9 Posts

Joan Goodchild


Joan is an award-winning veteran journalist, editor, writer, researcher. She is a seasoned correspondent covering the security industry with deep contacts and knowledge of the topics important to security professionals. Joan spent nine years at CSO Online, including four years acting as editor-in-chief.

Written By Joan Goodchild

Six Tips for Recruiting and Retaining Women in Security Roles

As the number of unfilled cybersecurity positions increases, women in security remain grossly underrepresented. New data shows the deep-seated changes that must be made to turn these trends around.

Generation Gap: Does Your Security Awareness Program Bridge the Divide?

As more millennials enter the workforce, organizations should consider different approaches to security awareness training to account for generational knowledge gaps.

4 Tips to Creatively Close the Information Security Skills Gap

Hiring managers have lamented the so-called cybersecurity skills gap for many years, but some recruiters have found creative ways to solve this problem.

How to Recognize a Business Email Compromise Attack

Security leaders must implement phishing awareness programs to train employees to recognize business email compromise (BEC) attacks and other social engineering schemes that could compromise data.

These Four Communication Tips Could Improve Your Cybersecurity Reporting

When it comes to cybersecurity reporting, CISOs must communicate security risks, priorities and initiatives in the language of business to earn the attention and respect of board directors.

The 4 Critical Elements of an Incident Response Plan

Many security analysts and consultant agree: It's time to get serious about incident response. Explore four critical elements of a solid plan.

4 Social Engineering Tricks That Fool Unsuspecting Employees

Explore some of the most common social engineering tricks used to fool employees into handing over access to sensitive data. These include phishing, tailgating and social media pretexting.

Ready to Try Threat Modeling? Avoid These 4 Common Missteps

Avoid these common threat-modeling missteps. Threat modeling can help you identify and prioritize the risks to your organization — but if done incorrectly, it can leave you defenseless.

4 Essentials for Effective Security Awareness Training

Awareness experts weigh in about the essential elements for an awareness program that keeps users engaged — and helps them identify major threats to an organization's security posture.