LastPass aftermath leaves long to-do list for business customers

Organizations using the password manager are exposed after a major breach compromised credentials and, potentially, business secrets.

By Matt Kapko • March 6, 2023

White House releases national cyber strategy, shifting security burden

The long-anticipated policy will push the technology industry to shoulder more of the load for cyber risk, while promoting long-term investments and global cooperation against common threats. 

By David Jones • March 2, 2023

Explore the Trendline➔

Passwords and authentication

[TK]

By Cybersecurity Dive staff

An ongoing SOC skills shortage could spell trouble for compliance

Without skilled analysts to monitor the SOC, the risk of a successful cyberattack breaking through a company’s defenses grows. 

By Sue Poremba • March 1, 2023

3 CISA principles for secure by design

The Biden administration is expected to emphasize safer development practices when it rolls out the national security strategy for cyber. 

By David Jones • Feb. 28, 2023

Attackers reduce complexity to catch more potential victims

Palo Alto Networks warns attackers are building economies of scale by conducting more efficient operations and complementing their skills with commercially available tools.

By Matt Kapko • Feb. 23, 2023

6 stories that show the state of security spending and risk

In an effort to shore up business technology, organizations are investing more in security, but there is a limit to how much those budgets can grow.

By Naomi Eide • Feb. 21, 2023

GitHub Copilot for Business, now in public release, weaves in security

The coding tool includes AI-based security capabilities, automatically blocking common insecure code suggestions.

By Lindsey Wilkinson • Feb. 17, 2023

Companies grapple with post-breach disclosure risks

The concerns leading organizations to withhold information are aplenty, including reputational damage and financial impacts.

By Matt Kapko • Feb. 16, 2023

IT security budgets triple as businesses confront more cyberattacks across Europe, US

Five-year data from Hiscox shows businesses are facing more frequent and more costly attacks.

By David Jones • Feb. 16, 2023

Cybersecurity jobs least likely to be impacted by economic uncertainty, (ISC)2 says

A series of high-profile and damaging cyberattacks has underscored the critical role cybersecurity teams play, and top brass are taking notice.

By Matt Kapko • Feb. 16, 2023

Liberty Mutual launches global cyber office

The office will bring a multidisciplinary approach to cyber risk just as the global insurance industry sees signs of clarity amid a turbulent market for cyber.

By David Jones • Feb. 14, 2023

Economic volatility to exacerbate cyber risk in 2023

A potential recession could lead to delayed innovation and inadequate budgets for long-term investments, the Bipartisan Policy Center said in a report.

By Matt Kapko • Feb. 14, 2023

Zero trust is moving from hype to reality

Organizations must plan ahead and invest in people and resources to succeed with zero trust, writes Gartner analyst John Watts. 

By John Watts • Feb. 10, 2023

On deck for the business of cybersecurity: Fire sales and due diligence

Enterprise cybersecurity is navigating market turmoil and vendor consolidation. Here’s what experts expect to happen to the industry in 2023.

By Naomi Eide , Matt Kapko , David Jones • Jan. 31, 2023

Box CEO on the ‘perfect storm’ of challenges in cybersecurity

“These are very, very complicated, dynamic, chaotic times on the security front,” Aaron Levie said.

By Matt Kapko • Jan. 31, 2023

Microsoft surpasses $20B in security revenue as enterprise customers consolidate

The company’s cybersecurity business is growing, but CEO Satya Nadella warned that customers, in an uncertain economy, are exercising caution.

By David Jones • Jan. 30, 2023

A first-hand look inside Walmart’s robust security operations

The retail behemoth invited a handful of journalists to its tech offices in Bentonville, Arkansas. The scope of Walmart’s operations speaks to the lengths enterprises must go to remain secure. 

By Naomi Eide • Jan. 30, 2023

Battle of the breach: Prioritizing proactive ransomware defense

Industry will soon face a reality where organizations are attacked every two seconds by threat actors that continue to evolve. So now what?

By Sebastian Goodwin • Jan. 25, 2023

Only half of companies have the budgets necessary to mitigate cybersecurity risks: study

A report from Neustar shows macroeconomic pressures are leading to a squeeze on IT security spending.

By David Jones • Jan. 24, 2023

Cyber, business interruption remain top global corporate risks

Risk management leaders remain highly concerned about the threat of malicious attacks and data breaches, according to Allianz Global.

By David Jones • Jan. 18, 2023

A ransomware negotiator shares 3 tips for victim organizations

This is no time for knee-jerk reactions. “Take a deep breath and slow things down,” said Drew Schmitt, principal threat intelligence analyst at GuidePoint Security.

By Matt Kapko • Jan. 18, 2023

Surging cyberthreats, data concerns remain top dispute risks for organizations

A survey from Baker McKenzie shows a heightened risk of legal challenges amid a rise in sophisticated cyberattacks, along with concerns about the regulatory response. 

By David Jones • Jan. 12, 2023

T-Mobile CSO: One wrong decision can wreak havoc

Adversaries attacked a T-Mobile honeypot 65 million times a day, Timothy Youngblood recalls.

By Matt Kapko • Jan. 11, 2023

Beazley launches historic $45M cyber catastrophe bond

The announcement marks the first time an insurance-linked securities instrument has been created to cover catastrophic cyber risk. 

By David Jones • Jan. 10, 2023

Tech priorities out of sync with security needs, CISA director says

As long as priorities and incentives are misaligned, security and safety needs will remain unmet. “We can’t just let technology off the hook,” Jen Easterly said.

By Matt Kapko • Jan. 9, 2023