CSOonline

CSOonline

@csoonline.bsky.social

CSO empowers enterprise security leaders with critical insights to stay ahead of threats. Covering #cybersecurity from #riskmanagement to #networkdefense, we provide the expertise needed to defend against cybercrime.

111 Followers 22 Following 383 Posts Joined Dec 2024
Posts Following
4 days ago
Dan Lohrmann, global keynote speaker and author, is featured beside the text: "Cyber warfare is evolving fast. Dan Lohrmann asks a provocative question. Did cybersecurity just hit its 'Gatling gun moment'?" Also included: CSO Expert Contributor Network.

Cyber defense may be entering a new era. Dan Lohrmann asks whether cybersecurity just had its “Gatling gun moment” as automation, AI, and attacker scale collide.
Read the analysis: spr.ly/63321B6ylAV

#FoundryExpert #Cybersecurity #AIsecurity

1 0 0 0
4 days ago
A headshot of a man with dark hair, wearing a suit and tie, smiling slightly. The background is a blurry cityscape, suggesting an office setting.

Identity complexity is exploding, and access decisions are failing at scale. Puneet Bhatnagar warns that attackers are succeeding not by breaking in but by logging in.
Read the analysis: spr.ly/63327B6GWAP

#FoundryExpert #IdentitySecurity #CyberRisk

0 0 0 0
4 days ago
Close-up of a smiling man with short dark hair, wearing a dark red button-up shirt. He has tan skin and is centered against a blurred grey background.

Cloud risk is escalating as operating models fail to keep pace with cloud speed. Venkata Nedunoori warns that today’s cloud security failures rarely originate in the tech.

Read the analysis: spr.ly/63325B6GWD3

#FoundryExpert #CloudSecurity #CyberRisk

0 0 0 0
1 week ago
A close-up shows an African-American man with a graying beard and mustache, wearing blue-framed glasses. He has a shaved head and a black turtleneck sweater, looking directly at the camera with a slight smile. A man smiles, wearing a dark suit over a white shirt. He has short, graying hair and a trimmed beard, set against a blurred blue backdrop.

Maman Ibrahim and Gavriel Schneider reveal why cyber culture is failing in silence. Most teams do not see the risks forming beneath them.
See the red flags before they escalate: spr.ly/63329h29DD
#FoundryExpert #SecurityStrategy #RiskAssessment

0 0 0 0
2 weeks ago
A man with a beard and short dark hair wears a navy suit jacket over a white shirt. He faces the camera with a neutral expression, set against a plain grey background.

Ankit Gupta explains how LLMs can become a defensive multiplier — if you avoid the traps attackers count on.
Get the guidance every security team needs right now.
spr.ly/63328hvodA

#FoundryExpert #CyberDefense #AIGovernance

0 0 0 0
2 weeks ago
A man with a bald head and goatee wearing a white shirt and a navy blue blazer smiles directly at the camera against a white background.

Alan LeFort warns that the most dangerous battlefield in security is not your tech stack but your people.
Read the insights leaders need now: spr.ly/63327htj0t

#FoundryExpert #InsiderThreats #SecurityLeadership

1 0 0 0
2 weeks ago
A headshot of a smiling man in a suit and tie, set against a background with a bookshelf. The man has short, dark hair and a neatly trimmed beard. He wears a blue shirt and patterned tie, looking directly at the camera.

Shawn Jahromi warns that AI systems without sovereignty create shadow‑risk engines inside the enterprise. Governance fails, controls weaken, and adversaries thrive.

Understand the exposure now: spr.ly/63325hSH7W

#FoundryExpert #DataSecurity #ThreatIntelligence

0 0 0 0
2 weeks ago
Headshot of a smiling middle-aged man with fair skin, wearing glasses, a blue blazer and a striped shirt, against a plain white background. He has a mustache and neatly styled dark hair.

Rakesh Bhardwaj warns that the shift to intelligent transformation is accelerating faster than most security roadmaps. If CISOs don’t realign now, adversaries will.
Learn what’s changing and why.
spr.ly/63328hS1qi
#FoundryExpert #ZeroTrust #RiskManagement

0 0 0 0
3 weeks ago
Preview
US dominance of agentic AI at the heart of new NIST initiative The standards body is soliciting industry views on agentic security risks while ‘cementing US dominance at the technological frontier.’

This week, the US National Institute of Standards and Technology announced a new initiative that it hopes will provide a roadmap for addressing agentic AI hurdles and, it said, ensure that the technology “is widely adopted with confidence.”

www.csoonline.com/article/4134...

0 0 0 0
3 weeks ago
Preview
PayPal launches latest struggle to get rid of SMS for MFA Security experts have been nearly unanimous in their dislike of unencrypted SMS authentication for over a decade, but business executives — and customers — love its convenience. Cost-cutting may final...

When PayPal started emailing customers this month that it was backing off unencrypted SMS for multifactor authentication at login, it came with the typical approach-avoidance asterisk.

www.csoonline.com/article/4134...

0 0 0 0
3 weeks ago
A medium close-up shot features a man with brown skin, wearing glasses and a black turtleneck sweater. He has a neatly trimmed beard with graying hair. He is smiling slightly and gazing directly at the camera. A man with short grey hair and a neatly trimmed beard smiles at the camera. He is wearing a dark suit jacket and a white button-down shirt. The background is a blurry blue.

Security leaders Maman Ibrahim and Gavriel Schneider warn that risk chaos grows when teams lack a shared language.
Their insights show why alignment is becoming a frontline priority.
Read the full piece: spr.ly/63322hgE6k
#FoundryExpert

0 0 0 0
3 weeks ago
Two men are shown side-by-side with text on the right that says: Faster Response, Human Oversight, and AI Analysis. The man on the left is wearing a jacket with the text DEMO on it. The man on the right is wearing a Sumo Logic jacket.

Security teams are overwhelmed, but Dojo AI is shifting the balance.
Watch Keith Shaw and guest Bill Peterson break down what it unlocks.

spr.ly/63320hdhLQ
#DEMO #CyberDefense #SOCautomation

0 0 0 0
1 month ago
A person with light skin, wearing a patterned gray jacket over a black collared shirt, smiles slightly. The background shows lush green foliage, suggesting an outdoor or natural setting.

Cybersecurity is cracking at the foundation, and the cause is deeper than tech gaps.
See why accountability failures are putting every enterprise at risk.
Read the full analysis by Tom Marsland: spr.ly/63329hp5a9

#FoundryExpert #CyberRisk #SecurityLeadership

0 0 0 0
1 month ago
Headshot of a man with brown skin, wearing a navy suit, blue tie, and black glasses. He has short black hair, a clean-shaven face and is smiling slightly at the camera.

Your company could be both protected and breached right now. Dino Velusamy unpacks the enterprise version of Schrödinger’s cat.
Explore the full analysis: spr.ly/63326hMvXI

#FoundryExpert #IncidentReadiness #EnterpriseSecurity

0 0 0 0
1 month ago
Video thumbnail

What if your team could outthink attackers in real time?
Erin Whitmore joins Joan Goodchild to reveal how intelligence‑powered AI is transforming defense.

Watch the full episode here: spr.ly/63329hK9kS

#Cybersessions #ThreatIntel #AIDefense

0 0 0 0
1 month ago
Preview
ShinyHunters ramp up new vishing campaign with 100s in crosshairs The group has released stolen data from Match.com, Bumble, and Panera Bread as part of what appears to be a SLSH campaign against high-value corporate targets.

Notorious extortion group ShinyHunters released tens of GB of files it claims to have stolen from dating apps Hinge, Match, OkCupid and Bumble. www.csoonline.com/article/4124...

0 0 0 0
1 month ago
Preview
Critical RCE bugs expose the n8n automation platform to host‑level compromise A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass affects internal‑mode deployments common in enterprise setups.

Two critical sandbox escape flaws in the popular n8n workflow automation platform are allowing authenticated users to achieve remote code execution on affected instances.

www.csoonline.com/article/4124...

1 0 0 0
1 month ago
Preview
NIST’s AI guidance pushes cybersecurity boundaries Emerging NIST guidance suggests that the long-standing practice of treating AI as “just software” for cybersecurity purposes is giving way to more novel approaches to managing AI risks.

NIST is shifting from a broad, principle-based AI risk management framework toward more operationally grounded expectations, especially for systems that act without constant human oversight. www.csoonline.com/article/4123...

4 1 0 0
1 month ago
Preview
Critical FortiCloud SSO zero‑day forces emergency service disablement at Fortinet CISA added the flaw to its KEVs catalog as Fortinet warned that patches for most affected versions remain “upcoming,” even though vulnerable devices can no longer use cloud SSO until upgraded.

Fortinet has disclosed a critical authentication bypass zero-day vulnerability affecting its FortiCloud single sign-on feature after the company took the emergency step of temporarily disabling the cloud authentication service globally to stop active exploitation.

www.csoonline.com/article/4123...

0 0 0 0
1 month ago
Preview
Delegation is a risk decision every leader makes, not an ops choice Why AI systems, personal agents, and agent-to-agent interactions are reshaping accountability before leaders notice.

The most consequential delegation decisions being made today are not primarily about people. They are about authority moving into systems.

www.csoonline.com/article/4123...

0 0 0 0
1 month ago
Preview
AI-powered polymorphic attack lures victims to phishing webpages A new breed of malware uses various dynamic techniques to avoid detection and create customized phishing webpages.

AI-fueled attacks can transform an innocuous webpage into a customed phishing page. The attacks, revealed in a research from Palo Alto Networks’ Unit 42, are clever in how they combine various obfuscation techniques. www.csoonline.com/article/4123...

0 0 0 0
1 month ago
Preview
Fixes released for a serious Microsoft Office zero-day flaw The fixes for Office 2021 are automatic, but for Office 2016 and Office 2019, they must be applied manually.

Microsoft is warning admins of an Office security bypass zero day vulnerability that can be triggered simply by a user opening a document. The flaw is currently being actively exploited.

www.csoonline.com/article/4123...

0 0 0 0
1 month ago
Headshot of a bald man with a reddish beard, wearing a blue plaid suit jacket and white shirt, looking directly at the camera with a slight smile.

AI fatigue is real, and it is slowing security teams at the worst possible moment. But governance is still within reach.
Jason Fruge maps out the steps CISOs can take today.

Explore: spr.ly/63320hB99m

#FoundryExpert

0 0 0 0
1 month ago
Preview
CISA releases technology readiness list for post-quantum cryptography CISA has released a category-level inventory of hardware, software, and cryptography standards tied to post-quantum cryptography (PQC).

CISA has released a new advisory mapping post-quantum cryptography (PQC) standards to common enterprise hardware and software categories, giving CIOs and security teams an early reference for evaluating quantum-safe technology readiness. www.csoonline.com/article/4122...

0 0 0 0
1 month ago
Preview
4 issues holding back CISOs’ security agendas 58% of CISOs believe their organization is unprepared to respond to a cyberattack. Cyber execs and experts shed light on common strategy issues, providing advice on how to address them.

Besides the overall feeling of near inevitability of attack, security chiefs acknowledge that various challenges keep them from boosting their overall security posture and feeling more confident in their ability to block or respond to attacks.

www.csoonline.com/article/4117...

0 0 0 0
1 month ago
Preview
Enterprise PC upgrades in 2026: Higher prices, worse configurations CPU and memory shortages, tariffs, and a focus on higher-end devices will make low-cost laptops offering decent performance nearly impossible to find.

PC makers “are already signaling price increases across the board and likely memory spec downgrades, especially in entry-level devices,” Rishi Padhi, principal analyst at Gartner, tells Computerworld.

www.computerworld.com/article/4121...

0 0 0 0
1 month ago
Preview
Ransomware gang’s slip-up led to data recovery for 12 US firms The discovery of artifacts from backup software used by the INC gang helped get encrypted data back.

A little light Friday news and some reassurance that hackers are flawed humans just like the rest of us. www.csoonline.com/article/4121...

1 0 0 0
1 month ago
Preview
Work-from-office mandate? Expect top talent turnover, culture rot Organizations requiring IT workers to commute to an office need to ground decisions in value creation, focus on data-driven results, and avoid badge-swipe metrics, employment experts say.

“Some of the challenges CIOs face include losing top-tier talent, limiting the pool of candidates available for hire, and damaging company culture, with a team filled with resentment,” Lacey Kaelani, CEO at job search engine Metaintro, tells CIO.com's Grant Gross. www.cio.com/article/4119...

2 4 0 0
1 month ago
A man with short, graying hair smiles, wearing a blue shirt and a gray checkered blazer. He faces forward against a blurry, light-colored background.

High CVSS scores feel decisive, until attacks bypass them entirely.

Read Henry Sienkiewicz on why prioritization must go beyond the number and focus on how vulnerabilities actually spread: spr.ly/63325CAOOl

Context changes everything.

#FoundryExpert #CyberSecurity #RiskManagement

0 0 0 0
1 month ago
A man with glasses and a beard, wearing a tan suit and white shirt, poses against a pink and blue backdrop. He looks directly at the camera with a slight smile.

spr.ly/63322CfuzK
Why identity is now the only security boundary

Firewalls still exist, but breaches keep happening. Ashish Mishra explains why identity, not network location, is now the primary security perimeter enterprises must defend.

#FoundryExpert #IdentitySecurity

0 0 0 0