Strategy
-
Why cyber is also a CIO problem
When an incursion occurs, IT teams need to have a recovery plan and backup systems ready for deployment.
By Matt Ashare • May 25, 2023 -
CISA updates ransomware guide 3 years after its debut
The #StopRansomware guide, updated in partnership with the FBI, NSA and MS-ISAC, reflects aggressive new techniques used by threat actors, including double extortion.
By David Jones • May 24, 2023 -
Explore the Trendlineâž”
Yaroslav Myronov via Getty Images -
BEC attacks rise as criminal hackers employ new tactics to evade detection
Threat actors are using cybercrime as a service to grow industrial strength campaigns and leveraging residential IP addresses.
By David Jones • May 23, 2023 -
IT security budgets are shifting as companies target risk reduction
Organizations are designing their security spending around keeping the business secure and operations running smoothly.
By Sue Poremba • May 22, 2023 -
Critical infrastructure security spending to grow 83% by 2027: ABI Research
Analysts forecast cybersecurity spending among critical infrastructure organizations to grow from an estimated $129 billion in 2022 to almost $236 billion by 2027.
By Matt Kapko • May 19, 2023 -
Cyber resilience programs falling short on preparing workers for a crisis
The report from Immersive Labs raises questions about whether corporate employees would know how to respond after a major cyberattack.
By David Jones • May 18, 2023 -
Why and how to report a ransomware attack
The majority of ransomware attacks go unreported, creating a blind spot that hampers response, recovery efforts and the prevention of future attacks.
By Matt Kapko • May 18, 2023 -
Flood of ransom payments continues as officials mull ban
The revived debate over the viability of a ransom payment ban comes down to the cost ransomware is causing organizations globally.
By Matt Kapko • May 11, 2023 -
CISA director wary of technology industry repeating its mistakes with AI
The multibillion-dollar cybersecurity industry is the result of misaligned incentives, where speed-to-market outranked security, Jen Easterly said.
By Naomi Eide • May 11, 2023 -
Ransomware insurance claims jump back up
Ransomware claims filed by U.S. clients of insurance broker Marsh spiked 77% in the first quarter, following a downward trend in 2022.
By Alexei Alexis • May 10, 2023 -
Google, Dashlane separately move to eliminate passwords
In unrelated moves, the companies highlighted a growing effort to phase out dependence on passwords amid a rise in phishing attacks.
By David Jones • May 4, 2023 -
How 7 cybersecurity experts manage their passwords
Cybersecurity Dive asked CISOs and other cyber experts what they do with their passwords. Here’s how they manage the mess that awaits us all.
By Matt Kapko • May 4, 2023 -
Companies need a wakeup call to fix chronic security shortcomings, cyber experts say
One researcher wonders if the industry needs another Snowden-like moment to spring organizations into action.
By Matt Kapko • May 3, 2023 -
Merck cyber coverage upheld in NotPetya decision, seen as victory for policyholders
A court victory in the closely watched insurance case is expected to stabilize a turbulent market and provide some assurance for organizations amid a rise in nation-state activity.
By David Jones • May 3, 2023 -
Most open source maintainers still consider themselves hobbyists, despite compensation pledges
A study by Tidelift shows a compensation gap for the key producers of open source applications, raising questions about how to properly secure software supply chains.
By David Jones • May 2, 2023 -
Cybersecurity pros plant seeds of hope at RSA Conference
Optimism floated on the surface during the annual industry gathering. For one keynote on stage, it was the central theme.
By Matt Kapko • May 2, 2023 -
Organizations are boosting resilience, getting faster at incident response
While the number of data security incidents remained level between 2021 and 2022, companies improved recovery thanks to stronger security measures, BakerHostetler found.
By David Jones • May 1, 2023 -
Mandiant CEO’s 7 tips for cyber defense
Organizations’ institutional knowledge is an advantage that no adversary can match, Kevin Mandia told RSA Conference attendees.
By Matt Kapko • April 28, 2023 -
Global cyber insurance prices continue to moderate in Q1
Marsh data shows rate increases slowing, stemming in part from new entrants into the cyber insurance market and fewer ransomware attacks in 2022.
By David Jones • April 27, 2023 -
IT managers uneasy with snooping software: report
Surveillance tools may cause an uptick in staff attrition and make hiring more difficult, a 1E survey found.
By Roberto Torres • April 25, 2023 -
Threat actors can use ChatGPT to sharpen cyberthreats, but no need to panic yet
Startling dangers, such as autonomous attack mechanisms and sophisticated malware coding, have yet to materialize. For now, the threat is more specific.
By Matt Kapko • April 21, 2023 -
3CX has a 7-part plan to shore up its security
The company is planning significant security upgrades and changes to network operations after a historic attack from a state-linked actor.
By David Jones • April 20, 2023 -
Cyber insurance premium hikes slowed in 2022, Fitch says
The deceleration was driven by a moderation of ransomware incidents and heightened levels of cyber risk awareness among corporate executives, the credit rating agency said.
By Alexei Alexis • April 18, 2023 -
ChatGPT prompts experts to consider AI’s mark on cybersecurity
Previous AI advancements in cybersecurity tools and practices could be a precursor of what’s to come.
By Matt Kapko • April 18, 2023 -
Cyber venture capital funding slows to a trickle, a sharp decline from 2022 investment
Funding declined 58% year-over-year in Q1, though this quarter marked a slight increase from Q4 2022.
By Matt Kapko • April 14, 2023