The art of threat modeling: 3 frameworks to know

Organizations should use the frameworks in a manual or automated way to better understand the security threats they’re up against, Gartner’s William Dupre writes. 

By William Dupre • Updated 19 hours ago

Cybersecurity jobs pay well, but gender disparities persist

ISC2’s analysis found significant financial upside for professionals in U.S. cybersecurity jobs, but there are gaps across levels of seniority by gender.

By Matt Kapko • April 11, 2024

Explore the Trendline➔

The Cybersecurity Dive Outlook on 2021

Last year, what security experts long cautioned could happen came to fruition — a supply chain attack unleashed a wave of compromises. Now, stakeholders have to ask, what technology can businesses trust?

By Cybersecurity Dive staff

CISO role shows significant gains amid corporate recognition of cyber risk

A report from Moody’s Ratings shows CISOs and other senior-level cyber executives have become key decision makers within the C-suite. 

By David Jones • April 9, 2024

How CISO salaries are faring as businesses ask more of security

As CISOs become more welcomed as full members of the C-suite, they are enjoying the compensation and perks that come with the status. 

By Sue Poremba • March 28, 2024

Google Cloud CISO spots asymmetric advantage for AI in defense

Organizations have the upper hand in using generative AI for security because it’s trained on data they own and context they tune against it, Phil Venables says.

By Matt Kapko • March 13, 2024

Visa spends ‘billions’ battling cybersecurity threats

“We are all in an arms race to protect this ecosystem, to protect the network,” Visa CEO Ryan McInerney said at an investor conference last week.

By Lynne Marek • March 12, 2024

CFOs take backseat to CISOs on SEC cyber rules

Less than half of finance chiefs are involved in the SEC's cybersecurity breach disclosure process, AuditBoard found.

By Alexei Alexis • Feb. 27, 2024

Palo Alto Networks’ free incentives offer sparks investor anxiety

The firm is giving away services and offering deferred billing to corral new customers into its consolidated cybersecurity platforms.

By David Jones • Feb. 21, 2024

NSA Cyber Director Rob Joyce to retire

The NSA veteran is retiring at the end of March after 34 years with the agency. David Luber, deputy director of the Cybersecurity Directorate, will succeed Joyce.

By Matt Kapko • Feb. 20, 2024

National cyber director urges private sector collaboration to counter nation-state cyber threat

Harry Coker said the Biden administration is exploring plans to hold manufacturers accountable for poor security, while also working to harmonize regulations.

By David Jones • Feb. 9, 2024

Okta to cut 7% of workforce as push to revamp security is underway

The layoffs come during the company's 90-day overhaul to address lax security following a string of cyberattacks targeting Okta and its customers.

By Matt Kapko • Feb. 1, 2024

Highly ranked cybersecurity master’s program teaches in-demand skills for growing field

Indiana University’s Master of Science in Cybersecurity Risk Management degree program brings together cybersecurity courses from three of IU’s top-ranked schools. Join them for an info session to learn more.

By Kirk Johannesen, Communications Consultant and Internal Communication • Jan. 29, 2024

Microsoft to overhaul internal security practices after Midnight Blizzard attack

After Microsoft disclosed a state-sponsored actor stole data from senior executives, experts are raising questions about its security capabilities and practices.

By David Jones • Jan. 22, 2024

Mimecast acquires human risk management specialist Elevate Security

The acquisition is the latest in a series of deals in recent weeks, following a turbulent year of industry layoffs, spending cuts and a weaker investment climate in the sector.

By David Jones • Jan. 4, 2024

SonicWall acquires Banyan Security to boost cloud security portfolio for remote work

The company recently acquired a firm specializing in managed detection and response technology for managed service providers.

By David Jones • Jan. 3, 2024

Senate confirms Harry Coker Jr. as national cyber director

The national security veteran assumes the role at a critical time, tasked with implementing the White House’s national cybersecurity strategy.

By Matt Kapko • Dec. 13, 2023

The 9 best cybersecurity podcasts, according to security practitioners

A new report finds 83% of practitioners are using podcasts to stay informed on cybersecurity news and ideas. But which podcasts are they listening to?

Dec. 11, 2023

Businesses can turn to MSPs to navigate SEC cyber disclosure requirements

With a line of sight on security operations, managed service providers hold keys to materiality determinations and annual 10-K reports.

By Suman Bhattacharyya • Dec. 5, 2023

Okta again promises it is taking security seriously

CEO Todd McKinnon used the company's earnings call to once again pledge improvements and address a culture of lax security.

By Matt Kapko • Nov. 30, 2023

SEC’s cyber disclosure rules: Key considerations for the board, C-suite and risk managers

Each business stakeholder has a different cyber risk management responsibility. Given the SEC’s coming disclosure rules, it’s even more important to outline who owns what. 

By Chris Tarbell, Dave Franzel and Greg Van Houten • Nov. 27, 2023

The top cybersecurity events and conferences in 2024, according to security pros

Which security conferences are teams prioritizing in 2024? A new report reveals the 7 most popular events in the cybersecurity calendar.

Nov. 27, 2023

‘Honesty’: Estes details its playbook for responding to a cyberattack

Being open about the incident engendered goodwill from customers and colleagues, executives said.

By Colin Campbell • Nov. 20, 2023

Clorox CISO departs months after cyberattack

The C-suite change comes in the aftermath of a cyberattack that damaged IT infrastructure, led to widespread disruption and negatively impacted earnings. 

By Lindsey Wilkinson • Nov. 16, 2023

Visa launches cybersecurity training program

The card giant rolled out a cybersecurity apprenticeship program last year amid a talent deficit highlighted by the Biden administration.

By Tatiana Walk-Morris • Nov. 7, 2023

Why trust is the most critical deliverable for CISOs

Instead of a list of nebulous targets, CISOs should focus on delivering trust to three key constituencies: their leadership, their peers and their inner circle. 

By Nader Henein • Nov. 6, 2023