Strategy: Page 28
-
Adeline Kon/Cybersecurity Dive
ColumnBehind the Firewall: Security investments that will stick post-pandemic
As long-term strategies for remote work solidify, VPNs, EDR and other tools are here to stay.
By Katie Malone , Samantha Schwartz • Aug. 16, 2021 -
Rebecca Pifer/Cybersecurity Dive
Should healthcare organizations pay to settle a ransomware attack?
The decision goes beyond finances: In healthcare, it's a moral judgement, too. "I don't think there's a single yes or no," said Michael Coates, former Twitter CISO.
By Rebecca Pifer • Aug. 13, 2021 -
Explore the Trendline➔
.shock via Getty Images
TrendlineRisk Management
An esclation of cyber risks facing businesses and government has made cyber resilience a major priority.
By Cybersecurity Dive staff -
Dean Mouhtaropoulos via Getty Images
Criminal middlemen administer access to privileged accounts
Ransomware attacks stem from a specialized division of labor selling stolen credentials and providing unauthorized access to the enterprise, according to an IntSights report.
By David Jones • Aug. 12, 2021 -
Stefan Zaklin / Stringer / via Getty Images via Getty Images
White House cyber strategy takes shapeHow the $1.2 trillion infrastructure bill invests in cyber
As part of the larger cyber funding injection, the legislation sets aside $100 million, allocated over five years, for the Cyber Response and Recovery Fund.
By Samantha Schwartz • Aug. 12, 2021 -
Patrick Lux via Getty Images
Is XDR the next best security solution?
SOCs are still learning about extended detection and response and how to apply it to an existing security stack. But when properly deployed, it's an asset for incident response.
By Samantha Schwartz • Aug. 11, 2021 -
How human instinct can interfere with cyber crisis response
In a gut reaction to a security incident, users may make the wrong move to avoid losing data.
By Samantha Schwartz • Aug. 10, 2021 -
ijeab/Getty Images Plus via Getty Images
It's time to bridge the gap between security and development
More than 80% of developers knowingly release applications with insecure code, but experts say security and development don't have to be at odds.
By Brian Eastwood • Aug. 9, 2021 -
Samantha Schwartz/Cybersecurity Dive
CISA takes aim at information sharing woes, launches public-private super group
The Joint Cyber Defense Collaborative is Jen Easterly's first major initiative as CISA's second-ever director.
By Samantha Schwartz • Aug. 6, 2021 -
Mark Wilson via Getty Images
Don't ask whether to pay a ransom — ask how attackers could get in
Paying a ransom does not always mitigate damage from the attack or unlock encrypted systems.
By Samantha Schwartz • Aug. 3, 2021 -
Retrieved from Flickr/Amtec Photos.
Preparedness, checklists, leadership buy-in: How to build a rapid IT response
Navigating cyberattacks and outages means companies rely on IT leaders to respond quickly, as business continuity hinges on functioning systems.
By Roberto Torres • Aug. 2, 2021 -
Adeline Kon/Cybersecurity Dive
Column
Behind the Firewall: 5 security leaders share incident response plans
With a strong plan in place, security teams can jump immediately into action when a cyber incident occurs to — hopefully — mitigate the damage.
By Katie Malone • July 30, 2021 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
White House cyber strategy takes shapeBiden orders voluntary cybersecurity performance goals for electric utilities, other critical sectors
The president on Wednesday signed a national security memorandum that also expands and formally establishes a cross-sector Industrial Control System Cybersecurity Initiative, which was piloted by the electric sector.
By Robert Walton • July 30, 2021 -
Matthew Stockman/Getty via Getty Images
Ransomware, supply chain attacks put cyber insurers on notice
Malicious cyber activity will force the insurance industry to raise premiums, raise standards and, in some cases, negotiate ransom payments, newly released data from Coalition shows.
By David Jones • July 28, 2021 -
Tomohiro Ohsumi via Getty Images
Engineers need cybersecurity training, too
Companies will undergo a shift in cyber culture, eventually combining the data engineers and network security professionals use to search for vulnerabilities.
By Samantha Schwartz • July 22, 2021 -
Chip Somodevilla / Staff via Getty Images
White House cyber strategy takes shapeBiden administration readies 3 initiatives to curb ransomware
The government wants cybercriminals to think twice before instigating an incident and private industry to engage more.
By Samantha Schwartz • July 21, 2021 -
Adeline Kon/Cybersecurity Dive
Column
Behind the Firewall: How 6 security execs screen vendors
In the wake of high-profile vendor attacks, security due diligence prior to signing a third-party contract is a must.
By Katie Malone , David Jones • July 16, 2021 -
Alex Wong via Getty Images
Want to quickly recover from ransomware? Plan ahead
Security teams need to understand how the business will work when an attacker limits access to its systems.
By Katie Malone • July 15, 2021 -
Justin Sullivan via Getty Images
Critical goods industries face existential ransomware decisions
For certain industries, the choice is between paying millions to settle a criminal extortion or allowing a catastrophic supply chain disruption.
By David Jones • June 30, 2021 -
Leon Neal via Getty Images
Opinion3 ways to assess the effectiveness of security awareness training
Failure to prove the effectiveness of a security awareness program can lower the executive support critical to ensuring participation in the program.
By Richard Addiscott • June 14, 2021 -
Traitov/iStock/Getty via Getty Images
Bad actors hide in everyday IT tools, complicating detection
Security tools automatically block certain threats, yet there's often a larger intrusion detection teams and services need to weed out.
By Samantha Schwartz • June 9, 2021 -
Courtesy of Apple
Apple's privacy, security features seen as favorable to enterprise remote work
Experts are comparing Private Relay to protections traditionally found in VPN technology, as Apple continues to grow its enterprise presence.
By David Jones • June 8, 2021 -
Alex Wong via Getty Images
Data breaches, poor cyber practices raise cost of borrowing: study
Research from the American Accounting Association shows banks have raised interest rates on companies where customer data has been hacked.
By David Jones • June 7, 2021 -
Rob Kim via Getty Images
CISOs earn higher profile with remote work, evolving threats
Corporate boards are demanding regular updates on the latest threats, while simultaneously asking CISOs to make sure workers meet business objectives in the most secure manner possible.
By David Jones • June 3, 2021 -
Chip Somodevilla via Getty Images
White House cyber strategy takes shapeBiden budget proposes $58B to take on legacy tech, cybersecurity
Legacy tech holds the federal government back, and agencies remain targets of advanced cyber crime. The budget proposal provides financial support to chip away at recovery.
By Katie Malone • June 3, 2021 -
FluxFactory, E+ via Getty Images
Long-term SolarWinds consequencesRethink risk management programs post-SolarWinds, experts say
Companies need to ensure their vendors are putting the most protections in place for their most important products and services.
By Samantha Schwartz • June 1, 2021
Previous
