Regulation

Matthew Stockman/Getty via Getty Images

Lack of visibility leaves critical infrastructure vulnerable to ransomware

Corporate executives approve massive payouts to attackers because they see few options to quickly restore business operations, according to security experts.
By David Jones • July 22, 2021
Lintao Zhang via Getty Images

White House ties cyberattacks to China, but private sector awaits stronger action

Security leaders urge more forceful action after the U.S. accused China of backing a campaign of malicious cyberattacks, including the early 2021 attacks against Microsoft Exchange server.
By David Jones • July 20, 2021
Spencer Platt via Getty Images

WFH shift tests resilience of financial services amid surge in phishing, ransomware

The Financial Stability Board warned the sector must remain vigilant amid new cyber risks and dependence on third-party technologies.
By David Jones • July 16, 2021
Stefani Reynolds / Stringer via Getty Images

Grid regulators urge 'continued vigilance,' as Congress scrutinizes ransomware

With more attacks against critical infrastructure, legislators and federal officials are urging better response and prevention to curb the rise in ransomware.
By Robert Walton • July 15, 2021
Chip Somodevilla / Staff via Getty Images

Cyber leaders officially join the ranks as White House grapples with remediation

The Senate confirmed Jen Easterly to lead CISA while the White House swore in the first national cyber director, Chris Inglis.
By Katie Malone • July 13, 2021
Stefani Reynolds / Stringer via Getty Images

House passes broad bipartisan measures to help states fund energy cybersecurity

The bills position the private sector to receive financial incentives for helping improve states' energy cybersecurity, which experts say will be a key to securing systems from hackers.
By Robert Walton • UPDATED: July 22, 2021 at 10:25 a.m.
Getty Images / Staff via Getty Images

Gaps in DOD supply chain leave Pentagon vulnerable: report

SMBs in the defense industry remain vulnerable to persistent threats, and research shows a large percentage are missing the security basics, including data storage security.
By David Jones • June 24, 2021
Sean Gallup / Staff via Getty Images

Biden confronts Putin on cyberattacks, private sector optimistic

The U.S. president drew a line with the Russian leader on critical infrastructure as the countries plan to cooperate on reducing malign activity.
By David Jones • June 17, 2021
Kevin Dietsch / Staff via Getty Images

What to expect from the national cyber director

While there are technicalities to sort out, the primary goal of the role is to fill a void in federal cybersecurity strategy across agencies and sectors.
By Samantha Schwartz • UPDATED: June 18, 2021 at 8:54 a.m.
Brian Tucker/Cybersecurity Dive

Colonial CEO defends oversight response, urges transparency on ransomware

Private industry needs more immediate and detailed threat intelligence to prevent these attacks from happening in the future, CEO Joseph Blount said.
By David Jones • June 10, 2021
Retrieved from U.S. Senate Committee on Homeland Security and Governmental Affair.

Colonial CEO says ransomware hackers exploited legacy VPN

In testimony before a Senate committee, Joseph Blount took ownership for the ransom payment but said the private sector needs help to fight adversaries.
By David Jones • June 09, 2021
Stefani Reynolds/Stringer via Getty Images

SCOTUS limits scope of computer fraud law. Here's the business impact

With the Supreme Court limiting the power of the Computer Fraud and Abuse Act, companies will need to rethink HR and cybersecurity policies dictating access privileges.
By Samantha Schwartz • June 04, 2021
Chip Somodevilla via Getty Images

Biden budget proposes $58B to take on legacy tech, cybersecurity

Legacy tech holds the federal government back, and agencies remain targets of advanced cyber crime. The budget proposal provides financial support to chip away at recovery.
By Katie Malone • June 03, 2021
Courtesy of Colonial Pipeline Company

TSA directive will add teeth to pipeline security oversight

The Transportation Security Administration will require companies to appoint a cybersecurity coordinator, and report confirmed and potential security incidents to CISA.
By Samantha Schwartz • May 27, 2021
Matthew Horwood via Getty Images

How security and privacy can cultivate a relationship

Security and privacy are interwoven and layered throughout a company, motivated toward the end goal of data protection. Successful organizations recognize the overlap — and capitalize on it.
By Samantha Schwartz • May 20, 2021
Drew Angerer via Getty Images

White House to take proactive role in ransomware fight

The administration can no longer passively wait for the next cyber crisis to take hold before it decides to engage, said Anne Neuberger, a Biden administration cybersecurity official.
By David Jones • May 19, 2021
Drew Angerer via Getty Images

Colonial Pipeline disconnects OT systems to silo ransomware IT threat

Anxiety is rising among corporate security officials concerned about the impact of ransomware among critical infrastructure providers.
By David Jones • May 12, 2021
Jack Taylor / Stringer via Getty Images

Cryptocurrency fuels ransomware payments. Without regulation, it could get worse

The rapid ascent of crypto, like other emerging technologies before it, has far outpaced the federal government's ability to regulate it.
By Samantha Schwartz • May 07, 2021
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images

100-day DOE grid security push targets ICS, OT

The Department of Energy has also issued a request for information seeking recommendations for securing U.S. energy system supply chains.
By Robert Walton • April 21, 2021
zefart/iStock/Getty via Getty Images

Payments industry faces potential 'destructive attacks,' Biden cybersecurity official warns

Ransomware and infrastructure attacks are the biggest threats to the industry, a Biden administration cybersecurity official told the American Transaction Processors Coalition.
By Lynne Marek • April 09, 2021
Flickr; Sharat Ganapati

'Advanced cyberconflict' is nearing, researchers say

Enterprises represent 35% of nation-state targets, whereas government or regulatory agencies are 12% of targets, according to the report.
By Samantha Schwartz • April 08, 2021
Orbon Alija/ E+/Getty via Getty Images

Opinion
IoT cybersecurity law does not go far enough to protect industry

As networks become more connected and reliant on third-party sources like cloud and SaaS applications, most companies continue to have massive blind spots.
By Justin Fier • April 05, 2021
zefart/iStock/Getty via Getty Images

Threat data sharing considered critical to defense amid rise in sophisticated attacks: report

A Ponemon Institute study shows the value of actionable data as lawmakers and the Biden administration work to encourage intelligence sharing.
By David Jones • March 24, 2021
Getty Images

White House looks to tighten private sector coordination, gain infrastructure insight

Following the Microsoft Exchange and SolarWinds attacks, the Biden administration is taking steps to close visibility gaps and encourage rapid intelligence sharing by private sector companies.
By David Jones • March 15, 2021
"Google Bike" by R Boed is licensed under CC BY 2.0

Google Cloud enters cyber insurance collaboration with Allianz, Munich Re

The agreement comes amid increased financial pressure on the cyber insurance industry due to a rise in ransomware and the historic nation-state attack against SolarWinds.
By David Jones • March 02, 2021