Snowflake-linked attacks are testing the cloud’s shared responsibility status quo

Assigning responsibility for missing security controls is tricky. The burden is collective but cloud providers need to raise minimum standards, experts say.

By Matt Kapko • June 13, 2024

Rust Foundation leads the charge to improve critical systems security

The foundation is standing up a consortium to boost the responsible use of the programming language at a time of heightened security risks.

By David Jones • June 12, 2024

Explore the Trendline➔

Passwords and authentication

Access controls — passwords, credentials and multifactor authentication, or the lack thereof — are the most common weak points across enterprise defense.

By Cybersecurity Dive staff

Apple makes a password manager play in a heavily targeted market

The new, standalone app Passwords places credential management front and center for Apple’s massive user base.

By Matt Kapko • June 11, 2024

Telecom, media and tech companies are cyber defense standouts: Moody’s

Cybersecurity spending in the sector doubled during the past five years, accounting for 10% of companies’ technology budgets in 2023, the credit ratings and research firm said.

By Matt Kapko • June 7, 2024

Tenable to acquire Eureka Security for greater visibility into cloud data environment

The deal marks the latest acquisition in a market undergoing pricing adjustments and increased pressure to offer unified platforms.

By David Jones • June 6, 2024

CrowdStrike soars above industry spending concerns, digs at rivals

The cybersecurity firm defied growing industry pressures on cybersecurity revenue while continuing to jab rivals Microsoft and Palo Alto Networks. 

By David Jones • June 5, 2024

Security concerns mount as businesses deploy AI coding tools

Organizations are deploying the technology without enough protocols to ensure safe, secure use.

By Lindsey Wilkinson • June 5, 2024

How to identify and implement security automation use cases

It might be a “fun” engineering challenge to see what is possible to automate, but often the results will not justify the expense and effort, Gartner’s Kevin Schmidt writes.

By Kevin Schmidt • June 4, 2024

Securing your call centers: Best practices for cybersecurity protection

All call centers face cybersecurity threats because they handle information like credit card numbers, health records, and personal purchase history. However, call centers that support federal agencies have the added risk of handling highly sensitive information, making them prime targets for cybercriminals.

By Jerry Dotson, Vice President of Public Sector, Avaya • June 3, 2024

NIST has a plan to clear the vulnerability analysis backlog

The Cybersecurity and Infrastructure Security Agency and government contractor Analygence will help clear the National Vulnerability Database backlog.

By Matt Kapko • May 31, 2024

CISOs under pressure from boards to downplay cyber risk: study

Research from Trend Micro shows tension between CISOs and senior enterprise leadership. Many security leaders say they're perceived as nags.

By David Jones • May 30, 2024

Okta rides out cyberattack fallout with ‘minimal impact’

CEO and Co-Founder Todd McKinnon said it’s going to take some time before Okta can put the cyberattack behind it.

By Matt Kapko • May 30, 2024

White House seeks critical cyber assistance for water utilities, healthcare

The DOJ will also work to deter teens from joining criminal hackers like Lapsus$.

By David Jones • May 23, 2024

Cyberattacks are good for security vendors, and business is booming

More secure technology could stem the tide of cyberattacks, but digital threats are ever present.

By Matt Kapko • May 23, 2024

Microsoft president set to testify before Congress on ‘security shortcomings’

After the tech giant asked for more time, Brad Smith will now testify before the House Committee on Homeland Security on June 13.

By Matt Kapko • May 22, 2024

Palo Alto Networks sees strong customer response to platform consolidation strategy

Concerns remain from investors about the long-term impact on pricing, revenue.

By David Jones • May 21, 2024

Google leverages Microsoft’s cyber gaps to woo Workspace customers

“The repeated security challenges with Microsoft call for a better alternative for enterprises and public-sector organizations alike,” Google said Monday.

By Matt Ashare • May 21, 2024

EPA to ramp up enforcement as most water utilities lack cyber safeguards

The agency may consider taking civil and criminal penalties against utilities following months of attacks against drinking and wastewater treatment facilities.

By David Jones • May 21, 2024

Open source threat intel platform launched weeks after malicious backdoor targeted XZ Utils

OSSF developed warning system to protect open source maintainers, developers from social engineering, active exploits.

By David Jones • May 20, 2024

Enterprises are embracing AI. But can they secure it?

Taking a confident approach to AI security and navigating the path to adoption.

By Anand Oswal, Senior Vice President and General Manager of Network Security, Palo Alto Networks • May 20, 2024

AI raises CIO cyber anxieties

Using third-party generative AI products without the proper controls exposes existing security gaps, McKinsey and Co. Partner Jan Shelly Brown said Tuesday at the MIT Sloan CIO Symposium.

By Matt Ashare • May 17, 2024

Palo Alto Networks signs broad enterprise cybersecurity partnership with IBM

The enterprise security giant will capitalize on a platform consolidation strategy as IBM concedes on transition to cloud security.

By David Jones • May 16, 2024

Cybersecurity leaders expect their SOC budgets to grow, KPMG finds

Average annual SOC budgets stand at $14.6 million, but most security leaders expect their budgets and headcount to grow by up to 20% over the next two years, the survey found.

By Maura Webber Sadovi • May 15, 2024

Unsafe software development practices persist, despite CISA’s push

The industry isn’t making sufficient progress in cleaning up code despite recurring efforts from the agency to eliminate entire classes of vulnerabilities.

By Matt Kapko • May 15, 2024

Cyber insurance costs are stabilizing as global market grows

Increased capacity is helping to meet rising demand for cyber coverage and more insurers are using tools to assess potential risk, a report from S&P Global Ratings shows.

By David Jones • May 14, 2024