Why some industries are more secure than others

Threats go beyond industry and target organizations depending on business size. Company size is a factor, but so is investment in cyber defense. 

By Sue Poremba • Dec. 7, 2020

NERC expands IT-focused cybersecurity program as hackers target grid operations tech

Previously focused on utility operations IT, the Cybersecurity Risk Information Sharing Program will now include two pilots scanning for threats to operational technologies.

By Robert Walton • Dec. 4, 2020

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

What security experts expect from Biden's cyber strategy

The private sector is playing a more active role in national security. Now, security professionals are hungry for even more cross-sector collaboration.

By Samantha Schwartz • Dec. 3, 2020

Proactive technology upgrades prevent security nightmares, report finds

Successful enterprises stay one step ahead of bad actors, retain talent and get support from top company executives.

By David Jones • Dec. 1, 2020

Technologists grapple with privacy, bias as AI inches closer to customers

Industry must contend with the ethical challenges of building AI as the technology expands in physical and digital customer touchpoints.

By Roberto Torres • Nov. 30, 2020

CISA's head was fired. How a leadership vacancy impacts the private sector

"I know that most, if not all, of my colleagues would currently pass on opportunities in the public sector, which is a shame," said RunSafe Security's Joe Saunders.

By Samantha Schwartz • Nov. 19, 2020

For Wells Fargo, tech, security and innovation drives risk management

Companies must look closely at technology as an operational risk, but neglecting innovation opens more windows for bad actors to enter, a Wells Fargo executive said. 

By Katie Malone • Nov. 19, 2020

Remote work chipped away at zero trust skepticism, increased adoption

Organizations can adopt zero trust systematically. The "peanut butter spread" approach doesn't apply here.

By Samantha Schwartz • Nov. 13, 2020

How companies are meeting the challenge of a changing cyberthreat landscape

Security teams don't have as much access to remote work devices, which obscures network visibility. Cybercriminals capitalized on the opportunity.

By Sue Poremba • Nov. 11, 2020

2020 gave cybersecurity more opportunity. Now CISOs have to seize it

CISOs influence risk appetite and budget. Technology trends, threats, regulations and the pandemic are out of their control.

By Samantha Schwartz • Nov. 6, 2020

Trump, Biden want strong cyber but differ on offense vs. defense

The presidential nominees understand the urgency around cyber efforts but are split on national data protection.

By Katie Malone • Oct. 29, 2020

The cloud is threatening firewalls. Is it time to let them go?

With the cloud, applications or network infrastructures change daily. It's not the perennial update developers and security professionals had to tolerate. 

By Samantha Schwartz • Oct. 28, 2020

Security accounts for just 5.7% of IT spend: Gartner

The range of IT security spending is between 1.7% to 11.5% of IT budgets, but "this is not necessarily good or bad," said Gartner's Tom Scholtz.

By Samantha Schwartz • Oct. 28, 2020

5 cybersecurity and threat trends CISOs must watch

Attacks are all but guaranteed, threats are evolving and a digital realm is targeting the physical. What's keeping CISOs up at night? Everything. 

By Naomi Eide • Oct. 26, 2020

Businesses are using AI for defense. For hackers, it's an attack tool

Security experts are welcoming the advantage of AI while remaining wary of the danger it presents.

By Samantha Schwartz • Oct. 19, 2020

Considering security first is the key to happy end users

Consumers don't want to give up functionality or experience in the name of security.

By Samantha Schwartz • Oct. 16, 2020

Security pushes DevOps to breaking point

The future of DevOps is "going to break application security," said Dale Gardner, research director at Gartner.

By Samantha Schwartz • Sept. 16, 2020

Gartner: 10 key security projects through 2021

As companies adapt to changes in March and what's anticipated for the next 12 months, Brian Reed, senior director analyst at Gartner, wants the focus on projects, not programs.

By Samantha Schwartz • Sept. 15, 2020

Zero trust is widely praised. What's the adoption hangup?

The framework has a steep learning curve and requires modern technology, a Deloitte expert said.

By Samantha Schwartz • Sept. 10, 2020

From VPNs to zero trust, coronavirus shaped security priorities

While there are differences in security priorities pre-pandemic, a lot of hurdles were related to scale.

By Samantha Schwartz • Sept. 9, 2020

Are businesses covered if their service provider is hit by ransomware?

The fallout of supply chain-style ransomware attacks are twofold — data encryption and data exfiltration — cyber insurance has to reckon with both. 

By Samantha Schwartz • July 17, 2020

Why anti-phishing exercises could 'alienate' employees in crisis

Between maintaining business continuity and preserving employee well-being, CISOs had to decide if a pandemic was an appropriate time to test employee cybersecurity awareness.

By Samantha Schwartz • July 16, 2020

Commission amends cyber recommendations to reflect COVID-19 vulnerabilities

Four new recommendations are divided between two sections specific to the pandemic: cybersecurity challenges and lessons in cyber preparedness.

By Samantha Schwartz • June 2, 2020

4 myths cybersecurity experts want busted

No, malware cannot spread from devices sitting next to each other.

By Samantha Schwartz • May 19, 2020

What industry gets wrong about cyber insurance

Despite common perception, recovery from a cyber event — such as paying a ransom — cannot be decided by a carrier.

By Samantha Schwartz • Oct. 31, 2019