Google Cloud research links CI/CD to security prowess

The benefits of automated processes for application development extend beyond organizational performance and have a positive impact on security.

By Matt Kapko • Sept. 29, 2022

Most organizations had a cloud-related security incident in the past year

Security leaders consider the risk of cloud-based incidents higher than on-premises incidents, yet they expect to move more applications to the cloud. 

By David Jones • Sept. 28, 2022

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Cyber paradox: Security looms as obstacle and opportunity in cloud migration

Data protection and compliance solutions are easing cloud adoption even as cyber concerns persist.

By Matt Ashare • Sept. 27, 2022

How common telecom cyber risks snowball in cloud, open source

Public cloud plays a central role in the modernization of wireless networks. But more open source software, vendors and vulnerabilities could spell trouble.

By Matt Kapko • Sept. 23, 2022

Organizations rapidly shift tactics to secure the software supply chain

Synopsys’ 13th annual BSIMM study shows rapid increases in automation and use of SBOMs among software producers and other organizations.

By David Jones • Sept. 22, 2022

The tools and strategies schools need for ransomware defense

CISOs empathize with the unenviable position schools are in as they confront ransomware. The right capabilities could make a big difference.

By Matt Kapko • Sept. 22, 2022

‘Shift-left’ software strategy challenged by security and compliance

Developer burnout and supply chain concerns mount as companies push to begin software testing early in the development process.

By Matt Ashare • Sept. 22, 2022

US government rejects ransom payment ban to spur disclosure

Federal authorities strongly discourage organizations from paying ransoms, but Anne Neuberger of the National Security Council explains why it decided against a ban.

By Matt Kapko • Sept. 19, 2022

Industrial control systems face more cyber risks than IT, expert testifies

Most ICS technology was designed more than 20 years ago and built without cyber resilience, Idaho National Laboratory's Vergle Gipson said. 

By David Jones • Sept. 16, 2022

Microsoft cloud security exec challenges organizations to ditch outdated practices

Modern systems and modes of attack demand a dynamic and realistic security strategy, Shawn Bice said. The problem can be managed, not solved.

By Matt Kapko • Sept. 16, 2022

State education leaders prioritize cybersecurity, but lack funding

In a survey by the State Educational Technology Directors Association, 57% of respondents said their state provides a low amount of funding for cybersecurity.

By Anna Merod • Sept. 15, 2022

Security vendor consolidation a priority for majority of organizations worldwide

Gartner research shows a surge in organizations that want to reduce the complexity of their security stacks.

By David Jones • Sept. 14, 2022

US is shoring up gaps in cyber policy, but critical goals remain unfulfilled

Legislators say the Cyberspace Solarium Commission led to significant national security enhancements, but analysts are calling for urgent momentum on a federal law on data privacy and security.

By David Jones • Sept. 13, 2022

Google closes $5.4B Mandiant acquisition

The Mandiant buy marks the second most expensive acquisition in Google’s history, underscoring the cloud provider’s commitment to become a standalone security brand.

By Matt Kapko • Sept. 12, 2022

CISA announces RFI for critical infrastructure cyber reporting mandate

The agency plans to publish the information request in the Federal Register on Monday and will kick off a national listening tour.

By David Jones • Sept. 9, 2022

CISA Director: Tech industry should infuse security at product design stage

Agency director Jen Easterly outlined a push for faster incident reporting and closer industry collaboration.

By David Jones • Sept. 7, 2022

Most organizations remain unprepared for ransomware attacks

Too many organizations are failing to meet cybersecurity demands. Ransomware attacks abound and humans are still the weakest link.

By Matt Kapko • Sept. 6, 2022

Okta CEO pushes for passwordless future in wake of phishing attacks

Customers that rely on passwords and log-in pages are putting their organizations at greater risk of attack, Todd McKinnon told analysts.

By Matt Kapko • Sept. 2, 2022

CrowdStrike, Palo Alto earnings show resilience in cyber investments amid macro concerns

Enterprises are continuing to invest in cybersecurity, but remain focused on consolidating vendors.

By David Jones • Sept. 1, 2022

SaaS sprawl amps up security challenges amid heightened risk

Two-thirds of businesses say they're spending more on SaaS applications year over year, Axonius data shows.

By Roberto Torres • Sept. 1, 2022

Multifactor authentication has its limits, but don’t blame the technology

Despite phishing attacks that evaded authentication and engulfed many technology companies of late, organizations shouldn’t hesitate to use MFA.

By Matt Kapko • Sept. 1, 2022

CISOs aim to balance investments, outsourcing against risks

Cyberattack risk still largely comes down to human error, regardless of how much organizations spend to bolster defense.

By Matt Kapko • Aug. 31, 2022

Slack enhances platform security amid rapid expansion and heightened risk

The enterprise messaging platform has faced increased customer concerns about security and privacy.

By David Jones • Aug. 31, 2022

Changing cyber insurance guidance from Lloyd’s reflects a market in turmoil

Rising ransomware attacks and higher payout demands have battered the insurance industry, leaving many organizations exposed and vulnerable. 

By David Jones • Aug. 29, 2022

Tips for how to safeguard against third-party attacks

Organizations need to demand and ensure all vendors implement rigorous security measures. Sometimes the least likely tools pose the most risk. 

By Matt Kapko • Aug. 25, 2022