Leadership & Careers

  • Image attribution tooltip
    LaylaBird via Getty Images

    Security professionals are burned out. Here are 5 ways to help them.

    Addressing the causes of burnout requires a top-down approach that better aligns security teams with the rest of the business.

    By Brian Eastwood • April 18, 2022
  • Image attribution tooltip
    eclipse_images via Getty Images

    Now is the time to break gender bias in cybersecurity

    A hidden epidemic that has hindered women’s ability to continue working at pre-pandemic levels is expected to impact infosec.

    By Jinan Budge • April 12, 2022
  • Image attribution tooltip
    Courtesy of Colonial Pipeline Company

    Colonial Pipeline names cybersecurity veteran as first CISO

    The Adam Tice hire comes nine months after a ransomware attack led to a six-day disruption of fuel delivery and a $4.4 million ransom payment.

    By Feb. 23, 2022
  • Image attribution tooltip

    Markus Spiske


    Talk to the board, not just IT, about ransomware

    The spread of fast-moving cyberattacks accelerates the need for rapid, clear communication between end-users, security teams and the board.

    By Lucia Milică • Feb. 4, 2022
  • CIO involvement in security grows as CEOs target risk reduction

    An IDG survey found security improvements are driving IT budget increases. 

    By Samantha Schwartz • Jan. 21, 2022
  • Image attribution tooltip
    peterschreiber.media via Getty Images

    C-suite leaders are confident in ransomware protections, despite more attacks

    While it's important for non-IT and security leaders to have buy-in, CISOs have the responsibility to level with their C-suite counterparts on the true threat of ransomware, (ISC)² research shows.

    By Samantha Schwartz • Jan. 5, 2022
  • Image attribution tooltip
    studio-fi via Getty Images

    How to hire and recruit a CISO

    High turnover means organizations are always on the lookout for new cybersecurity leadership, but what exactly are companies looking for in a CISO? 

    By Sue Poremba • Jan. 4, 2022
  • Image attribution tooltip
    Naomi Eide/Cybersecurity Dive

    RSA Conference postpones event until June citing omicron

    After taking place virtually this year, RSA Conference still plans to hold the event in-person, but the delays will allow a safer gathering, a conference official said.

    By Dec. 23, 2021
  • Image attribution tooltip
    RobertPetrovic via Getty Images

    What threats 4 security professionals are watching over the holidays

    With SOCs down a few people, the time away will test processes and technology. 

    By Samantha Schwartz • Dec. 23, 2021
  • Image attribution tooltip

    Photo by Canva Studio from Pexels

    More research connects security burnout with business risk

    One in three 1Password respondents said burnout adds to a decline in initiative and motivation, which also reduces compliance with security protocols.

    By Samantha Schwartz • Dec. 7, 2021
  • Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images

    CISA names 23 industry leaders to advisory board

    The members — who range from industry and government technology and security leaders — will advise CISA Director Jen Easterly on the agency's policies and programs. 

    By Samantha Schwartz • Dec. 2, 2021
  • Image attribution tooltip
    PeopleImages via Getty Images

    Security disconnect: Why the CISO role is evolving

    CISOs are too focused on security operations, writing policies or vendor management, and less involved in business strategy, where their time is better spent.

    By Samantha Schwartz • Nov. 22, 2021
  • Image attribution tooltip
    iStock / Getty Images Plus via Getty Images

    What to consider when connecting cyber, business strategy

    The common issue security and business leaders run into is miscommunication, Gartner's Jeffrey Wheatman said.

    By Samantha Schwartz • Nov. 17, 2021
  • Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by spainter_vfx via Getty Images

    DHS makes cyber hiring more flexible, less certification-based

    The new personnel management system has helped reduce hiring time by 13%, but it's not enough, CISA Director Jen Easterly said. It still takes at least 200 days to hire candidates.

    By Samantha Schwartz • Nov. 16, 2021
  • Image attribution tooltip
    Poike via Getty Images

    Trust is becoming a CISO priority, boosts customer stickiness

    Customers are more likely to forgive a particular brand for putting data at risk if they trust the company, Forrester research shows.

    By Nov. 10, 2021
  • Image attribution tooltip

    Photo by Good Faces on Unsplash

    Cybersecurity workforce is growing, but staff shortages still put businesses at risk

    The U.S. cybersecurity workforce grew 30% this year, surpassing 1.1 million workers, (ISC)² research found, but half of organizations need staff to securely provision, analyze, and protect and defend.

    By Samantha Schwartz • Oct. 27, 2021
  • Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images

    A conversation with SolarWinds' CISO

    "Our CEO got a call in the morning from Kevin Mandia. And then he called me, and then the CTO for FireEye called me. That's our nightmare moment," Tim Brown told Cybersecurity Dive. 

    By Samantha Schwartz • Oct. 26, 2021
  • Image attribution tooltip
    Waseem Farooq. (2018). "Business meeting" [Photo]. Retrieved from pxhere.

    Boards elevate cybersecurity to a business risk

    Enterprises are shifting away from consider security solely a technology risk, though the main focus on the board still centers on economic uncertainty, Gartner research shows. 

    By Oct. 25, 2021
  • Image attribution tooltip
    Joe Raedle via Getty Images

    The Great Resignation: Has the pandemic impacted cybersecurity careers?

    The skills gap has challenged the industry for years, but the lack of availability for non-technical professionals to gain cybersecurity training is particularly glaring.

    By Sue Poremba • Oct. 25, 2021
  • Image attribution tooltip

    Chris Krebs, former CISA director and founding partner of Krebs Stamos Group, speaking with Gartner Distinguished VP Analyst Neil MacDonald during the virtual Gartner IT Symposium/Xpo Wednesday. Retrieved from Gartner IT Symposium/Xpo on Oct. 20, 2021

    Government can demand stronger product security, Krebs said. It could help private sector, too

    The federal government can use the power of the purse to leverage security improvements, which could benefit businesses at large, according to former CISA Director Chris Krebs.

    By Samantha Schwartz • Oct. 22, 2021
  • Image attribution tooltip
    Christopher Furlong via Getty Images

    2022 could bring OT weaponization, ransomware laws, Gartner says

    In the last decade companies underwent digital transformation, with cloud taking over legacy solutions. But the same practices cannot be deployed year after year.

    By Samantha Schwartz • Oct. 21, 2021
  • Avoid paying ransoms, Gartner says. Instead, focus on situational awareness

    In the event of a ransomware attack, CISOs need to pause amid chaos and gain a better understand around steps to recovery. 

    By Samantha Schwartz • Oct. 20, 2021
  • Image attribution tooltip
    Dan Kitwood via Getty Images

    Kaseya taps former FBI agent as CISO

    Jason Manar worked in partnership with the company following its July ransomware attack.

    By Samantha Schwartz • Oct. 20, 2021
  • Image attribution tooltip
    Chip Somodevilla / Staff via Getty Images

    White House tackles endpoint security in federal agencies, tees up CISA

    Agencies should have "enterprise-level visibility" across bureaus and sub-agencies, a Friday memo said.

    By Samantha Schwartz • Oct. 13, 2021
  • CISOs: Approach the board with precision, simplicity

    Executives from PepsiCo, Mandiant and Texas Children's Hospital honed the art of approaching the board. Their techniques leave stakeholders asking, "Do you need anything?"

    By Samantha Schwartz • Oct. 8, 2021