Strategy


  • A sign is posted in front of a Walmart store on November 16, 2021 in American Canyon, California.
    Image attribution tooltip
    Justin Sullivan via Getty Images

    Walmart security, operating at a vast scale, turns to automation

    Security operations centers, part of Walmart Global Tech, process 6 trillion data points each year, a feat unattainable through manual methods. 

    By Nov. 30, 2022
  • AWS CEO Adam Selipsky
    Image attribution tooltip
    Noah Berger/Getty Images via Getty Images

    AWS CEO stresses the core elements of cloud security

    Adam Selipsky described security as a prerequisite for organizations to trust cloud infrastructure. And for that, he claimed, AWS is the best in the game.

    By Nov. 30, 2022
  • Bright AWS signage hangs over a trade show floor, attendees walking by in the foreground
    Image attribution tooltip
    Noah Berger/Getty Images for Amazon Web Services via Getty Images
    Deep Dive

    Where is AWS in the cybersecurity conversation?

    The cloud leader doesn’t emphasize security and share information at the same level as its competitors. Experts say that's by design.

    By Nov. 29, 2022
  • Pedestrians walk beside a stone wall with gilded letters spelling out "14 Wall Street."
    Image attribution tooltip
    Spencer Platt via Getty Images

    As companies tighten tech spend, demand for cybersecurity services grows

    Managed service providers can help fill talent needs and tame costs, but that strategy may require additional risk mitigation.

    By Suman Bhattacharyya • Nov. 28, 2022
  • Image attribution tooltip
    Mark Wilson/Staff via Getty Images

    Defense Department launches zero trust, phasing out perimeter defense strategy

    Private sector partners say the rollout will raise the security bar to better protect the entire defense industry ecosystem.

    By Nov. 23, 2022
  • skeleton of a mastodon
    Image attribution tooltip
    Thomas Lohnes/Getty Images via Getty Images

    Growing Mastodon security community grapples with CISA impersonators

    An infosec.exchange account impersonating CISA Director Jen Easterly was suspended by the Mastodon instance administrator Monday, as the security community searches for a Twitter alternative.

    By Nov. 23, 2022
  • In-house IT training session upskills workforce
    Image attribution tooltip
    Jovanmandic via Getty Images

    Security awareness training needs a revamp

    Too often security training is seen as a negative experience and a time to reprimand those who make security gaffes. But old strategies aren’t working. It’s time for a redo. 

    By Sue Poremba • Nov. 22, 2022
  • Highway sign with the word "recession next exit" on it.
    Image attribution tooltip
    ZargonDesign via Getty Images

    Tech sector execs see potential recession as a business opportunity

    Technology company leaders are preparing for economic downturn by investing selectively in the workforce and new technologies, according to EY survey.

    By Matt Ashare • Nov. 21, 2022
  • Twitter logo depicted over photo of individual.
    Image attribution tooltip
    Leon Neal/Getty Images via Getty Images

    Where will the security community turn, if not Twitter?

    A consistent stream of credibility hits could cause lasting damage for cybersecurity and those who flock there.

    By Nov. 21, 2022
  • Financial graph, software, cash flow
    Image attribution tooltip
    Ca-ssis via Getty Images

    Palo Alto Networks reports strong fiscal Q1 as security needs outpace economic fears

    The security firm also agreed to buy Cider Security, boosting its software supply chain security business.

    By Nov. 21, 2022
  • Cash dollars lying on the ground
    Image attribution tooltip
    Rrraum via Getty Images

    SMB cyber budgets under pressure amid slowing economy

    The potential budget cuts during a period marked by market volatility could increase organizational risk.

    By Nov. 17, 2022
  • Oil Or Gas Transportation With Blue Gas Or Pipe Line Valves On Soil And Sunrise Background
    Image attribution tooltip
    onurdongel via Getty Images

    Critical infrastructure providers ask CISA to place guardrails on reporting requirements

    Top companies and industry groups fear incident reporting mandates would overwhelm CISA with noise. 

    By Nov. 16, 2022
  • Connection network in dark servers data center room storage systems.
    Image attribution tooltip
    sdecoret via Getty Images

    Confidential computing critical for cloud security, Google and Intel say

    Confidential computing aims to isolate and encrypt data in use. The technology is young, but it could deliver significant gains for cloud security.

    By Nov. 15, 2022
  • A row of blue lockers in an empty school hallway.
    Image attribution tooltip
    Stock Photo via Getty Images

    K-12 schools lack resources, funding to combat ransomware threat

    One-fifth of schools spend less than 1% of their IT budgets on security, a MS-ISAC report shows.

    By Nov. 14, 2022
  • Industrial technology concept showing a shipping industry and communication network.
    Image attribution tooltip
    metamorworks via Getty Images

    5 security musts for industrial control systems

    OT involves a collection of dedicated systems and physics, and that creates distinct security requirements, said Robert M. Lee, CEO and co-founder at Dragos.

    By Nov. 10, 2022
  • A stack of snack food packages from Mondelez International, including Wheat Thins, Oreos, Ritz and Sour Patch kids.
    Image attribution tooltip
    Courtesy of Mondelē​​z International

    Mondelē​​z settlement in NotPetya case renews concerns about cyber insurance coverage

    The legal dispute between the snack giant and insurer Zurich American, which lasted four years, raises further questions about how insurers cover acts of cyber war.

    By Nov. 8, 2022
  • cybersecurity stock photo
    Image attribution tooltip
    Yudram_TA via Getty Images

    Face it, password policies and managers are not protecting users

    Passwords haven’t worked as a solid security strategy in a long time. The policies are there, so why are passwords security’s weak spot?

    By Sue Poremba • Nov. 7, 2022
  • An illustrated computer with security symbols, including a person in a face mask holding a fishing pole with things representing PII dislpayed.
    Image attribution tooltip
    bagira22 via Getty Images
    Opinion

    How to implement an effective system to address third-party risk

    Current processes for assessing and managing third-party cybersecurity risks are cumbersome and ineffective. CISOs must adopt new principles to address business exposure.

    By Sam Olyaei • Nov. 7, 2022
  • Image depicts the implementation of cybersecurity with a lock displayed over a screen.
    Image attribution tooltip
    anyaberkut via Getty Images

    CISA demystifies phishing-resistant MFA

    The “gold standard” safeguard isn’t a one-size-fits-all or all-or-nothing endeavor. For most organizations, a phased approach works best.

    By Nov. 4, 2022
  • View from above of vast vats of brown liquid.
    Image attribution tooltip
    Courtesy of Brown and Caldwell

    NIST seeks water industry feedback on boosting cyber resilience

    The Biden administration is turning its security attention to the water and wastewater treatment industry, which has become vulnerable to cyberattacks as facilities grow more digital.

    By Nov. 4, 2022
  • A depiction of computer hardware.
    Image attribution tooltip
    solarseven via Getty Images

    Industrial providers ramp up cyber risk posture as OT threats evolve

    The majority of industrial organizations have increased OT security budgets and conducted security audits but aging technology and staffing woes persist, a new report found. 

    By Oct. 31, 2022
  • Engineer's toolbox
    Image attribution tooltip
    Matt Cardy/Getty Images via Getty Images

    ‘Point solutions just need to die’: The end of the one-trick security tool

    The deconstruction of security products has foisted many avoidable challenges upon organizations and the industry at large.

    By Oct. 31, 2022
  • A Microsoft logo is seen during the 2015 Microsoft Build Conference on April 29, 2015 at Moscone Center in San Francisco, California.
    Image attribution tooltip
    Stephen Lam via Getty Images

    Microsoft security business surges as cloud segment hit by slumping economy

    Higher energy costs and the macro economic slowdown is impacting the company’s cloud segment, while it continues to grow its enterprise security business.

    By Oct. 26, 2022
  • Training and upskilling in data science and analytics
    Image attribution tooltip
    shironosov via Getty Images

    Help wanted for 3.4M jobs: Cyber workforce shortage is an acute, worldwide problem

    Research from (ICS)2 shows an ongoing skills gap in the information security space is under greater pressure than before.

    By Oct. 24, 2022
  • Google logo displayed outside the company's New York City office.
    Image attribution tooltip
    Drew Angerer via Getty Images

    4 security predictions from Google’s cyber leaders

    The hopeful forecasts aren’t exclusive to Google’s cybersecurity experts. Many believe the industry is poised to deliver on its mission with greater efficiency and effect.

    By Oct. 21, 2022