Strategy: Page 28
-
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA wants to identify the most vulnerable critical infrastructure
The agency is basing its analysis on economic and network centrality, as well as "logical dominance in the national critical functions," Director Jen Easterly said.
By Samantha Schwartz • Nov. 1, 2021 -
Spencer Platt via Getty Images
Corporate boards, C-suite finally prioritize cyber after years of business risk
Following a surge of supply chain attacks and ransomware over the past year, enterprise leaders are finally giving cybersecurity the attention it deserves.
By David Jones • Oct. 27, 2021 -
Explore the Trendline➔
.shock via Getty Images
TrendlineRisk Management
An esclation of cyber risks facing businesses and government has made cyber resilience a major priority.
By Cybersecurity Dive staff -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images
Q&AA conversation with SolarWinds’ CISO
"Our CEO got a call in the morning from Kevin Mandia. And then he called me, and then the CTO for FireEye called me. That's our nightmare moment," Tim Brown told Cybersecurity Dive.
By Samantha Schwartz • Oct. 26, 2021 -
stock.adobe.com/JacobLund
Sponsored by CybersourceHow businesses are tackling fraud in a digital-first reality
With digital transactions and eCommerce continuing to grow in volume, successfully taking on fraud will require businesses to explore and rely on new tools and technologies.
Oct. 25, 2021 -
Christopher Furlong via Getty Images
2022 could bring OT weaponization, ransomware laws, Gartner says
In the last decade companies underwent digital transformation, with cloud taking over legacy solutions. But the same practices cannot be deployed year after year.
By Samantha Schwartz • Oct. 21, 2021 -
Avoid paying ransoms, Gartner says. Instead, focus on situational awareness
In the event of a ransomware attack, CISOs need to pause amid chaos and gain a better understand around steps to recovery.
By Samantha Schwartz • Oct. 20, 2021 -
8 security and risk management trends to watch: Gartner
The pandemic is still shaping security architecture and long-term decisions. In response, businesses are creating cyber mesh architectures and consolidating products.
By Samantha Schwartz • Oct. 19, 2021 -
Samantha Schwartz/Cybersecurity Dive
The public needs to understand what's at stake with cyberattacks, DHS adviser says
The Colonial Pipeline cyberattack was a "crisis of communication" between the company and consumers, Homeland Security Adviser Suzanne Spaulding said.
By Samantha Schwartz • Oct. 15, 2021 -
Sean Gallup via Getty Images
OpinionHow to secure the enterprise against REvil-style attacks
There is no way to fully protect against advanced attacks such as zero-day vulnerabilities or nation-state threats — responding quickly is critical to minimizing damage.
By Chris Silva • Oct. 12, 2021 -
Brendan Smialowski / Stringer via Getty Images
War room preparation key to ransomware response, experts say
Companies need to assemble stakeholders ahead of an attack and be ready for potential fallout from litigation, reputational risk and operations disruption.
By David Jones • Oct. 11, 2021 -
Sarah Silbiger via Getty Images
Deep DiveWhat's under the hood of a medical device? Software bill of materials hits inflection point
President Joe Biden's executive order calls for SBOMs, and the FDA wants to require premarket submissions to have an inventory of third-party device components. AdvaMed is concerned the data could be exploited by hackers.
By Greg Slabodkin • Oct. 11, 2021 -
Courtesy of Colonial Pipeline Company
Why CEOs become communication chiefs after a cyberattack
When ransomware hit, the CEOs of Colonial Pipeline and Accellion paused their day-to-day duties. Their immediate new roles? Communication.
By Samantha Schwartz • Oct. 7, 2021 -
Samantha Schwartz/Cybersecurity Dive
Mandiant CEO: 3 threats that changed cybersecurity in 2020
CISOs getting comfortable in a more operational role were met with unprecedented cyberattacks — implants, zero days and ransomware — within the last year and a half.
By Samantha Schwartz • Oct. 6, 2021 -
Carl Court via Getty Images
Insider threat environment faces challenges amid changing corporate landscape
As remote work becomes permanent and employee turnover rises, companies face additional challenges in protecting sensitive data, according to a panel discussion at Mandiant Cyber Defense Summit.
By David Jones • Oct. 6, 2021 -
Markus Spiske
NIST urges supply chain to include cyber in risk management
Industries that rely heavily on technology are the best at incorporating cyber in their supply chain risk management plans, according to NIST's Jon Boyens.
By Samantha Schwartz • Oct. 5, 2021 -
Healthcare workers concerned with cybersecurity amid burnout and pandemic woes
Nearly three-quarters of healthcare professionals are concerned that patient health information is being sent through unsecured tools, according to a new survey from hospital communications firm Spok.
By Shannon Muchmore • Oct. 1, 2021 -
Ryan Golden/Cybersecurity Dive
Digitization costs manufacturing plants 'the luxury of isolation,' changing risk management
OT organizations transition from site-level best practices to overall best practices, and move plant operations into an enterprise SOC.
By Samantha Schwartz • Oct. 1, 2021 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
With remote work, any employee could be an insider threat. How is CISA mitigating the risk?
CISA released a self-assessment tool which organizations can use to generate reports on their tolerance and capabilities for preventing insider threats.
By Samantha Schwartz • Sept. 30, 2021 -
Leon Neal via Getty Images
Remote work had little effect on employees' password habits: report
Employees are still reusing credentials, as vendors explore a passwordless future, according to a report from LastPass' Psychology of Passwords.
By Samantha Schwartz • Sept. 24, 2021 -
Enterprises plan major investments as remote work escalates security risk: report
Companies face significant challenges in managing security as the work-from-home model moves from an emergency stopgap to a more permanent environment.
By David Jones • Sept. 22, 2021 -
Patrick Lux via Getty Images
Is there too much transparency in cybersecurity?
Between information sharing, software accountability, or incident response and disclosures, companies have to find the disclosure sweet spot.
By Samantha Schwartz • Sept. 21, 2021 -
Markus Spiske
What to know about software bill of materials
The Biden administration wants more transparency in the software supply chain. Will private industry join in?
By Samantha Schwartz • Sept. 20, 2021 -
Sean Gallup via Getty Images
Companies must develop operational plan for ransomware recovery
In the face of more frequent and sophisticated attacks, companies need to identify their most critical assets and work to limit cyberattack fallout.
By David Jones • Sept. 17, 2021 -
David Ramos via Getty Images
Companies confident in cybersecurity despite growing threats: report
There's a perception of "safety in numbers," Beazley's survey found. "Time will tell if such high levels of confidence are well placed."
By Samantha Schwartz • Sept. 16, 2021 -
Brendan Smialowski / Stringer via Getty Images
Boards rethink incident response playbook as ransomware surges
Corporate boards are no longer rubber-stamping assurances from CIOs or CISOs but are bringing in outside experts, asking more questions and preparing for the risk of personal liability.
By David Jones • Sept. 15, 2021
Previous
