Leadership & Careers


  • Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images

    CISA names 23 industry leaders to advisory board

    The members — who range from industry and government technology and security leaders — will advise CISA Director Jen Easterly on the agency's policies and programs. 

    By Dec. 2, 2021
  • Image attribution tooltip
    PeopleImages via Getty Images

    Security disconnect: Why the CISO role is evolving

    CISOs are too focused on security operations, writing policies or vendor management, and less involved in business strategy, where their time is better spent.

    By Nov. 22, 2021
  • Image attribution tooltip
    iStock / Getty Images Plus via Getty Images

    What to consider when connecting cyber, business strategy

    The common issue security and business leaders run into is miscommunication, Gartner's Jeffrey Wheatman said.

    By Nov. 17, 2021
  • Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by spainter_vfx via Getty Images

    DHS makes cyber hiring more flexible, less certification-based

    The new personnel management system has helped reduce hiring time by 13%, but it's not enough, CISA Director Jen Easterly said. It still takes at least 200 days to hire candidates.

    By Nov. 16, 2021
  • Image attribution tooltip
    Poike via Getty Images

    Trust is becoming a CISO priority, boosts customer stickiness

    Customers are more likely to forgive a particular brand for putting data at risk if they trust the company, Forrester research shows.

    By Nov. 10, 2021
  • Image attribution tooltip

    Photo by Good Faces on Unsplash

    Cybersecurity workforce is growing, but staff shortages still put businesses at risk

    The U.S. cybersecurity workforce grew 30% this year, surpassing 1.1 million workers, (ISC)² research found, but half of organizations need staff to securely provision, analyze, and protect and defend.

    By Oct. 27, 2021
  • Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images
    Q&A

    A conversation with SolarWinds' CISO

    "Our CEO got a call in the morning from Kevin Mandia. And then he called me, and then the CTO for FireEye called me. That's our nightmare moment," Tim Brown told Cybersecurity Dive. 

    By Oct. 26, 2021
  • Image attribution tooltip
    Waseem Farooq. (2018). "Business meeting" [Photo]. Retrieved from pxhere.

    Boards elevate cybersecurity to a business risk

    Enterprises are shifting away from consider security solely a technology risk, though the main focus on the board still centers on economic uncertainty, Gartner research shows. 

    By Oct. 25, 2021
  • Image attribution tooltip
    Joe Raedle via Getty Images

    The Great Resignation: Has the pandemic impacted cybersecurity careers?

    The skills gap has challenged the industry for years, but the lack of availability for non-technical professionals to gain cybersecurity training is particularly glaring.

    By Sue Poremba • Oct. 25, 2021
  • Image attribution tooltip

    Chris Krebs, former CISA director and founding partner of Krebs Stamos Group, speaking with Gartner Distinguished VP Analyst Neil MacDonald during the virtual Gartner IT Symposium/Xpo Wednesday. Retrieved from Gartner IT Symposium/Xpo on Oct. 20, 2021

    Government can demand stronger product security, Krebs said. It could help private sector, too

    The federal government can use the power of the purse to leverage security improvements, which could benefit businesses at large, according to former CISA Director Chris Krebs.

    By Oct. 22, 2021
  • Image attribution tooltip
    Christopher Furlong via Getty Images

    2022 could bring OT weaponization, ransomware laws, Gartner says

    In the last decade companies underwent digital transformation, with cloud taking over legacy solutions. But the same practices cannot be deployed year after year.

    By Oct. 21, 2021
  • Avoid paying ransoms, Gartner says. Instead, focus on situational awareness

    In the event of a ransomware attack, CISOs need to pause amid chaos and gain a better understand around steps to recovery. 

    By Oct. 20, 2021
  • Image attribution tooltip
    Dan Kitwood via Getty Images

    Kaseya taps former FBI agent as CISO

    Jason Manar worked in partnership with the company following its July ransomware attack.

    By Oct. 20, 2021
  • Image attribution tooltip
    Chip Somodevilla / Staff via Getty Images

    White House tackles endpoint security in federal agencies, tees up CISA

    Agencies should have "enterprise-level visibility" across bureaus and sub-agencies, a Friday memo said.

    By Oct. 13, 2021
  • CISOs: Approach the board with precision, simplicity

    Executives from PepsiCo, Mandiant and Texas Children's Hospital honed the art of approaching the board. Their techniques leave stakeholders asking, "Do you need anything?"

    By Oct. 8, 2021
  • Image attribution tooltip
    Samantha Schwartz/Cybersecurity Dive

    Mandiant CEO: 3 threats that changed cybersecurity in 2020

    CISOs getting comfortable in a more operational role were met with unprecedented cyberattacks — implants, zero days and ransomware — within the last year and a half.

    By Oct. 6, 2021
  • Image attribution tooltip
    Ryan Golden/Cybersecurity Dive

    Digitization costs manufacturing plants 'the luxury of isolation,' changing risk management

    OT organizations transition from site-level best practices to overall best practices, and move plant operations into an enterprise SOC.

    By Oct. 1, 2021
  • Image attribution tooltip
    David Ramos via Getty Images

    Companies confident in cybersecurity despite growing threats: report

    There's a perception of "safety in numbers," Beazley's survey found. "Time will tell if such high levels of confidence are well placed."

    By Sept. 16, 2021
  • Image attribution tooltip
    Sean Gallup via Getty Images

    Cybersecurity drills don't have to be 'fight or flight,' training creators say

    Cyber training has followed "a very dangerous path," the co-founders of Hook Security said. But a humorous approach may turn things around.

    By Ryan Golden • Sept. 15, 2021
  • Image attribution tooltip

    Photo by MART PRODUCTION from Pexels

    What do tech workers want?

    The COVID-19 pandemic proved that companies could accommodate flexible work and employees have more choice to join companies with better pay.

    By Sept. 13, 2021
  • Image attribution tooltip
    Alex Wong via Getty Images

    What cyber insurance CEOs want to see from customers

    Insurers joined high-profile CEOs at the White House summit last week to discuss how to improve national cybersecurity. For one insurance CEO, the industry needs three points of improvement.

    By Aug. 31, 2021
  • Image attribution tooltip
    Alex Wong via Getty Images

    Tech CEOs promise billions of dollars in cybersecurity support

    The Biden administration has to strike a balance between honoring big tech's capitalism while pushing it to a higher standard for the sake of national security.

    By Aug. 26, 2021
  • Image attribution tooltip

    Photo by MART PRODUCTION from Pexels

    Companies are investing in security operations but limited by talent gaps

    For some CISOs, the onus to attract talent is on them and the standards they make. 

    By Aug. 25, 2021
  • Image attribution tooltip
    Omar Marques via Getty Images

    3 university CISOs changed focus, not strategy, amid pandemic

    Higher education institutions have a security problem: provide users the individualized experience they need to succeed without shortchanging security.

    By Aug. 23, 2021
  • Image attribution tooltip
    Joe Raedle via Getty Images

    In the event of a cyber incident, think like a lawyer

    While security professionals may not be deeply involved in the legal aspects of a cyber incident, they have to be aware of attorney-client privileges.

    By Aug. 17, 2021