Signs of stability emerge in turbulent cyber insurance market

Rates continue to soar, but Marsh research shows the pace of increases is slowing. 

By Naomi Eide • Oct. 13, 2022

Microsoft’s CISO on why cloud matters for security response

Cloud can give companies insight into current and future threats as the landscape grows more complex, said Bret Arsenault.

By Roberto Torres • Oct. 12, 2022

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Mandiant propels Google Cloud’s security prospects

With Mandiant officially under his wing, Google Cloud CISO Phil Venables expects the incident responders to help Google become a proactive force.

By Matt Kapko • Oct. 11, 2022

What is phishing-resistant multifactor authentication? It’s complicated.

Physical keys with cryptographic protocols can deliver higher levels of assurance, but organizations shouldn’t conflate resistance with infallibility.

By Matt Kapko • Oct. 10, 2022

CISOs, corporate boards in wide disagreement on cyber resilience

A study backed by researchers from MIT shows corporate boards are more focused on cyber risk, but are out of alignment with CISOs on key issues. 

By David Jones • Oct. 10, 2022

Cybersecurity needs a statewide approach, report finds

Research from Deloitte and state CIOs shows cities often hesitate to work with states on cybersecurity to protect their autonomy, but local government cyber grants could change that. 

By Michael Brady • Oct. 10, 2022

Multifactor authentication is not all it’s cracked up to be

Text message and email-based authentication aren’t just the weakest variants of MFA. Cybersecurity professionals say they are broken.

By Matt Kapko • Oct. 5, 2022

Why user experience is essential to identity protection

Organizations must strike a delicate balance between maximizing end-user protection and minimizing the security-related obstacles.

By Kapil Raina • Oct. 5, 2022

Security to take an outsized role in IT spending in 2023

“If you look across all of these categories, security is a line item in all of them,” Spiceworks Ziff Davis’ Peter Tsai said.

By Matt Ashare • Oct. 4, 2022

C-suite, boards are prioritizing cybersecurity, but still expect increased threats

Senior executives around the world are taking risk management more seriously, PwC research found, but many are still concerned about business resilience.

By David Jones • Sept. 30, 2022

Google Cloud research links CI/CD to security prowess

The benefits of automated processes for application development extend beyond organizational performance and have a positive impact on security.

By Matt Kapko • Sept. 29, 2022

Most organizations had a cloud-related security incident in the past year

Security leaders consider the risk of cloud-based incidents higher than on-premises incidents, yet they expect to move more applications to the cloud. 

By David Jones • Sept. 28, 2022

Cyber paradox: Security looms as obstacle and opportunity in cloud migration

Data protection and compliance solutions are easing cloud adoption even as cyber concerns persist.

By Matt Ashare • Sept. 27, 2022

How common telecom cyber risks snowball in cloud, open source

Public cloud plays a central role in the modernization of wireless networks. But more open source software, vendors and vulnerabilities could spell trouble.

By Matt Kapko • Sept. 23, 2022

Organizations rapidly shift tactics to secure the software supply chain

Synopsys’ 13th annual BSIMM study shows rapid increases in automation and use of SBOMs among software producers and other organizations.

By David Jones • Sept. 22, 2022

The tools and strategies schools need for ransomware defense

CISOs empathize with the unenviable position schools are in as they confront ransomware. The right capabilities could make a big difference.

By Matt Kapko • Sept. 22, 2022

‘Shift-left’ software strategy challenged by security and compliance

Developer burnout and supply chain concerns mount as companies push to begin software testing early in the development process.

By Matt Ashare • Sept. 22, 2022

US government rejects ransom payment ban to spur disclosure

Federal authorities strongly discourage organizations from paying ransoms, but Anne Neuberger of the National Security Council explains why it decided against a ban.

By Matt Kapko • Sept. 19, 2022

Industrial control systems face more cyber risks than IT, expert testifies

Most ICS technology was designed more than 20 years ago and built without cyber resilience, Idaho National Laboratory's Vergle Gipson said. 

By David Jones • Sept. 16, 2022

Microsoft cloud security exec challenges organizations to ditch outdated practices

Modern systems and modes of attack demand a dynamic and realistic security strategy, Shawn Bice said. The problem can be managed, not solved.

By Matt Kapko • Sept. 16, 2022

State education leaders prioritize cybersecurity, but lack funding

In a survey by the State Educational Technology Directors Association, 57% of respondents said their state provides a low amount of funding for cybersecurity.

By Anna Merod • Sept. 15, 2022

Security vendor consolidation a priority for majority of organizations worldwide

Gartner research shows a surge in organizations that want to reduce the complexity of their security stacks.

By David Jones • Sept. 14, 2022

US is shoring up gaps in cyber policy, but critical goals remain unfulfilled

Legislators say the Cyberspace Solarium Commission led to significant national security enhancements, but analysts are calling for urgent momentum on a federal law on data privacy and security.

By David Jones • Sept. 13, 2022

Google closes $5.4B Mandiant acquisition

The Mandiant buy marks the second most expensive acquisition in Google’s history, underscoring the cloud provider’s commitment to become a standalone security brand.

By Matt Kapko • Sept. 12, 2022

CISA announces RFI for critical infrastructure cyber reporting mandate

The agency plans to publish the information request in the Federal Register on Monday and will kick off a national listening tour.

By David Jones • Sept. 9, 2022