Strategy
-
How to manage the rising tide of CVEs
As the volume and complexity of vulnerabilities grows, organizations are struggling to manage and mitigate the security defects.
By Rosalyn Page • Sept. 11, 2024 -
Global cybersecurity workforce growth flatlines, stalling at 5.5M pros
ISC2’s annual report draws some troubling conclusions for the state of cyber defense. Budget cuts, layoffs and hiring freezes are exacerbating a global staffing shortage.
By Matt Kapko • Sept. 11, 2024 -
Trendline
Top 5 stories from Cybersecurity Dive
A wave of rules, regulations and federal action is putting pressure on businesses to shore up security amid a backdrop of emboldened threat actors has a nice ring to it.
By Cybersecurity Dive staff -
Security budgets continue modest growth, but staff hiring slows considerably, research finds
The report by IANS Research and Artico Search shows security priorities are clashing with economic realities.
By David Jones • Sept. 10, 2024 -
Cyber insurance keeps growing, as threats spur competition
Concerns remain about aggregation risk as highlighted by the July outage of Microsoft Windows devices, according to a report from Moody’s Ratings.
By David Jones • Sept. 9, 2024 -
Key cyber insurance stakeholders urge government to help close $900B in uncovered risk
Marsh McLennan and Zurich Insurance Group issued a white paper urging a public-private partnership to help tackle a growing coverage gap. The White House is working on a plan.
By David Jones • Sept. 6, 2024 -
White House launches cybersecurity hiring sprint to help fill 500,000 job openings
National Cyber Director Harry Coker Jr. unveiled the program as part of an effort to fill a continued gap in cyber, technology and AI positions.
By David Jones • Sept. 5, 2024 -
Infosec spending to hit 3-year growth peak, reach $212B next year: Gartner
The continuation of annual double-digit growth rates, 15% next year, comes as organizations consolidate spending and reassess EPP and EDR needs.
By Matt Kapko • Sept. 5, 2024 -
Microsoft is training developers on the intricacies of threat intelligence
Cybercrime wonk Sherrod DeGrippo is taking Microsoft’s software developers and engineers on a journey into her world, the depths of threat intelligence.
By Matt Kapko • Sept. 4, 2024 -
CISA launches cyber incident reporting portal to streamline breach disclosure
The secure portal is designed to encourage faster and more robust information sharing about malicious attacks and critical vulnerabilities.
By David Jones • Aug. 30, 2024 -
CrowdStrike takes a revenue hit as global IT outage reckoning lingers
Sales are taking longer to close and the cybersecurity vendor is offering discounts to stem potential customer losses.
By Matt Kapko • Aug. 29, 2024 -
SentinelOne fields inquiries from new customers following global IT outage linked to CrowdStrike
Companies looking to diversify their risk from disruption are approaching SentinelOne, a week after similar customer movement was reported by Palo Alto Networks.
By David Jones • Aug. 28, 2024 -
CISA officials credit Microsoft security log expansion for improved threat visibility
CISA officials say they plan to hold Microsoft accountable to ensure the company lives up to its commitments.
By David Jones • Aug. 27, 2024 -
Marketing data security threats are rising: Where CMOs see gaps
While marketers prioritize working with data security teams, effective communication remains a struggle, according to research from the CMO Council and KPMG.
By Peter Adams • Aug. 23, 2024 -
US, Australian authorities lead international push to adopt event logging
State-linked and criminal threat groups are using living-off-the-land techniques to hide their hacking activities behind regular security tools.
By David Jones • Aug. 22, 2024 -
After a wave of attacks, Snowflake insists security burden rests with customers
The cloud-based data warehouse vendor remains “slightly muted” about the attacks on its customers because it wasn’t breached, CEO Sridhar Ramaswamy said.
By Matt Kapko • Aug. 22, 2024 -
Insurance coverage drives cyber risk reduction for companies, researchers say
Companies with cyber coverage are better able to detect and respond to attacks, according to a Forrester report.
By David Jones • Aug. 21, 2024 -
Opinion
3 tips to building a robust AI security strategy
Organizations can reap bigger benefits from AI with guardrails that combine human oversight, strong underlying security architecture and technical controls.
By Anton Chuvakin • Aug. 21, 2024 -
Palo Alto Networks CEO touts leads from CrowdStrike fallout
In the wake of the massive IT outage, some CrowdStrike customers have entered talks with Palo Alto Networks in search of a new provider.
By David Jones • Aug. 20, 2024 -
3 CIO lessons for maximizing cybersecurity investments
Securing resources has gotten easier, said Feroz Merchhiya, City of Santa Monica CIO. But that hasn't diminished tech leaders' role in showing the value.
By Lindsey Wilkinson • Aug. 19, 2024 -
Companies aren’t as resilient against cyber risks as they think
Most companies fall short on business continuity as malicious threat activity continues to rise, a Cohesity study found.
By David Jones • Aug. 19, 2024 -
Microsoft mandates MFA for all Azure users
The company said it will require the identity and access control for all Azure sign-ins starting in October.
By Matt Kapko • Aug. 19, 2024 -
Sponsored by Tines
The biggest blockers to AI adoption, according to CISOs (and how to remove them)
74% of CISOs agree that the benefits of AI outweigh the risks. So what’s holding them back? Discover how to remove the biggest blockers to AI innovation.
By Eoin Hinchy, CEO and co-founder, Tines • Aug. 19, 2024 -
It’s time to stop thinking of threat groups as supervillains, experts say
“These villains do not have superpowers. We should not treat them like they do,” CISA Director Jen Easterly said in a keynote at Black Hat.
By Matt Kapko • Aug. 15, 2024 -
White House details $11M plan to help secure open source
National Cyber Director Harry Coker Jr., speaking at Def Con in Las Vegas, says federal assistance must be bolstered by more ownership among the community.
By David Jones • Aug. 14, 2024 -
M&A activity can amplify ransomware insurance losses, research finds
The financial severity of claims related to ransomware attacks increased more than 400% from 2022 to 2023, the study found.
By Alexei Alexis • Aug. 14, 2024