Leadership & Careers

Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images

CISA names 23 industry leaders to advisory board

The members — who range from industry and government technology and security leaders — will advise CISA Director Jen Easterly on the agency's policies and programs.
By Samantha Schwartz • Dec. 2, 2021
PeopleImages via Getty Images

Security disconnect: Why the CISO role is evolving

CISOs are too focused on security operations, writing policies or vendor management, and less involved in business strategy, where their time is better spent.
By Samantha Schwartz • Nov. 22, 2021
iStock / Getty Images Plus via Getty Images

What to consider when connecting cyber, business strategy

The common issue security and business leaders run into is miscommunication, Gartner's Jeffrey Wheatman said.
By Samantha Schwartz • Nov. 17, 2021
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by spainter_vfx via Getty Images

DHS makes cyber hiring more flexible, less certification-based

The new personnel management system has helped reduce hiring time by 13%, but it's not enough, CISA Director Jen Easterly said. It still takes at least 200 days to hire candidates.
By Samantha Schwartz • Nov. 16, 2021
Poike via Getty Images

Trust is becoming a CISO priority, boosts customer stickiness

Customers are more likely to forgive a particular brand for putting data at risk if they trust the company, Forrester research shows.
By David Jones • Nov. 10, 2021
Photo by Good Faces on Unsplash

Cybersecurity workforce is growing, but staff shortages still put businesses at risk

The U.S. cybersecurity workforce grew 30% this year, surpassing 1.1 million workers, (ISC)² research found, but half of organizations need staff to securely provision, analyze, and protect and defend.
By Samantha Schwartz • Oct. 27, 2021
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images

Q&A

A conversation with SolarWinds' CISO

"Our CEO got a call in the morning from Kevin Mandia. And then he called me, and then the CTO for FireEye called me. That's our nightmare moment," Tim Brown told Cybersecurity Dive.
By Samantha Schwartz • Oct. 26, 2021
Waseem Farooq. (2018). "Business meeting" [Photo]. Retrieved from pxhere.

Boards elevate cybersecurity to a business risk

Enterprises are shifting away from consider security solely a technology risk, though the main focus on the board still centers on economic uncertainty, Gartner research shows.
By Naomi Eide • Oct. 25, 2021
Joe Raedle via Getty Images

The Great Resignation: Has the pandemic impacted cybersecurity careers?

The skills gap has challenged the industry for years, but the lack of availability for non-technical professionals to gain cybersecurity training is particularly glaring.
By Sue Poremba • Oct. 25, 2021
Chris Krebs, former CISA director and founding partner of Krebs Stamos Group, speaking with Gartner Distinguished VP Analyst Neil MacDonald during the virtual Gartner IT Symposium/Xpo Wednesday. Retrieved from Gartner IT Symposium/Xpo on Oct. 20, 2021

Government can demand stronger product security, Krebs said. It could help private sector, too

The federal government can use the power of the purse to leverage security improvements, which could benefit businesses at large, according to former CISA Director Chris Krebs.
By Samantha Schwartz • Oct. 22, 2021
Christopher Furlong via Getty Images

2022 could bring OT weaponization, ransomware laws, Gartner says

In the last decade companies underwent digital transformation, with cloud taking over legacy solutions. But the same practices cannot be deployed year after year.
By Samantha Schwartz • Oct. 21, 2021
"Macro shot of a 100 us dollar banknote" by Marco Verch is licensed under CC BY 2.0

Avoid paying ransoms, Gartner says. Instead, focus on situational awareness

In the event of a ransomware attack, CISOs need to pause amid chaos and gain a better understand around steps to recovery.
By Samantha Schwartz • Oct. 20, 2021
Dan Kitwood via Getty Images

Kaseya taps former FBI agent as CISO

Jason Manar worked in partnership with the company following its July ransomware attack.
By Samantha Schwartz • Oct. 20, 2021
Chip Somodevilla / Staff via Getty Images

White House tackles endpoint security in federal agencies, tees up CISA

Agencies should have "enterprise-level visibility" across bureaus and sub-agencies, a Friday memo said.
By Samantha Schwartz • Oct. 13, 2021
"wocintech (microsoft) - 112" by WOCinTech Chat is licensed under CC BY 2.0

CISOs: Approach the board with precision, simplicity

Executives from PepsiCo, Mandiant and Texas Children's Hospital honed the art of approaching the board. Their techniques leave stakeholders asking, "Do you need anything?"
By Samantha Schwartz • Oct. 8, 2021
Samantha Schwartz/Cybersecurity Dive

Mandiant CEO: 3 threats that changed cybersecurity in 2020

CISOs getting comfortable in a more operational role were met with unprecedented cyberattacks — implants, zero days and ransomware — within the last year and a half.
By Samantha Schwartz • Oct. 6, 2021
Ryan Golden/Cybersecurity Dive

Digitization costs manufacturing plants 'the luxury of isolation,' changing risk management

OT organizations transition from site-level best practices to overall best practices, and move plant operations into an enterprise SOC.
By Samantha Schwartz • Oct. 1, 2021
David Ramos via Getty Images

Companies confident in cybersecurity despite growing threats: report

There's a perception of "safety in numbers," Beazley's survey found. "Time will tell if such high levels of confidence are well placed."
By Samantha Schwartz • Sept. 16, 2021
Sean Gallup via Getty Images

Cybersecurity drills don't have to be 'fight or flight,' training creators say

Cyber training has followed "a very dangerous path," the co-founders of Hook Security said. But a humorous approach may turn things around.
By Ryan Golden • Sept. 15, 2021
Photo by MART PRODUCTION from Pexels

What do tech workers want?

The COVID-19 pandemic proved that companies could accommodate flexible work and employees have more choice to join companies with better pay.
By Katie Malone • Sept. 13, 2021
Alex Wong via Getty Images

What cyber insurance CEOs want to see from customers

Insurers joined high-profile CEOs at the White House summit last week to discuss how to improve national cybersecurity. For one insurance CEO, the industry needs three points of improvement.
By Samantha Schwartz • Aug. 31, 2021
Alex Wong via Getty Images

Tech CEOs promise billions of dollars in cybersecurity support

The Biden administration has to strike a balance between honoring big tech's capitalism while pushing it to a higher standard for the sake of national security.
By Samantha Schwartz • Aug. 26, 2021
Photo by MART PRODUCTION from Pexels

Companies are investing in security operations but limited by talent gaps

For some CISOs, the onus to attract talent is on them and the standards they make.
By Samantha Schwartz • Aug. 25, 2021
Omar Marques via Getty Images

3 university CISOs changed focus, not strategy, amid pandemic

Higher education institutions have a security problem: provide users the individualized experience they need to succeed without shortchanging security.
By Samantha Schwartz • Aug. 23, 2021
Joe Raedle via Getty Images

In the event of a cyber incident, think like a lawyer

While security professionals may not be deeply involved in the legal aspects of a cyber incident, they have to be aware of attorney-client privileges.
By Samantha Schwartz • Aug. 17, 2021