Microsoft confirms partial loss of security log data on multiple platforms

The company previously expanded free access to security logs on several platforms, including Purview, following the 2023 state-linked hack of Exchange Online.

By David Jones • Oct. 18, 2024

FBI, CISA seek input on software security, configuration changes

Authorities are seeking public comment on steps the software industry can take to make their products more resistant to malicious threat activity.

By David Jones • Oct. 17, 2024

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Majority of global CISOs want to split roles as regulatory burdens grow

Trellix research shows rising cybersecurity demands from the SEC and other government bodies are pushing CISOs even closer to the edge.

By David Jones • Oct. 15, 2024

Where organizations invest after a data breach

Asking customers to foot the bill for data breach remediation will not prevent future data breaches or address the issues that cause costs to increase.

By Sue Poremba • Oct. 14, 2024

Leading CISOs weigh in on AI’s role in security: 7 key takeaways

Learn how CISOs are approaching AI adoption and embracing innovation -- while mitigating risk.

By Thomas Kinsella, COO and co-founder • Oct. 14, 2024

Decrease in deals and large rounds cut cyber funding to $2.1B in Q3

The decline in funding accentuates the inconsistent pace of venture capital investments in cyber startups.

By Matt Kapko • Oct. 10, 2024

Cyber risk tops C-suite concerns heading into US election

A report by PwC shows American business leaders will continue to focus on data regulation, AI and technology investments regardless of which party prevails in November.

By David Jones • Oct. 10, 2024

CIOs turn to NIST to tackle generative AI’s many risks

Discover's CIO is one of many tech leaders working to limit generative AI missteps by turning to risk management frameworks to get deployment right from the outset.

By Lindsey Wilkinson • Oct. 9, 2024

CISOs, C-suite remain at odds over corporate cyber resilience

Security and IT executives, more than a year after a SEC vote on incident disclosure, still face an uphill battle to articulate risk strategy.

By David Jones • Oct. 7, 2024

Counter Ransomware Initiative summit emphasizes arduous effort

An international collective of cyber officials continued discussions with the White House on how to counter ransomware attacks, reduce payments and increase response capabilities.

By Matt Kapko • Oct. 7, 2024

United Airlines leaned on real-time data to recover from the CrowdStrike outage

The airline modernized its technology foundations with better customer experiences in mind. Then, a major software outage underscored the importance of live data.

By Matt Ashare • Oct. 4, 2024

What’s next for CrowdStrike on the road to repair its reputation?

The cybersecurity vendor finds itself operating from a vulnerable position. Efforts to earn back trust are complex and some require industrywide support.

By Matt Kapko • Oct. 3, 2024

Two-thirds of healthcare organizations hit by ransomware in past year: survey

Nearly 40% of healthcare organizations reported it took more than a month to recover after an attack, according to the survey by cybersecurity firm Sophos.

By Emily Olsen • Oct. 2, 2024

State CISOs up against a growing threat environment with minimal funding, report finds

A report by Deloitte and NASCIO warns that states do not have the resources necessary to fight state-backed and criminal threat groups.

By David Jones • Oct. 2, 2024

Customers are done with passwords. Do businesses have a solution?

Research shows customers are frustrated with the login experience, and the friction can cost businesses customers.

By Kristen Doerer • Sept. 30, 2024

For Google to reduce memory-safety defects, it focused on new code

Google’s experience provides software developers a roadmap to address one of the most persistent security problems: memory-safety CVEs.

By Matt Kapko • Sept. 26, 2024

CrowdStrike CEO pushes ‘resilient by design’ framework, promising changes

The cybersecurity vendor is embracing a new business framework to address security deployment lapses and the fragility of interconnected systems.

By Matt Kapko • Sept. 26, 2024

CISA again raises alarm on hacktivist threat to water utilities

The alert comes just days after an attack against a water treatment facility in Kansas.

By David Jones • Sept. 26, 2024

Cyber commission seeks detailed plan to secure high-risk infrastructure

A report said most recommendations from the Cyberspace Solarium Commission are near completion, but also called for greater private-sector collaboration and insurance reforms.

By David Jones • Sept. 25, 2024

CrowdStrike’s mea culpa: 5 takeaways from the Capitol Hill testimony

CrowdStrike was quick to apologize after a faulty content update triggered a global IT network outage. An executive detailed internal changes designed to prevent it from happening again.

By Matt Kapko • Sept. 25, 2024

Data privacy concerns swirl around generative AI adoption

IT and business professionals fear the technology's adoption can lead to data leakage, according to a Deloitte report.

By Roberto Torres • Sept. 25, 2024

Microsoft names deputy CISOs, flushes dead accounts as part of internal security overhaul

The company released a progress report on efforts to revamp its internal security culture and governance.

By David Jones • Sept. 23, 2024

Leadership in learning: Cultivating resilient cyber teams through education

Promoting cybersecurity in the workplace is essential. Empowering staff begins with high-quality online programs.

Sept. 23, 2024

Kevin Mandia’s 5 question confidence test for CISOs

For most organizations, cyberthreats are too imposing to get bogged down in low-impact exercises. Mandiant’s founder advises executives to look for a security mindset above all else.

By Matt Kapko • Sept. 20, 2024

Generative AI raises security concerns among IT leaders

Executives worry their organization lacks the ability to protect applications and workloads, according to a Flexential survey.

By Lindsey Wilkinson • Sept. 19, 2024