Stories by Taylor Armerding

The chief information security officer has a big, mission critical job. Make sure you spell out the CISO's duties and expectations for the role.

Since there is no way to prevent every cyber attack, incident response is crucial. Experts at the MIT Sloan CIO Symposium talk about what to do immediately after the bad news hits.

Voice imitation technology has the potential to undermine yet another form of biometric authentication. Security experts say the key is to make sure the individual voice information is stored on the user’s device, not in a centralized database.

The way to understand, and avoid, becoming a victim of ransomware is to be prepared, said LEO Cyber Security CTO Andrew Hay. And part of that preparation is to understand its historical roots.

China and the US agreed 18 months ago to stop “knowingly” tolerating economic espionage. According to some studies, the agreement is working. Others aren’t so sure, however.

Given the explosive growth of online threats, cyber insurance is becoming mandatory for most organizations. But the field is still new enough that buying an effective policy takes a lot of due diligence and attention to the fine print.

Poll results are supposed to be driven by opinions, but marketers, politicians and others know opinions can be driven by polls. Hence the rising use of bots to skew perceptions in favor of a product, a celebrity or, at this time of year, a candidate.

Most security experts agree that sharing cyber threat information can help detect and contain it more effectively. But too many in the private sector still feel that sharing with government intelligence agencies feels more like surveillance

Changing passwords is supposed to make things more difficult for attackers. Unfortunately, research shows that human nature means it makes it easier.

Automotive cybersecurity finally looks like it is on the front burner. But a host of improvements need to be made before the connected car is even relatively safe from hacks.

The FIDO Alliance, formed just four years ago to find a better way than passwords for online authentication, is promoting a standard that keeps user credentials only on the user device. An attacker would have to steal your device to hack your account, they say.

Security tools are crucial in protecting organizations from online threats. But the glut of tools on the market can lead to information overload for CISOs trying to evaluate them all.

Everybody is a target of cybercrime, but some are more attractive than others. Law firms rank pretty high on the list because of the sensitivity of the information they handle, and their sometimes very rich and powerful clientele.

Online advertisers and ad-blocking software makers don’t have much nice to say about one another. But amid the antagonistic rhetoric, both sides agree there is room for compromise – by making the user experience a priority.

Some users of the ride-hailing service Uber have found themselves being charged for “ghost” rides they never ordered, since their credentials were stolen and sold on the Dark Web. Experts say better security practices by the company is helping, but users have to step up their security game as well.