Latest from todayHow-ToHow to justify your security investments Budget discussions are tiresome because cyber risks and expenses are rising in tandem. CISOs should therefore align their arguments with business objectives.By Chritstoph SchuhwerkDec 11, 20256 minsC-SuiteCSO and CISOIT Leadership News Fortinet admins urged to update software to close FortiCloud SSO holesBy Howard SolomonDec 10, 20254 minsAccess ControlIdentity and Access ManagementSingle Sign-onNews Making cybercrime illegal won't stop it; making cybersec research legal mayBy Maxwell CooterDec 10, 20255 minsCybercrimeGovernmentIndustry News AnalysisHidden .NET HTTP proxy behavior can open RCE flaws in apps — a security issue Microsoft won’t fixBy Lucian Constantin Dec 10, 20256 minsApplication SecuritySecuritySoftware Development OpinionHow can staff+ security engineers force-multiply their impact?By Priyank Desai Dec 10, 202510 minsIT LeadershipIT ManagementStaff Management NewsHundreds of Ivanti EPM systems exposed online as critical flaw patchedBy Gyana Swain Dec 10, 20255 minsEndpoint ProtectionSecurityVulnerabilities OpinionBehind the breaches: Case studies that reveal adversary motives and modus operandiBy Suren Reddy Dec 10, 20257 minsCyberattacksCybercrimeData Breach OpinionQuantum meets AI: The next cybersecurity battlegroundBy Nathaniel Adeniyi Akande Dec 10, 20257 minsData and Information SecurityEncryptionIT Strategy FeaturePolymorphic AI malware exists — but it’s not what you thinkBy Ax Sharma Dec 10, 20259 minsCybercrimeGenerative AIMalware ArticlesopinionAvoiding the next technical debt: Building AI governance before it breaksWe’ve seen this movie before — AI is moving fast, but without early guardrails, it’ll cause the same messy debt we faced with cloud and APIs.By Marco Túlio Moraes Dec 5, 2025 7 minsArtificial IntelligenceIT GovernanceRisk ManagementopinionThe CISO’s paradox: Enabling innovation while managing riskCISOs win by ditching “No,” teaming with builders early and baking security into daily work so the business can move fast without blowing things up.By Solomon Adote Dec 1, 2025 6 minsC-SuiteCSO and CISOInnovationhow-toCSPM buyer’s guide: How to choose the best cloud security posture management toolsWith hybrid multicloud environments becoming prevalent across all industries, it pays to invest in the right CSPM tools to minimize risk, protect cloud assets, and manage compliance.By Linda Rosencrance and David Strom Nov 27, 2025 11 minsCloud SecurityData and Information SecurityThreat and Vulnerability Managementfeature2026 CSO Hall of Fame call for nominationsThis year's honorees will be recognized at the CSO Conference + Awards, held May 11-13, 2026 in Nashville, TN.By CSO events Nov 24, 2025 5 minsCareersData and Information SecurityRisk ManagementbrandpostSponsored by Action 14 big mistakes you're probably still making in vulnerability management…and how to fix themVulnerability management isn’t about checking boxes anymore—it’s about real-time visibility, risk prioritization, and automation that keeps you one step ahead of threats.By Action 1 Apr 28, 2025 4 minsEndpoint ProtectionRisk ManagementVulnerabilitiesopinionFrom code to boardroom: A GenAI GRC approach to supply chain riskGenAI GRC flips supply chain risk from paperwork to real-time smarts, helping CISOs spot trouble early and keep the board focused on resilience.By Adetunji Adebayo Nov 21, 2025 7 minsGenerative AIIT GovernanceRisk ManagementanalysisRecognizing and responding to cyber threats: What differentiates NDR, EDR and XDRDetection and response are crucial for protecting corporate networks from attacks. What do NDR, EDR and XDR stand for and what distinguishes one from the other?By Karl Heuser Nov 21, 2025 6 minsEndpoint ProtectionRisk ManagementSecurity Infrastructureopinion3 ways CISOs can win over their boards this budget seasonTo land your budget, show the board the real financial risk, plan past compliance and speak their language — not just security jargon.By Chris Wheeler Nov 20, 2025 7 minsBudgetingComplianceRisk Managementopinion5 key ways attack surface management will evolve in 2026In 2026, ASM gets a major glow-up as cloud control tightens, AI steps in, zero trust becomes the norm, and supply-chain risks finally get the spotlight.By Yash Mehta Nov 17, 2025 8 minsCyberattacksCybercrimeThreat and Vulnerability ManagementanalysisISO and ISMS: 9 reasons security certifications go wrongNumerous problems can arise during the ISO certification process. Here are the most common pitfalls that prevent companies for reaping the value that pursuit of security certification should bring.By Alexander Jaber Nov 17, 2025 8 minsRisk ManagementSecurityopinionBeyond the checklist: Shifting from compliance frameworks to real-time risk assessmentsCombine structured frameworks with a customizable assessment model to turn strategic fog into prioritized remediation plans with the most value.By Greg Neville Nov 12, 2025 7 minsComplianceRisk ManagementSecurityfeatureCISOs must prove the business value of cyber — the right metrics can helpCISOs still struggle to prove the value of their security programs using metrics that their business leaders so desperately seek.By Deb Radcliff Nov 10, 2025 8 minsRisk ManagementSecuritySecurity PracticesopinionThe unified linkage model: A new lens for understanding cyber riskCyber threats don’t just hit your systems — they move through your connections. The ULM shows how those hidden links fuel real risk.By Henry Sienkiewicz Oct 31, 2025 9 minsAccess ControlCyberattacksZero Trust Show more Show less View all Resources whitepaper How PTaaS Delivers Compliance and Meaningful Risk Reduction Download the guide to start your journey toward a continuous, risk-reducing security program. The post How PTaaS Delivers Compliance and Meaningful Risk Reduction appeared first on Whitepaper Repository –. By Synack 26 Nov 2025Business OperationsRisk ManagementSecurity whitepaper AI Without Fear: A Practical Framework to Manage Risk and Drive Collaboration By Databricks 03 Nov 2025Artificial IntelligenceMaster Data ManagementRisk Management whitepaper AI Without Fear: A Practical Framework to Manage Risk and Drive Collaboration By Databricks 03 Nov 2025Artificial IntelligenceMaster Data ManagementRisk Management View all Video on demand video The Future of Cybersecurity Leadership: AI, Governance & Education | Kevin Powers, Boston College How is cybersecurity education changing — and what skills do tomorrow’s security leaders really need? In this episode of Security Sessions, host Joan Goodchild talks with Kevin Powers, Faculty Director and Lecturer at Boston College Law School, about how cybersecurity has evolved from a technical problem to a core business and legal function. Nov 19, 2025 23 minsCyberattacksCybercrimeRisk Management What is the NIST Cybersecurity Framework? How risk management strategies can mitigate cyberattacks Dec 21, 2021 18 mins Risk ManagementSecurity How chemical manufacturer Celanese secures its IT and OT environments Sep 17, 2021 28 mins Risk ManagementSecurity Securing the software supply chain: A structured approach Jun 18, 2021 25 mins Risk ManagementSecuritySupply Chain See all videos Explore a topicApplication SecurityBusiness ContinuityBusiness OperationsCareersCloud SecurityComplianceCritical InfrastructureCybercrimeIdentity and Access ManagementIndustryIT LeadershipNetwork SecurityPhysical SecurityPrivacyView all topics Show me morePopularArticlesPodcastsVideos news analysis Key cybersecurity takeaways from the 2026 NDAA By Cynthia BrumfieldDec 10, 202510 mins GovernmentGovernment ITSecurity news GitHub Action Secrets aren’t secret anymore: exposed PATs now a direct path into cloud environments By Taryn PlumbDec 9, 20256 mins Cloud SecurityGitHubSecurity news December Patch Tuesday: Windows Cloud Files Mini Filter Driver hole already being exploited By Howard SolomonDec 9, 20257 mins Security SoftwareThreat and Vulnerability ManagementZero-Day Vulnerabilities podcast CISO Reality: Record Pay, Rising Pressure, and Retention Risk By Joan GoodchildDec 10, 202527 mins CSO and CISOSecurity Infrastructure podcast Inside Visa’s Cyber Defense: CISO Subra Kumaraswamy on blending AI and Human Defense By Joan GoodchildDec 3, 202527 mins Artificial IntelligenceCSO and CISOPhishing podcast The Future of Cybersecurity Leadership: AI, Governance & Education | Kevin Powers, Boston College Nov 19, 202523 mins CyberattacksCybercrimeRisk Management video CISO Reality: Record Pay, Rising Pressure, and Retention Risk By Joan GoodchildDec 10, 202527 mins CSO and CISOSecurity Infrastructure video Inside Visa’s Cyber Defense: CISO Subra Kumaraswamy on blending AI and Human Defense By Joan GoodchildDec 3, 202527 mins Artificial IntelligenceCSO and CISOPhishing video Inside Black Hat: Andy Ellis on vendor buzzwords, AI hype, and the future of the CISO role By Joan GoodchildNov 12, 202531 mins Black HatCSO and CISOCyberattacks