J.M. Porup

Senior Writer

J.M. Porup has been a security geek since 2002, when he got his first job in IT. Since then he's covered national security and information security for a variety of publications, and now calls CSOonline home. He previously reported from Colombia for four years, where he wrote travel guidebooks to Latin America, and speaks Spanish fluently with a hilarious gringo-Colombian accent.

Why getting election security right for 2020 matters

Secure elections scorecard: Grading the candidate and Congressional proposals

Secure elections scorecard: Grading the candidate and Congressional proposals

After 2016's election security debacle, there's a push to secure America's electronic voting infrastructure. Some of the proposals are good. Others fall short. CSO investigates.

IT services giant HCL left employee passwords, other sensitive data exposed online

IT services giant HCL left employee passwords, other sensitive data exposed online

HCL left employee passwords, customer project details, and other sensitive information exposed online with no authentication.

Will the U.S. government draft cybersecurity professionals?

Will the U.S. government draft cybersecurity professionals?

A Congressional commission might soon recommend conscription of cybersecurity professionals to serve in both the military and civil service. Will the government force security pros to work for Uncle Sam?

200 million-record breach: Why collecting too much data raises risk

200 million-record breach: Why collecting too much data raises risk

Avoid the siren song of big data and collect only what you need. This is the big takeaway from a 200-million record direct marketing list, including home address, telephone, religious affiliation and financial information now...

How and why deepfake videos work — and what is at risk

How and why deepfake videos work — and what is at risk

Once the bailiwick of Hollywood special effects studios with multi-million-dollar budgets, now anyone can download deepfake software and use machine learning to make believable fake videos. This makes a lot of people nervous.

9 top hacker movies and TV shows of all time

9 top hacker movies and TV shows of all time

Movies and TV shows have long influenced how lawmakers and society think about information security. We all have our personal favorite we're obsessed with. What's yours?

SoftNAS Cloud 0day found: Upgrade ASAP

SoftNAS Cloud 0day found: Upgrade ASAP

SoftNAS Cloud users should upgrade immediately following a report by Digital Defense that the virtual cloud appliance is vulnerable to a session management security issue.

What is Mimikatz? And how to defend against this password stealing tool

What is Mimikatz? And how to defend against this password stealing tool

Mimikatz is a leading post-exploitation tool that dumps passwords from memory, as well as hashes, PINs and Kerberos tickets.

Better, badder, bigger SIEM coming your way, folks, courtesy of Google

Better, badder, bigger SIEM coming your way, folks, courtesy of Google

Google/Alphabet's Chronicle cybersecurity moonshot has a doozy of a mega-gargantuan SIEM with huge pluses--and minuses. Take note.

Add cybersecurity to Doomsday Clock concerns, says Bulletin of Atomic Scientists

Add cybersecurity to Doomsday Clock concerns, says Bulletin of Atomic Scientists

The Doomsday Clock, once a ritual feature of the Cold War, warns that cybersecurity issues like IoT and cyber-enabled information warfare endanger humanity.

Fear and loathing defending ICS security at DoE's CyberForce Competition

Fear and loathing defending ICS security at DoE's CyberForce Competition

Defending critical infrastructure from determined attackers is not an easy task, CSO reporter J.M. Porup learned competing in the Department of Energy's CyberForce Competition 2018, a cyber security training initiative.

Load More