The Latest
-
SARINYAPINNGAM via Getty Images
Employees can't quit habit of writing down, sharing passwords
Amid heightened threats, workers are incorporating company names into passwords, writing them on sticky notes and sharing them via email.
-
Getty Images
Companies missing security in rushed cloud adoptions
While misconfigurations are likely unknown today, they have the potential to become critical vulnerabilities.
-
Daphne Howland/Cybersecurity Dive
Why SMBs miss out on the white-glove cyber insurance advantage
Insurance companies spend less time with SMBs evaluating individual risk profiles, weakening a piece of the global cyber economy.
-
Orbon Alija/ E+/Getty via Getty Images
OpinionIoT cybersecurity law does not go far enough to protect industry
As networks become more connected and reliant on third-party sources like cloud and SaaS applications, most companies continue to have massive blind spots.
-
Enterprises lag on firmware security spending in face of rising threat
IT security officials are often more worried about the difficulty of detecting malware threats, in part because firmware attacks are hard to catch, a Microsoft-commissioned report found.
-
Traitov/iStock/Getty via Getty Images
Half of companies lack security to support cloud-based IAM: report
Almost all (98%) of IT executives report challenges with IAM sourced from the cloud, including lack of visibility and increased complexity.
-
Dollar Photo Club
2020 was a record year for K-12 cybersecurity incidents
U.S. schools faced 408 publicized incidents — an 18% increase over 2019, according to the K-12 Cybersecurity Resource Center.
-
How tools impact cyber insurance premiums
From the day insurers write a policy through its term expiration, there is too much volatility for insurance providers to adequately capture risk.
-
Getty
Shift online exposed and expanded college cybersecurity vulnerabilities
Ransomware attacks doubled from 2019 to 2020, according to one report, and experts say the increased use of virtual tools opened up new threats.
-
Tomorrow's cyber workforce has security skills built-in. That could limit businesses
Cybersecurity truths: The talent pool is growing but not fast enough and there will always be a variety of paths that lead to the same place.
-
Molson Coors incident shines a light on industrial cyberattack vulnerabilities
The international brewery continues to face delays and financial impacts amid a wave of attacks against manufacturing.
-
Security leaders: Expect more insider data leaks, threats in 2021
The rise stems from a lack of accurate insight from data loss prevention and cloud access security broker technologies.
-
Operational threat intelligence leans on facts, less anecdotal evidence
Digesting threat intelligence looks different in IT environments than OT.
-
Traitov/iStock/Getty via Getty Images
Companies use cloud to make network security easier
With the cloud taking over hardware and infrastructure security responsibilities, customers are free to handle application and software security.
-
Cybersecurity spending is up but so are breaches
Healthcare, media, entertainment and gaming experienced the greatest growth in breaches last year, coinciding with a "big shift" toward digital transformation, Canalys found.
-
To combat open source insecurity, companies need tech and leadership
With software dependencies commonplace, it's up to industry to clear a path to greater supply chain security in software.
-
Rangel, David. [photograph]. Retrieved from https://unsplash.com/photos/4m7gmLNr3M0.
Babuk ransomware group emerges with new claims against US companies
The threat actor emerges amid heightened ransomware concerns following the Microsoft Exchange server attacks.
-
Remote work gives rise to more executive credential theft
Threat actors are increasingly using social engineering to cultivate vulnerable end users and compromise networks, according to a CyberArk report.
-
As cyber insurers quantify risk, security spending provides little info
Quantifying risk appetite, an assessment insurance premiums are based on, is an imperfect science for providers and customers.
-
zefart/iStock/Getty via Getty Images
Threat data sharing considered critical to defense amid rise in sophisticated attacks: report
A Ponemon Institute study shows the value of actionable data as lawmakers and the Biden administration work to encourage intelligence sharing.
-
Getty Images
Spending on IAM, zero trust to rise as companies extend remote work
The shift to remote work placed more pressure on IT and security departments to secure corporate data without interrupting productivity.
-
70% of malicious DNS traffic in tech is cryptomining, phishing: Cisco
Researchers suggested tech employees were unfamiliar with company policies, triggering cryptomining blocks in Cisco Umbrella.
-
SolarWinds threat actors accessing Microsoft 365 by altering permissions
Mandiant observed a threat actor linked to the SolarWinds campaign using a stealthy approach to read email in targeted mailboxes.
-
OpinionPrioritizing risk in M&A due diligence in the COVID-19 era, and beyond
Imagine acquiring a company with an infected network, and then connecting your company to that flawed network. That can introduce serious issues into a previously protected company.
-
sestovic/E+/Getty via Getty Images
Microsoft Exchange fixes arrive, but some companies lack IT resources to repair
Security specialists and managed-service providers are filling the void at thousands of small firms that operate with limited IT and cybersecurity staffing.
