22 Posts

Joan Goodchild


Joan is an award-winning veteran journalist, editor, writer, researcher. She is a seasoned correspondent covering the security industry with deep contacts and knowledge of the topics important to security professionals. Joan spent nine years at CSO Online, including four years acting as editor-in-chief.

Written By Joan Goodchild

Bring These Security Metrics to Your Next Budget Meeting With the Board

By presenting the right security metrics to executives, CISOs can develop a strong business case for greater investment in cybersecurity.

Email Security Best Practices to Help You Reel In the Threat of Phishing

Phishing is still among the most common causes of a data breach. Companies should invest in managed security services and comprehensive awareness training to improve email security best practices.

What Are the Seven Biggest Social Media Scams of 2018?

Social media scams are an ever-evolving way for criminals to abuse the exponentially connected applications that are increasingly saturating users' everyday lives.

Six Tips for Recruiting and Retaining Women in Security Roles

As the number of unfilled cybersecurity positions increases, women in security remain grossly underrepresented. New data shows the deep-seated changes that must be made to turn these trends around.

Generation Gap: Does Your Security Awareness Program Bridge the Divide?

As more millennials enter the workforce, organizations should consider different approaches to security awareness training to account for generational knowledge gaps.

4 Tips to Creatively Close the Information Security Skills Gap

Hiring managers have lamented the so-called cybersecurity skills gap for many years, but some recruiters have found creative ways to solve this problem.

How to Recognize a Business Email Compromise Attack

Security leaders must implement phishing awareness programs to train employees to recognize business email compromise (BEC) attacks and other social engineering schemes that could compromise data.

These Four Communication Tips Could Improve Your Cybersecurity Reporting

When it comes to cybersecurity reporting, CISOs must communicate security risks, priorities and initiatives in the language of business to earn the attention and respect of board directors.

The 4 Critical Elements of an Incident Response Plan

Many security analysts and consultant agree: It's time to get serious about incident response. Explore four critical elements of a solid plan.

4 Social Engineering Tricks That Fool Unsuspecting Employees

Explore some of the most common social engineering tricks used to fool employees into handing over access to sensitive data. These include phishing, tailgating and social media pretexting.