Strategy


  • Image of SEC seal on the side of a building.
    Image attribution tooltip
    Chip Somodevilla via Getty Images
    Opinion

    The proposed SEC cyber incident disclosure rule is a positive change. But it won’t make organizations safer.

    If organizations want to actually get serious about protecting themselves, they need to have a robust system for handling incidents when they happen.

    By Frank Shultz • March 27, 2023
  • Man using facial recognition technology on city street
    Image attribution tooltip
    LeoPatrizi via Getty Images

    5 steps organizations can take to counter IAM threats

    Many organizations lean on identity and access management tools to perform credential management and authentication. But these systems aren’t foolproof.

    By March 24, 2023
  • Field with hashed passwords and a lock. Explore the Trendline
    Image attribution tooltip
    Yaroslav Myronov via Getty Images
    Trendline

    Passwords and authentication

    [TK]

    By Cybersecurity Dive staff
  • The Google logo adorns the outside of their NYC office Google Building 8510 at 85 10th Ave on June 3, 2019
    Image attribution tooltip
    Drew Angerer via Getty Images

    Threat intelligence isn’t for everyone, Google says

    Most security professionals don’t have the time to read a 10-page threat intelligence report, let alone put those insights into action.

    By March 23, 2023
  • A series of hexagonal blocks with locks on them, one of which is broken, with a red background.
    Image attribution tooltip
    Andrii Yalanskyi via Getty Images

    Ill-prepared against cyberattacks? You’re not alone, Cisco says

    The cybersecurity readiness gap looms large, and smaller organizations were ranked the least prepared.

    By March 22, 2023
  • exclamation point depicted hovering above network infrastructure
    Image attribution tooltip
    Just_Super/Getty Images via Getty Images

    Ransomware gangs incite fear in victims to fuel attacks

    Attacks involving data theft nearly doubled and harassment spiked 20 times by late 2022, Palo Alto Networks Unit 42 said.

    By March 21, 2023
  • Group of Professionals Meeting in Modern Office
    Image attribution tooltip
    gorodenkoff via Getty Images

    Security drives software purchases for half of US companies

    The study from Capterra comes weeks after the U.S. rolled out plans to shift liability for weak product security onto the tech industry.

    By March 20, 2023
  • 100 dollar bills with green streaks spiraling around them and 0s and 1s in the background
    Image attribution tooltip
    Viorika via Getty Images

    Global cybersecurity spending to top $219B this year: IDC

    Persistent cyberattack threats, increased regulations and the demands of hybrid work are driving sustained growth.

    By March 17, 2023
  • Silhouette of teams playing tug of war
    Image attribution tooltip
    Chris Gorgio via Getty Images

    Cybersecurity market confronts potential consequences of banking crisis

    Bank seizures impose new challenges on vendors in every segment and may spur consolidation.

    By March 16, 2023
  • Employees stand outside of the shuttered Silicon Valley Bank (SVB) headquarters on March 10, 2023 in Santa Clara, California.
    Image attribution tooltip
    Justin Sullivan via Getty Images

    SVB turmoil could mean long-term uncertainty for enterprise IT

    The demise of Silicon Valley Bank created a void in tech startup funding and raises questions about the health of the vendor ecosystem.

    By Matt Ashare • March 14, 2023
  • CISA Director Jen Easterly speaks at Carnegie Mellon University urging the tech industry to embrace secure-by-design product development.
    Image attribution tooltip
    Permission granted by Carnegie Mellon University

    Shift to secure-by-design must start at university level, CISA director says

    Jen Easterly says secure coding and memory safety should be incorporated into computer science curriculum. 

    By March 13, 2023
  • Close-up Focus on Person's Hands Typing on the Desktop Computer Keyboard
    Image attribution tooltip
    gorodenkoff via Getty Images

    GitHub to begin rollout of 2FA security upgrade for developers

    The enhancement is part of a wider series of security measures following a series of malicious cyberattacks.

    By March 9, 2023
  • An illustration of a stock market graph and bar chart price display.
    Image attribution tooltip
    maciek905 via Getty Images

    CrowdStrike grows subscriber base as customers consolidate security services

    CEO George Kurtz took more shots at Microsoft as CrowdStrike draws customers looking to eliminate multiple vendors.

    By March 9, 2023
  • Person pushing large stone uphill
    Image attribution tooltip
    Nastco via Getty Images

    How will the government enforce the national cyber strategy?

    Efforts to enact laws and regulations that impose greater responsibility on the technology sector aren’t likely to come quick or easy.

    By March 8, 2023
  • Close-up Focus on Person's Hands Typing on the Desktop Computer Keyboard. Screens Show Coding Language User Interface.
    Image attribution tooltip
    gorodenkoff via Getty Images

    Organizations tempt risk as they deploy code more frequently

    An imbalance between developers and security professionals on staff spotlights a disconnect between these business functions and objectives.

    By March 7, 2023
  • Post-its on a glass wall
    Image attribution tooltip
    Hispanolistic via Getty Images

    LastPass aftermath leaves long to-do list for business customers

    Organizations using the password manager are exposed after a major breach compromised credentials and, potentially, business secrets.

    By March 6, 2023
  • The sun rises near the White House in Washington, DC.
    Image attribution tooltip
    Zach Gibson via Getty Images

    White House releases national cyber strategy, shifting security burden

    The long-anticipated policy will push the technology industry to shoulder more of the load for cyber risk, while promoting long-term investments and global cooperation against common threats. 

    By March 2, 2023
  • A long curved desk with banks of computer monitors mounted on the wall.
    Image attribution tooltip
    tonymelony via Getty Images

    An ongoing SOC skills shortage could spell trouble for compliance

    Without skilled analysts to monitor the SOC, the risk of a successful cyberattack breaking through a company’s defenses grows. 

    By Sue Poremba • March 1, 2023
  • Jen Easterly, CISA director, Black Hat keynote
    Image attribution tooltip
    Samantha Schwartz/Cybersecurity Dive

    3 CISA principles for secure by design

    The Biden administration is expected to emphasize safer development practices when it rolls out the national security strategy for cyber. 

    By Feb. 28, 2023
  • Gulls swarm to eat fishing waste from vessel.
    Image attribution tooltip
    Matt Cardy / Stringer via Getty Images

    Attackers reduce complexity to catch more potential victims

    Palo Alto Networks warns attackers are building economies of scale by conducting more efficient operations and complementing their skills with commercially available tools.

    By Feb. 23, 2023
  • Save money concept.Cutting costs. Financial themes.US$100 US Dollars. Economic crisis, deflation.Financial constraints.Cut budget inputs.Discounted products
    Image attribution tooltip
    Huang Evan via Getty Images

    6 stories that show the state of security spending and risk

    In an effort to shore up business technology, organizations are investing more in security, but there is a limit to how much those budgets can grow.

    By Feb. 21, 2023
  • A worker types lines of code in a laptop with a dark screen.
    Image attribution tooltip
    gorodenkoff via Getty Images

    GitHub Copilot for Business, now in public release, weaves in security

    The coding tool includes AI-based security capabilities, automatically blocking common insecure code suggestions.

    By Lindsey Wilkinson • Feb. 17, 2023
  • A man looks at lines of code depicted on a computer screen
    Image attribution tooltip
    sestovic via Getty Images

    Companies grapple with post-breach disclosure risks

    The concerns leading organizations to withhold information are aplenty, including reputational damage and financial impacts.

    By Feb. 16, 2023
  • A digital padlock icon on a virtual interface screen
    Image attribution tooltip
    KanawatTH via Getty Images

    IT security budgets triple as businesses confront more cyberattacks across Europe, US

    Five-year data from Hiscox shows businesses are facing more frequent and more costly attacks.

    By Feb. 16, 2023
  • A group of employees work together seriously in an office
    Image attribution tooltip
    NoSystem Images via Getty Images

    Cybersecurity jobs least likely to be impacted by economic uncertainty, (ISC)2 says

    A series of high-profile and damaging cyberattacks has underscored the critical role cybersecurity teams play, and top brass are taking notice.

    By Feb. 16, 2023
  • Abstract planet made up of squares.
    Image attribution tooltip
    Gegham Qalajyan via Getty Images

    Liberty Mutual launches global cyber office

    The office will bring a multidisciplinary approach to cyber risk just as the global insurance industry sees signs of clarity amid a turbulent market for cyber.

    By Feb. 14, 2023