How tools impact cyber insurance premiums

From the day insurers write a policy through its term expiration, there is too much volatility for insurance providers to adequately capture risk.

By Samantha Schwartz • March 31, 2021

Companies use cloud to make network security easier

With the cloud taking over hardware and infrastructure security responsibilities, customers are free to handle application and software security.

By Samantha Schwartz • March 29, 2021

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Operational threat intelligence leans on facts, less anecdotal evidence

Digesting threat intelligence looks different in IT environments than OT.

By Samantha Schwartz • March 25, 2021

As cyber insurers quantify risk, security spending provides little info

Quantifying risk appetite, an assessment insurance premiums are based on, is an imperfect science for providers and customers.

By Samantha Schwartz • March 24, 2021

Spending on IAM, zero trust to rise as companies extend remote work

The shift to remote work placed more pressure on IT and security departments to secure corporate data without interrupting productivity.

By David Jones • March 23, 2021

Prioritizing risk in M&A due diligence in the COVID-19 era, and beyond

Imagine acquiring a company with an infected network, and then connecting your company to that flawed network. That can introduce serious issues into a previously protected company. 

By Ray Rothrock • March 22, 2021

Information sharing works, but a key obstacle awaits: reluctance

The private sector owns the majority of the attack surface. Brand-name IT and security companies have the ability, and a degree of responsibility, to contribute their expertise to national defense.

By Samantha Schwartz • March 18, 2021

SolarWinds rethinks software builds, weeds out code disparities

An attacker would have to compromise two different environments to achieve the same attack on the same code if a company has reproducibility.

By Samantha Schwartz • March 17, 2021

Cloud security a shared responsibility. Where's the confusion?

The cloud meant replacing on-premise risks with a new kind risk. Some companies are unsure how to translate those responsibilities into actions.

By Samantha Schwartz • March 15, 2021

Federal $1.9 trillion relief bill clears path for more security, modernization funds

The appropriations in the law come as the federal government and private industry respond to two major hacks: SolarWinds and Microsoft Exchange.

By Samantha Schwartz • Updated March 11, 2021

White House prioritizes software security, assesses OT

"If you can't see a network quickly, you certainly don't have a prayer defending a network," said Deputy National Security Advisor Anne Neuberger.

By Samantha Schwartz • March 8, 2021

What OT security experts want from their IT counterparts

While IT and OT have been converging for more than a decade, the culture of cybersecurity is stuck in a silo, limiting the abilities of OT security practitioners.

By Samantha Schwartz • March 5, 2021

4 questions to ask after discovering a cyberattack

Identifying signs of an ongoing attack or backdoor deployment is nearly impossible for digital laggards.

By Samantha Schwartz • March 4, 2021

What makes ransomware a constant enterprise pain point

Threat groups mimic and manipulate the tactics, techniques and procedures of other groups, making ransomware attacks more difficult to prevent. 

By Samantha Schwartz • March 3, 2021

Legacy tech, privacy and security issues bog down healthcare innovation

The pandemic drove hospitals and healthcare facilities to further rely on connected devices, increasing the potential for vulnerabilities in the process.

By Roberto Torres • Feb. 26, 2021

Businesses boost cyber budgets to improve confidence in security solutions: report

Security leaders had the least confidence in security roadmaps, security-related technology, and internal teams and skill sets, according to an Insight survey.

By Katie Malone • Feb. 25, 2021

How Target bridges communication gaps between threat intel analysis, detection teams

The WAVE matrix, a tool the retailer built in-house, is transferable to smaller teams with employees covering multiple security domains.

By Samantha Schwartz • Feb. 25, 2021

Apple faces malware threats as it makes an enterprise push

Apple made recent inroads with corporate customers and is detailing extensive security upgrades as a way of attracting the enterprise. Through it all, new techniques test the company's defenses.

By David Jones • Feb. 23, 2021

SolarWinds attack poses long-term threat of disruption, White House says

The SolarWinds hack compromised at least nine federal agencies and 100 private sector companies, said Deputy National Security Advisor Anne Neuberger in a briefing Wednesday. 

By Samantha Schwartz • Feb. 18, 2021

Are businesses underinvesting in cybersecurity?

The issue isn't how large of a cybersecurity investment an organization makes, but rather, if it is spending funds properly.

By Sue Poremba • Feb. 16, 2021

The next generation of email security

Now, with a single approval of an API, every line of cloud business communication can be secured.

Feb. 16, 2021

The downside of the remote work shift: 85% increase in Insider Risk

The Code42 2021 Data Exposure Report reveals a perfect storm for Insider Risk.

Feb. 16, 2021

Software supply chain hacks highlight an ugly truth: The build process is broken

Software makers are coming to terms with security gaps they knew existed as the fallout from the SolarWinds hack continues.

By Samantha Schwartz • Feb. 11, 2021

FireEye reports record revenue in first report since Red Team hack

The company's discovery of the SolarWinds attack has fueled additional customer demand, which should be reflected in deferred revenue during 2021.

By David Jones • Feb. 3, 2021

Gartner: Steps to respond to a supply chain attack

Businesses require tools to detect the lateral movement from an initial compromise and an incident response plan.

By Peter Firstbrook • Feb. 1, 2021