Security brandpost Sponsored by Fortinet As scams targeting the U.S. 2024 presidential election flood the darknet, here’s how to shore up cybersecurity defenses By Derek Manky, Chief Security Strategist and VP of Global Threat Intelligence at Fortinet 04 Nov 20244 mins Security news A new SharePoint vulnerability is already being exploited By Daniel Olszewski 04 Nov 20243 mins Windows SecurityVulnerabilitiesSecurity podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO podcast CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands 08 Jul 202418 mins CSO and CISO video CSO Executive Sessions: Open Source Institute’s Eric Nguyen on supply chain risks to critical infrastructure (Part 1) 04 Nov 202419 mins Supply ChainCritical InfrastructureSecurity video CSO Executive Sessions: Standard Chartered’s Alvaro Garrido on cybersecurity in the financial services industry 23 Oct 202410 mins Financial Services IndustrySecurity video CSO Executive Sessions: New World Development’s Dicky Wong on securing critical infrastructure 16 Oct 202412 mins Critical InfrastructureSecurity