Strategy: Page 2
-
Why Okta is overhauling its priorities, culture around security
CSO David Bradbury acknowledges the company’s brand is tarnished. “We need a track record of zero breaches. That’s what builds trust.”
By Matt Kapko • March 1, 2024 -
NIST makes it official: governance is a critical part of cybersecurity
A collection of resources accompany CSF 2.0 to make the guidance easier for businesses to use and put into practice across their operations.
By Matt Kapko • Feb. 29, 2024 -
Trendline
Risk Management
Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues.
By Cybersecurity Dive staff -
Okta reports ‘minimal’ financial impact following support portal attack
The identity and access management firm is promising to make security a top priority, even though Okta’s CFO said the attack fallout is “not quantifiable.”
By Matt Kapko • Feb. 29, 2024 -
Okta, with a bruised reputation, rethinks security from the top down
CSO David Bradbury detailed to Cybersecurity Dive what the identity and access management company got wrong and the security pledges it's making to customers.
By Matt Kapko • Feb. 27, 2024 -
CFOs take backseat to CISOs on SEC cyber rules
Less than half of finance chiefs are involved in the SEC's cybersecurity breach disclosure process, AuditBoard found.
By Alexei Alexis • Feb. 27, 2024 -
LockBit group revives operations after takedown
The comeback is no surprise to experts — and some think LockBit as a brand is dead — but the reemergence underscores persistent challenges for authorities.
By Matt Kapko • Feb. 26, 2024 -
Palo Alto Networks’ free incentives offer sparks investor anxiety
The firm is giving away services and offering deferred billing to corral new customers into its consolidated cybersecurity platforms.
By David Jones • Feb. 21, 2024 -
State Department puts $10M bounty on AlphV ransomware group
The prolific ransomware group and its affiliates are behind some of the most high-profile attacks in the last year.
By Matt Kapko • Feb. 15, 2024 -
Contractual obligations driving data privacy, cybersecurity upgrades
To secure work from business partners, more companies are getting serious about having the right technical and legal safeguards, a specialist says.
By Robert Freedman • Feb. 13, 2024 -
CISA blitzes Super Bowl with cyber campaign as businesses fumble security
CISA brought its Secure Our World initiative to Las Vegas, for the biggest annual event in sports. Will anyone heed the advice?
By Matt Kapko • Feb. 9, 2024 -
National cyber director urges private sector collaboration to counter nation-state cyber threat
Harry Coker said the Biden administration is exploring plans to hold manufacturers accountable for poor security, while also working to harmonize regulations.
By David Jones • Feb. 9, 2024 -
Mortgage industry attack spree punctuates common errors
Attacks against Mr. Cooper Group, Fidelity National Financial, First American Financial and loanDepot impacted operations and put customers in a bind.
By Matt Kapko • Feb. 6, 2024 -
Business, technology groups back SolarWinds motion to dismiss SEC charges
Former U.S. cybersecurity officials and a group of current and former CISOs warned the fraud suit against SolarWinds could chill intel sharing from the private sector.
By David Jones • Feb. 5, 2024 -
Sponsored by Tines
4 ways the role of the CISO will change in 2024
2024 marks a new era for CISOs. Faced with increasing responsibility in the wake of SolarWinds, they’ll demand better budgets, head counts, and tooling - or go elsewhere.
By Thomas Kinsella, CCO and co-founder, Tines • Feb. 5, 2024 -
Okta to cut 7% of workforce as push to revamp security is underway
The layoffs come during the company's 90-day overhaul to address lax security following a string of cyberattacks targeting Okta and its customers.
By Matt Kapko • Feb. 1, 2024 -
White House rejects efforts to undo SEC cyber disclosure rule
President Joe Biden would veto the joint resolution that aims to strip the agency’s authority to require companies to disclose cyber incidents and governance processes, the administration said Wednesday.
By Matt Kapko • Jan. 31, 2024 -
What’s ahead for cybersecurity in 2024
A steady stream of threats and new regulations have executives tiptoeing around how to best detail security incidents.
By Naomi Eide • Jan. 31, 2024 -
In 2024, the cybersecurity industry awaits more regulation — and enforcement
Private sector companies and critical infrastructure providers will face unprecedented demands for product security, intelligence sharing and transparency on data security.
By David Jones • Jan. 31, 2024 -
Midnight Blizzard attack seen as another sign of Microsoft falling short on security
Critics say the hack of senior Microsoft executives’ emails is another example of a longstanding series of security lapses and foot-dragging by the company.
By David Jones • Jan. 26, 2024 -
Progress Software shakes off MOVEit’s financial consequences, maintains customers
Executives described the file-transfer service as one of its stronger performing products and said customers remain loyal.
By Matt Kapko • Jan. 18, 2024 -
Cyber tops business risk for enterprises worldwide, report finds
Cyber replaced business interruption as the top concern among U.S. businesses, according to the Allianz Risk Barometer.
By David Jones • Jan. 16, 2024 -
Cyber funding and M&A drop in 2023
Venture capitalists shifted strategies throughout 2023 as they tightened investment levels to minimize potential losses, Pinpoint Search Group found.
By Matt Kapko • Jan. 11, 2024 -
5 cybersecurity trends to watch in 2024
Preventative measures remain woefully unmet, the scourge of ransomware is as bad as its ever been, and a wave of new incident reporting and compliance regulations are taking hold. Buckle up, 2024 is here.
By David Jones , Matt Kapko • Jan. 10, 2024 -
Merck reaches settlement in closely watched NotPetya insurance case
The pharmaceutical giant previously won a New Jersey court decision involving $700 million of a $1.4 billion dispute over war-exclusions language related to the attack.
By David Jones • Jan. 8, 2024 -
LastPass enforces 12-character master password lengths
The password manager made its years-old guidance on master password complexity a requirement nearly a year and a half after it was hit by a major cyberattack.
By Matt Kapko • Jan. 4, 2024