Two FCA cases unsealed in 2019 show that contractors can face multi-million-dollar penalties if they don't comply with federal government cybersecurity requirements.
Cynthia Brumfield |
04 Feb |
Read more
But voter skepticism about online security has some Washington state officials responsible for general elections wary of rolling the tech.
Lucas Mearian |
28 Jan |
Read more
Boris Johnson's Withdrawal Agreement Bill (WAB) largely leaves existing data protection regulation in place, but changes are still possible.
Dan Swinhoe |
21 Jan |
Read more
Continued Russian interference, insecure paperless voting processes will sow doubt about the next election despite some security improvements.
Cynthia Brumfield |
21 Jan |
Read more
Information security is a set of practices intended to keep data secure from unauthorized access or alterations. Here's a broad look at the policies, principles, and people used to protect data.
Josh Fruhlinger |
17 Jan |
Read more
Here's a rundown of all the security-related bills working their way through this year's U.S. Congress, plus some hot security topics likely to be debated.
Cynthia Brumfield |
06 Jan |
Read more
Hacking groups that make up Magecart are effective and persistent at stealing customer and payment card data through skimmers. Here's how they work and what you can do to mitigate the risk.
David Strom |
26 Dec |
Read more
The WireGuard VPN offers better performance and a simpler, effective approach to cryptography. Is it ready for the enterprise?
Lucian Constantin |
24 Dec |
Read more
Recent key departures--voluntary and forced--might make it harder for government agencies to find the talent needed to fulfill their security missions.
Cynthia Brumfield |
20 Dec |
Read more
Cybersecurity is the practice of defending computers, networks, and data from malicious electronic attacks. Learn the skills, certifications and degrees you need to land a job in this challenging field.
Josh Fruhlinger |
05 Dec |
Read more
Meet the security leaders enshrined in the CSO Hall of Fame.
By CSO staff |
04 Dec |
Read more
The newly discovered Pipka script can delete itself from a website after execution, making it very difficult to detect.
Lucian Constantin |
15 Nov |
Read more
Two Twitter employees accessed user data on behalf of the Saudi government. Neither should have had access, and this is a sign of a bigger problem at all companies.
Cynthia Brumfield |
12 Nov |
Read more
Is encryption code speech? Earlier court rulings suggest that it is, legally, and therefore subject to First Amendment protections.
Cynthia Brumfield |
04 Nov |
Read more
US consumers and businesses in a few states can now dial 211 for help when victimized by cybercrime. What's needed is a nationwide rollout.
Roger A. Grimes |
31 Oct |
Read more
The automated use of breached usernames and passwords to access accounts is low risk, high reward for cybercriminals. Here's how to make it harder form them to use credential stuffing.
Lucian Constantin |
30 Oct |
Read more
The new version China’s Multi-Level Protection Scheme (MLPS) expands what companies fall under its purview and lower the threshold for government inspection. Should companies with operations in China be concerned?
Dan Swinhoe |
28 Oct |
Read more
This Cisco IOS XE REST API vulnerability could lead to attackers obtaining the token-id of an authenticated user.
Michael Cooney |
23 Oct |
Read more
Organizations are working with the US Department of Homeland Security to enhance their own security awareness training and promote it in their communities.
Cynthia Brumfield |
21 Oct |
Read more
These eight patching best practices mistakes get in the way of effective risk mitigation. Here's how to fix them.
Roger A. Grimes |
03 Oct |
Read more