Strategy
-
Decrease in deals and large rounds cut cyber funding to $2.1B in Q3
The decline in funding accentuates the inconsistent pace of venture capital investments in cyber startups.
By Matt Kapko • Oct. 10, 2024 -
Cyber risk tops C-suite concerns heading into US election
A report by PwC shows American business leaders will continue to focus on data regulation, AI and technology investments regardless of which party prevails in November.
By David Jones • Oct. 10, 2024 -
Trendline
Risk Management
Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues.
By Cybersecurity Dive staff -
Deep Dive
CIOs turn to NIST to tackle generative AI’s many risks
Discover's CIO is one of many tech leaders working to limit generative AI missteps by turning to risk management frameworks to get deployment right from the outset.
By Lindsey Wilkinson • Oct. 9, 2024 -
CISOs, C-suite remain at odds over corporate cyber resilience
Security and IT executives, more than a year after a SEC vote on incident disclosure, still face an uphill battle to articulate risk strategy.
By David Jones • Oct. 7, 2024 -
Counter Ransomware Initiative summit emphasizes arduous effort
An international collective of cyber officials continued discussions with the White House on how to counter ransomware attacks, reduce payments and increase response capabilities.
By Matt Kapko • Oct. 7, 2024 -
United Airlines leaned on real-time data to recover from the CrowdStrike outage
The airline modernized its technology foundations with better customer experiences in mind. Then, a major software outage underscored the importance of live data.
By Matt Ashare • Oct. 4, 2024 -
What’s next for CrowdStrike on the road to repair its reputation?
The cybersecurity vendor finds itself operating from a vulnerable position. Efforts to earn back trust are complex and some require industrywide support.
By Matt Kapko • Oct. 3, 2024 -
Two-thirds of healthcare organizations hit by ransomware in past year: survey
Nearly 40% of healthcare organizations reported it took more than a month to recover after an attack, according to the survey by cybersecurity firm Sophos.
By Emily Olsen • Oct. 2, 2024 -
State CISOs up against a growing threat environment with minimal funding, report finds
A report by Deloitte and NASCIO warns that states do not have the resources necessary to fight state-backed and criminal threat groups.
By David Jones • Oct. 2, 2024 -
Customers are done with passwords. Do businesses have a solution?
Research shows customers are frustrated with the login experience, and the friction can cost businesses customers.
By Kristen Doerer • Sept. 30, 2024 -
For Google to reduce memory-safety defects, it focused on new code
Google’s experience provides software developers a roadmap to address one of the most persistent security problems: memory-safety CVEs.
By Matt Kapko • Sept. 26, 2024 -
CrowdStrike CEO pushes ‘resilient by design’ framework, promising changes
The cybersecurity vendor is embracing a new business framework to address security deployment lapses and the fragility of interconnected systems.
By Matt Kapko • Sept. 26, 2024 -
CISA again raises alarm on hacktivist threat to water utilities
The alert comes just days after an attack against a water treatment facility in Kansas.
By David Jones • Sept. 26, 2024 -
Cyber commission seeks detailed plan to secure high-risk infrastructure
A report said most recommendations from the Cyberspace Solarium Commission are near completion, but also called for greater private-sector collaboration and insurance reforms.
By David Jones • Sept. 25, 2024 -
CrowdStrike’s mea culpa: 5 takeaways from the Capitol Hill testimony
CrowdStrike was quick to apologize after a faulty content update triggered a global IT network outage. An executive detailed internal changes designed to prevent it from happening again.
By Matt Kapko • Sept. 25, 2024 -
Data privacy concerns swirl around generative AI adoption
IT and business professionals fear the technology's adoption can lead to data leakage, according to a Deloitte report.
By Roberto Torres • Sept. 25, 2024 -
Microsoft names deputy CISOs, flushes dead accounts as part of internal security overhaul
The company released a progress report on efforts to revamp its internal security culture and governance.
By David Jones • Sept. 23, 2024 -
Sponsored by University of New Hampshire
Leadership in learning: Cultivating resilient cyber teams through education
Promoting cybersecurity in the workplace is essential. Empowering staff begins with high-quality online programs.
Sept. 23, 2024 -
Kevin Mandia’s 5 question confidence test for CISOs
For most organizations, cyberthreats are too imposing to get bogged down in low-impact exercises. Mandiant’s founder advises executives to look for a security mindset above all else.
By Matt Kapko • Sept. 20, 2024 -
Generative AI raises security concerns among IT leaders
Executives worry their organization lacks the ability to protect applications and workloads, according to a Flexential survey.
By Lindsey Wilkinson • Sept. 19, 2024 -
Port of Seattle official flags a cyber dilemma, ‘one-way street’ with federal agencies
A ransomware atttack disrupted the Seattle-Tacoma International Airport for weeks. Part of the problem, one official said, is that federal cyber recommendations are not timely.
By Matt Kapko • Sept. 19, 2024 -
Open source maintainers, under security pressure, remain largely unpaid after XZ Utils
A report by Tidelift shows an equity gap remains between open source developers and well-resourced software users who are pushing for higher security standards.
By David Jones • Sept. 17, 2024 -
Sponsored by Tines
Enterprises are investing in AI copilots. But do they go far enough?
Enterprises are embracing AI copilots. But can they realize their impact?
By Eoin Hinchy, CEO and co-founder, Tines • Sept. 16, 2024 -
Microsoft, working with security partners, pledges better deployment, testing collaboration
Following a summit with U.S. and European partners, the company is working to build additional resiliency features to prevent a repeat of the historic global IT outage linked to CrowdStrike.
By David Jones • Updated Sept. 13, 2024 -
Mastercard’s $2.65B Recorded Future acquisition to buttress its security business
While Mastercard has cybersecurity oversight needs for its cards and payments businesses, it also sells security services to other companies, including banks and fintechs.
By Lynne Marek • Sept. 13, 2024