Deep Dive
Industry insights from our journalists
-
Stock photos via Getty Images
Network security tool defects are endemic, eroding enterprise defense
When malicious hackers exploit vulnerabilities in firewalls, VPNs and routers, it’s not the vendors that get hit — it’s their customers.
Matt Kapko • Jan. 28, 2025 -
The image by Jerrye & Roy Klotz, M.D. is licensed under CC BY-SA 4.0
CIOs turn to NIST to tackle generative AI’s many risks
Discover's CIO is one of many tech leaders working to limit generative AI missteps by turning to risk management frameworks to get deployment right from the outset.
Lindsey Wilkinson • Oct. 9, 2024 -
Retrieved from J.M. Eddins Jr./U.S. Air Force.
Are cybersecurity professionals OK?
Absorbing the impacts of cyberattacks takes a personal toll on defenders. Separating the evil they see from all that’s good in the world doesn’t always come easy.
Matt Kapko • Aug. 7, 2024 -
Ethan Miller via Getty Images
At Microsoft, years of security debt come crashing down
Critics say negligence, misguided investments and hubris have left the enterprise giant on its back foot.
David Jones • April 30, 2024 -
Retrieved from Colorado State University on January 09, 2024
Progress Software’s MOVEit meltdown: uncovering the fallout
Businesses use the file-transfer service because it checks the compliance boxes for keeping data safe. Though initial attacks were targeted, thousands of bystanding businesses were hit indiscriminately.
Matt Kapko and Julia Himmel • Jan. 16, 2024 -
iStock / Getty Images Plus via Getty Images
Security has an underlying defect: passwords and authentication
Cyberattacks are fueled by the shortcomings of business authentication controls. Bad things happen when access falls apart and credentials land in the wrong hands.
Matt Kapko • Sept. 18, 2023 -
Vitalii Pasichnyk/Getty via Getty Images
MOVEit mass exploit timeline: How the file-transfer service attacks entangled victims
The slow-moving disaster has ensnared some of the world's largest enterprises. Cybersecurity experts expect further damage to come.
Matt Kapko • July 14, 2023 -
Illustration: Yann Bastard for Industry Dive
Hacking healthcare: With 385M patient records exposed, cybersecurity experts sound alarm on breach surge
Healthcare companies must harden their defenses, but it may require regulators and lawmakers to raise the bar on security standards, experts say.
Jasmine Ye Han • March 10, 2023 -
Naomi Eide/Cybersecurity Dive
A first-hand look inside Walmart’s robust security operations
The retail behemoth invited a handful of journalists to its tech offices in Bentonville, Arkansas. The scope of Walmart’s operations speaks to the lengths enterprises must go to remain secure.
Naomi Eide • Jan. 30, 2023 -
Noah Berger/Getty Images for Amazon Web Services via Getty Images
Where is AWS in the cybersecurity conversation?
The cloud leader doesn’t emphasize security and share information at the same level as its competitors. Experts say that's by design.
Matt Kapko • Nov. 29, 2022 -
Illustration: Xavier Lalanne-Tauzia for Industry Dive
After the CommonSpirit ransomware attack: Why healthcare M&A is a ‘huge’ cybersecurity risk
The security incident comes three years after the health system’s megamerger, which potentially made it vulnerable to an attack, security experts say.
Samantha Liss • Oct. 27, 2022 -
Adeline Kon/Cybersecurity Dive
Hackers could crash the US power grid, but money, not sabotage, is their focus
For now, the capability remains in the hands of nation-state actors. But "sophistication can ultimately be bought," Edison Electric Institute's Scott Aaronson said.
Robert Walton • Nov. 2, 2021 -
Sarah Silbiger via Getty Images
What's under the hood of a medical device? Software bill of materials hits inflection point
President Joe Biden's executive order calls for SBOMs, and the FDA wants to require premarket submissions to have an inventory of third-party device components. AdvaMed is concerned the data could be exploited by hackers.
Greg Slabodkin • Oct. 11, 2021 -
Jeenah Moon via Getty Images
Microsoft, under attack from threat actors, positions itself as cyber guardian
The pandemic created more business opportunity, but malicious actors dogged the company's technology stack. Now, the very same products touted as security defense tools are under fire.
David Jones • Sept. 29, 2021 -
Legacy medical devices, growing hacker threats create perfect storm of cybersecurity risks
Hospitals are using more connected devices, many of which were not built with cybersecurity in mind, leaving healthcare organizations highly vulnerable to attacks.
Greg Slabodkin • June 23, 2021 -
Adeline Kon for Cybersecurity Dive/Cybersecurity Dive
Marijuana is becoming more accepted. Will cybersecurity employers play along?
As more states legalize recreational use, employers in the public and private sectors may need to change how they hire for cybersecurity.
Samantha Schwartz • April 20, 2021 -
Permission granted by Johnson & Johnson
4 tools to fight fraud, counterfeits and cyberattacks in the COVID-19 vaccine supply chain
Visibility technologies and real-time data provide one version of the truth in a rapidly built supply chain.
Deborah Abrams Kaplan • April 7, 2021 -
Ransomware 2020: the scale, scope and impact of attacks on business
In an international health crisis ripe with economic volatility, ransomware attacks have remained persistent. The fallout is growing more costly.
Samantha Schwartz • Oct. 30, 2020 -
'Golden bullet' clauses protect CISOs after a breach
A financial cushion will not shield an executive from public scrutiny, but it can alleviate the burden of blame.
Samantha Schwartz • Nov. 18, 2019 -
What industry gets wrong about cyber insurance
Despite common perception, recovery from a cyber event — such as paying a ransom — cannot be decided by a carrier.
Samantha Schwartz • Oct. 31, 2019
