Strategy


  • Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, testifies on Capitol Hill, October 19, 2017 in Washington, DC.
    Image attribution tooltip
    Drew Angerer/Getty Images via Getty Images

    Don’t count on government, tech vendors to fix security woes, former CISA chief Krebs says

    The state of cybersecurity is bad and it’s going to get worse, Chris Krebs said at Black Hat. But somehow things might eventually get better.

    By Aug. 10, 2022
  • Team of data center system administrators and IT specialists use laptop and tablet computers.
    Image attribution tooltip
    gorodenkoff via Getty Images

    AWS, Splunk lead open source effort to spot and curb cyberattacks

    A broad group of 18 tech companies are collaborating to establish a less cumbersome model for cybersecurity defense coordination.

    By Aug. 10, 2022
  • Trendline

    Securing remote work

    It's not just remote work businesses have to secure. Security practitioners have to protect a hybrid environment, defending remote and in-person workers alike. 

    By Cybersecurity Dive staff
  • A sample phishing text message that targeted Cloudflare employees.
    Image attribution tooltip

    Cloudflare

    Cloudflare thwarts ‘sophisticated’ phishing attack strategy that bruised Twilio

    Dissimilar responses from Cloudflare and Twilio bear important lessons in transparency, resiliency and access.

    By Aug. 9, 2022
  • Gas pipeline with multiple valves.
    Image attribution tooltip
    insagostudio via Getty Images

    Encevo stays resilient post-attack, but it’s still assessing the data damage

    The Luxembourg energy supplier’s ability to thwart a shutdown likely empowered its refusal to pay a ransom.

    By Aug. 8, 2022
  • Image depicts the implementation of cybersecurity with a lock displayed over a screen.
    Image attribution tooltip
    anyaberkut via Getty Images

    Ransomware defense guidance risks hang-ups under many steps

    Small and mid-sized businesses don’t typically have the resources to meet every safeguard. But every action, however small, helps.

    By Aug. 4, 2022
  • Programming scripts on laptop monitor, unauthorized remote hacking of server
    Image attribution tooltip
    Motortion via Getty Images

    Threat actors shifting tactics as Microsoft blocks, unblocks and reblocks macros

    Proofpoint researchers say criminal hackers are turning to container files and Windows shortcuts to distribute malware.

    By July 29, 2022
  • close up programmer man hand typing on keyboard laptop for register data system or access password at dark operation room , cyber security concept - stock photo
    Image attribution tooltip
    Chainarong Prasertthai via Getty Images

    Mandiant red team breaches OT servers to mimic crime group techniques

    Researchers are not aware of financially motivated actors using these techniques in the wild.

    By July 27, 2022
  • AWS logo appears in the background of a busy conference.
    Image attribution tooltip
    Noah Berger/Getty Images via Getty Images

    AWS wants to be an enterprise security strategy advisor

    The cloud giant advised customers to focus on specific needs, and rely on embedded defenses running automatically behind the scenes.

    By July 27, 2022
  • Digital background with three unopened keylocks
    Image attribution tooltip
    Olemedia/E+ via Getty Images
    Sponsored by Hyperproof

    SEC's cybersecurity proposals: Why visibility into risk is at the heart of it

    The SEC is driving at a question every modern organization needs to consider: How should senior executives and boards manage cybersecurity risks?

    July 18, 2022
  • Digital technology vector background depicting a cyberattack.
    Image attribution tooltip
    WhataWin via Getty Images

    Cyber insurers split on what's most important in a security posture assessment

    To keep up with demand, cyber insurers acknowledge the need to rethink the underwriting process, research from Panaseer shows.

    By July 15, 2022
  • Secretary of State Antony Blinken speaks alongside President Joe Biden.
    Image attribution tooltip
    Mark Makela/Getty Images via Getty Images

    The US is losing the cyberspace race

    Decades-old policies have failed to stem a growing threat, the Council of Foreign Relations said. What if the U.S. embraced a more limited and realistic strategy?

    By July 15, 2022
  • Team of professionals meeting in office around computers
    Image attribution tooltip
    gorodenkoff via Getty Images

    Companies cannot see — or protect — nearly half of all device endpoints

    Managing corporate devices was hard pre-pandemic. But as digital sprawl bloomed, visibility fell further behind. 

    By July 13, 2022
  • A picture of the Microsoft campus in Redmond, Washington.
    Image attribution tooltip
    Stephen Brashear/Stringer via Getty Images

    Microsoft rollback on macro blocking in Office sows confusion

    The company said it remains "fully committed" to disabling macros by default, and the temporary measure will make the product more user friendly.

    By July 11, 2022
  • Group of young business people discussing with colleagues on video conference on meeting.
    Image attribution tooltip
    vgajic via Getty Images
    Opinion

    How CISOs can prepare for new and unpredictable cyberthreats

    CISOs often ask, “How do I avoid being hit by the next major cyberattack?” The problem is, that’s the wrong question.  

    By Jeremy D’Hoinne • July 11, 2022
  • Two people look at five computer screens showing code and digital maps in an office. A third person talks on the phone while looking at a paper.
    Image attribution tooltip
    shironosov via Getty Images

    Mid-sized companies grapple with response to cyber crises

    Limited resources, staffing and executive awareness can hamper attack response capabilities.

    By July 8, 2022
  • A person works next to a 5G logo.
    Image attribution tooltip
    David Ramos/Getty Images via Getty Images

    What to watch with 5G network security

    For wireless network carriers, 5G is a model of what’s next. But it also introduces features and services that dramatically expand the threat surface.

    By July 8, 2022
  • None
    Image attribution tooltip
    FangXiaNuo via Getty Images

    CISO priorities for the second half of 2022

    Security executives from Zoom, NS1 and Oomnitza shared their security priorities for the rest of 2022, with a special emphasis on mastering the basics. 

    By Sue Poremba • July 5, 2022
  • Money moving through cyberspace.
    Image attribution tooltip
    Viorika via Getty Images

    Pricing pressures moderate as cyber insurance market begins to level out

    A surge in new buyers has begun to offset years of rising claims and higher premiums, according to data from global insurance firm Marsh.

    By July 1, 2022
  • None
    Image attribution tooltip
    Permission granted by Google

    Google enhances password manager to boost security across platforms

    Updates will allow users to manage passwords across platforms, including Chrome, Android and iOS. 

    By June 30, 2022
  • Communication network concept. GUI (Graphical User Interface).
    Image attribution tooltip
    metamorworks via Getty Images

    Organizations lag on confidence and policies to manage open source security

    It's taking longer for companies to find open source vulnerabilities, and shaky policies mean only the most critical vulnerabilities are attended to. 

    By June 24, 2022
  • Team of professionals meeting in office around computers
    Image attribution tooltip
    gorodenkoff via Getty Images

    Analysts nudge businesses to decentralize cybersecurity leadership

    The push is to enable employees to make informed security decisions while meeting enterprise needs with spread out security leadership. 

    By Lindsey Wilkinson • June 22, 2022
  • Software building
    Image attribution tooltip
    iStock / Getty Images Plus via Getty Images
    Q&A

    What enterprise leaders can divine from software bills of materials

    Cyber defense tool: Software bills of materials (SBOMs) can expose elements of risks in applications.

    By Jen A. Miller • June 17, 2022
  • Image depicts the implementation of cybersecurity with a lock displayed over a screen.
    Image attribution tooltip
    anyaberkut via Getty Images

    Ransomware groups shift tactics and objectives

    Malware can play a major or nonexistent role in ransomware attacks. Threat actors are often only in it for the money.

    By June 15, 2022
  • A man faces multiple computer screens.
    Image attribution tooltip
    South_agency via Getty Images

    How and why ransomware responses go haywire

    A lack of fortitude and preparation on the communications front often puts enterprises at risk for greater harm.

    By June 13, 2022
  • An aerial view on a sunny morning of several of San Francisco's most well known architectural landmarks. A backdrop of the skyscrapers and Bay Bridge behind them.
    Image attribution tooltip
    DianeBentleyRaymond via Getty Images

    5 takeaways from the RSA Conference

    The event tried to pick up where it left off 28 months ago. Can defenders keep up with the accelerated pace and scale of the cyber threat?

    By June 13, 2022