Page 2
-
The risk of disconnect between CIOs and CISOs
Companies need their CIO and CISO working together to reach their strategic goals. Strain in the relationship is a recipe for breaches.
-
Markus Spiske
Cobalt Strike rising in prominence among criminal threat actors
The penetration testing tool became a favored weapon in high-profile campaigns, including SolarWinds and the recent Nobelium email attacks.
-
Justin Sullivan via Getty Images
Critical goods industries face existential ransomware decisions
For certain industries, the choice is between paying millions to settle a criminal extortion or allowing a catastrophic supply chain disruption.
-
zefart/iStock/Getty via Getty Images
34% of health organizations hit by ransomware last year, report finds
Of those attacked, 65% said the cybercriminals were successful in encrypting their data, according to the report from cybersecurity company Sophos.
-
Rob Kim via Getty Images
Microsoft customer service agent briefly hit by fresh Nobelium attacks
The threat actor behind the SolarWinds attacks used brute force and password spraying in a new round of attacks, mainly targeting IT and government agencies.
-
Adeline Kon/Cybersecurity Dive
ColumnBehind the Firewall: How 5 cyber execs got started in security
The cyber field is newly formed, and talent is in high demand. The road to a career in security can vary widely, from family legacies to accidental break-ins.
-
Patrick Lux via Getty Images
Spoofing, spear phishing dominate BEC attacks: report
Threat actors are targeting the C-suite and corporate finance departments with the goal of stealing credentials or unleashing malicious payloads.
-
sestovic/E+/Getty via Getty Images
Defending the unknown: Companies may not be getting the full story on cyberthreats
Because of the way some data is presented, there is no way to know what vital information might be missing.
-
Getty Images / Staff via Getty Images
Gaps in DOD supply chain leave Pentagon vulnerable: report
SMBs in the defense industry remain vulnerable to persistent threats, and research shows a large percentage are missing the security basics, including data storage security.
-
Deep Dive
Legacy medical devices, growing hacker threats create perfect storm of cybersecurity risks
Hospitals are using more connected devices, many of which were not built with cybersecurity in mind, leaving healthcare organizations highly vulnerable to attacks.
-
Photo by Josh Appel on Unsplash
Are businesses underinvesting in cybersecurity?
The issue isn't how large of a cybersecurity investment an organization makes, but rather, if it is spending funds properly.
-
sestovic/E+/Getty via Getty Images
Infosec execs still lack direct access to the CEO: study
About 93% of IT security professionals don't report directly to their CEO, while a majority do not provide security updates to their boards of directors.
-
Sean Gallup via Getty Images
Q&AHow colleges can be proactive about the ransomware threat
Increased online activity during the pandemic intensified the impact of cyberattacks on higher ed, one expert explains.
-
Getty Images
Cloud security a shared responsibility. Where's the confusion?
The cloud meant replacing on-premise risks with a different kind of risk. Some companies are unsure how to translate those responsibilities into actions.
-
Spencer Platt via Getty Images
Critical infrastructure sites face greater cyberthreat amid remote connectivity
Moody's warns oil, electric and other critical infrastructure providers are increasingly attractive targets for ransomware.
-
Traitov/iStock/Getty via Getty Images
Attacks against container supply chains grow more sophisticated
Bad actors are finding novel methods of attacking cloud-native environments, raising new security challenges for developers.
-
Surface via Unsplash
VPN exploitation rose in 2020, organizations slow to patch critical flaws
RDP and VPNs will remain a prime target for cybercriminals as remote and hybrid work continue, Trustwave said.
-
Sean Gallup / Staff via Getty Images
Biden confronts Putin on cyberattacks, private sector optimistic
The U.S. president drew a line with the Russian leader on critical infrastructure as the countries plan to cooperate on reducing malign activity.
-
Getty Images
How do companies assess risk? It's a system-by-system question
Every piece of technology is vulnerable to threat actors, but each organization and cybersecurity team decides which software and technology adds risk to its business operations.
-
Kevin Dietsch / Staff via Getty Images
Overlap concerns grow as more federal cyber officials join the ranks
With the addition of the national cyber director, confusion could arise as to who or what branch will provide guidance for private sector partners.
-
Sean Gallup via Getty Images
CISOs, CIOs see heightened mobile security threat amid shift to hybrid
Mobile devices are difficult to secure because of a combination of untrusted personal apps and data stored on the same device, one security expert said.
-
Courtesy of Microsoft
Patched Microsoft Teams vulnerability shows the delicacy of messaging platforms
A researcher said the patched vulnerability could have granted access to files in OneDrive and the ability to execute business email compromise.
-
Tomohiro Ohsumi via Getty Images
Codecov to sunset Bash Uploader following April supply chain attack
The company seeks to boost security posture, however analysts are raising questions about whether the new uploader addresses underlying concerns.
-
Adeline Kon/Cybersecurity Dive
Column
Behind the Firewall: How 9 execs implement cybersecurity at home
Cybersecurity follows professionals outside of the workplace as they instill best practices in their homes and communities.
-
Leon Neal via Getty Images
Opinion3 ways to assess the effectiveness of security awareness training
Failure to prove the effectiveness of a security awareness program can lower the executive support critical to ensuring participation in the program.
Home
