Videos
Jeff Thomas is CSO of Prudential Financial where his team created a CSO50 award-winning workplace threat management training course designed to capture employee attention and maintain interest. The solution combines a story with a graphic novel look-...
Vendors and government agencies are making information and tools available to detect and prevent attacks like SolarWinds.
Kevin Charest is CISO of Health Care Service Corporation where his team created a CSO50 award-winning Cyber Fusion Center for cyber defense representing collaboration across five Blue Cross and Blue Shield plans in Illinois, Montana, New Mexico, Okla...
The recent SolarWinds attack underscores the danger many companies face from nation-state actors. Here’s how to prepare your Windows networks from the threat.
Michael Kenney is Lead Information Security Engineer at Penn Medicine where they’ve created their CSO50 award-winning ‘Penn Test Security Challenge’ that leverages gamification penetration testing exercises to add value. By building skills in a...
Shawn Riley is CISO for the ND Information Technology Department serving the State of North Dakota’s government agencies. Its CSO50 award-winning K-20W initiative (kindergarten through PhD and workforce) called “Every Student, Every School, Cyber...
Attackers use malicious JavaScript files masquerading as legitimate updates to execute ransomware and other malware attacks. These simple steps will stop them.
Eric Simmons, Information Security Manager and Application Security Lead at Aaron’s, and Jeremy Brooks, Information Security Architect at Aaron's, led a CSO50 award-winning project to rethink application security for efficiency and speed. Partnerin...
CSO worldwide managing director Bob Bragdon discusses today’s issues with CSO editors from Australia, Germany, the United Kingdom and the United States. How is security evolving in various parts of the world with continued remote work? What’s the...
Tim Youngblood is Global CISO at McDonald's, one of the world's largest food service companies. Having worked at other large organizations, Tim's developed a unique understanding of the various stages in evolving your career to the CISO level. Join u...
Aravind Swaminathan is a former cybercrime prosecutor and is currently Global Co-Chair of Cyber, Privacy & Data Innovation at Orrick, Herrington & Sutcliffe LLP where he’s directed more than 200 cybersecurity and data breach investigations. He disc...
Greg Wood is SVP of Information Security & Risk Management at The Walt Disney Company, one of the world’s largest media and entertainment companies. With an early life passion for technology, Greg discovered the critical role of security in a chang...
Organizations commonly leave openings for attackers to take control of subdomains set up in Azure. These tips will block them from doing so.
BEC campaigns are finding clever ways to bypass some protections. Use this advice to tighten up controls to keep malicious emails from getting through in Microsoft 365.
Attackers covet credentials, and Windows admins sometimes make it too easy for them. Here’s how to harden Windows networks against credential theft.
Criminals will try to change Windows Active Directory Group Policy security settings to enable attacks. Here’s how to stop them.
These new rules, part of Windows Defender, can help prevent damage from phishing and other attacks.
Ransomware perpetrators count on Windows security admins to make these common mistakes. Here’s how to find and fix them.
Swatting is a form of harassment in which attackers try to trick police forces into sending a heavily armed strike force — often a SWAT team, which gives the technique its name — to a victim's home or business. Learn more about swatting and how t...
Artificial intelligence and machine learning projects require a lot of complex data, which presents a unique cybersecurity risk. Security experts are not always included in the algorithm development process, resulting in effective but potentially vul...
Windows 10 S Mode allows you to whitelist approved applications and block unauthorized applications from running on your network.
The risk from two newly discovered Windows vulnerabilities could be mitigated if you’ve properly segmented your network. Here’s what you need to know.
Doxing is the practice of posting someone's personal information online without their consent. Doxers aim to reveal information that can move their conflict with their targets from the internet to the real world, including home addresses, employers, ...
With some versions of Windows 10 off support or going off support soon, it’s time to review what security features you’re missing if you haven’t updated recently. Follow along here with the full Microsoft Ignite presentation, Windows 10 innovat...
Multi-factor authentication, strong patch management, device control, and adherence to security benchmarks go a long way to protecting your Windows network.
Microsoft has provided new guidance in the form of benchmarks to make sure your Azure environment is secure.
Microsoft will soon discontinue support for Adobe Flash. Here’s how to transition to secure alternatives while blocking unsafe use of Flash.
The Zerologon flaw could give attackers domain admin privileges. Here’s how the two-step patching process to fix it works.
If a security incident occurs on your Windows network, are you prepared to do a thorough investigation? These tips and tools will help.
Microsoft has rolled out new security settings for Office 365, but the default configuration for email might not be right for your organization.
COVID has changed tactics that attackers use to compromise Windows networks. These are the vulnerabilities they now favor.
Default Windows event log settings won’t give you all the information you need to investigate security incidents. Here’s how to get the info you need.
Attackers often gain access to networks through the printers connected to them. Here’s how to address printer vulnerabilities on your network.
Don't let the cute name fool you, smishing (a portmanteau of 'SMS' and 'phishing') is a cyberattack that uses misleading text messages to trick victims into sharing valuable information, installing malware, or giving away money.
As remote work becomes more prevalent and, likely, permanent, you need secure deployment processes in place for devices connecting to Windows networks.
SSL is not just a web protocol. Applications use it, too. Here’s advice to manage SSL certificate protocols on a Windows network.
Recent hacks show that attackers will search for network login credentials in many ways. Make them harder to get.
The transition to managing a remote workforce happened virtually overnight. With it came the challenge of managing employees’ security while they work on their home networks and sometimes on their personal devices. Traditional VPN solutions can be ...
Vishing (short for voice phishing) is a form of attack that attempts to trick victims into giving up sensitive personal information over the phone. While that makes it sound like an old-fashioned scam, vishing attacks have high-tech elements.
Follow these best practices to make sure all your remotely located Windows devices have the latest security updates.
As more employees work from home, it’s important to review your VPN settings and following the best guidance.
Compromising windows administrator accounts is always a key goal for attackers. You can help prevent that from happening with these best practices.
As the recent attack on Honda shows, anyone can be a victim of a ransomware attack. This advice will minimize your risk.
Every company has legacy systems, many of which provide vulnerabilities for attackers to exploit. Use this advice to help shut them out.
Companies that have disabled Windows Firewall might be missing out on some added network protection. Here’s how to set it up effectively.
These are the event logs that will help you identify malicious activity on your network.
Microsoft has rebranded and updated its tool to deploy security patches and new features.
Attackers still commonly use a vulnerability in older versions of Microsoft Office because many organizations left it unpatched. Did yours?
Sysmon and the cloud-based Sentinel log events to help detect when and how attackers compromised your network.