Strategy: Page 40
-
Getty Images
Collaboration breakdowns hurt security, transformation
Companies that succeeded at pivoting to remote work, and managing the associated IT and cybersecurity challenges, were those that enabled cross-functional teams.
By Roberto Torres • May 7, 2021 -
Scott Olson via Getty Images
Targeted industrial control systems add cautionary flag to cyber defense strategies
A Defend Forward strategy used in the IT space may not translate well in the OT environment, according to panelists at the Hack the Capitol conference.
By David Jones • May 6, 2021 -
Explore the Trendlineâž”
Getty Images
-
Getty Images
DHS cybersecurity sprints focus on ransomware, hiring
The agency intends to undergo "the most significant hiring initiative" in its history to defend against cyberattacks, said Secretary Alejandro Mayorkas.
By Samantha Schwartz • May 6, 2021 -
Stefani Reynolds / Stringer via Getty Images
Cyberthreats dog the US supply chain, complicated by global competition
As companies acquire components and services, they need mechanisms to ensure backdoors are not lurking in their systems, experts at the Hack the Capitol 2021 conference said.
By David Jones • May 5, 2021 -
Getty Images
Relationships between DevOps, security warm slowly
Some hurdles stem from miscommunication, or balancing quick product releases with undesired security gaps, research from GitLab shows.
By Samantha Schwartz • May 5, 2021 -
Getty Images
When bad actors target OT, risk is recalculated
Digital transformation is shrinking the gap between IT and OT, and organizations are called to factor diverse systems into risk calculations.
By Samantha Schwartz • May 4, 2021 -
Getty Images
XDR to succeed legacy technologies as emerging threats pressure security
Older SIEM and SOAR technologies are losing ground in a more sophisticated threat landscape, Forrester research shows.
By David Jones • May 3, 2021 -
CISOs call for holistic enterprise approach to third-party security risk
Companies need to consider operational resilience, and take a more focused approach in their evaluation processes.
By David Jones • April 21, 2021 -
Permission granted by Merck KGaA
Pfizer segmented IT/OT after a board-level security directive
The pharma company's IT and engineering organizations formed a combined security program in 2018, responsible for technology analysis and inventory.
By Samantha Schwartz • April 21, 2021 -
Getty Images
US companies plot return to office, raising questions on hybrid security
Remote workers are migrating to the corporate workspace, opening up a set of security challenges for CISOs.
By David Jones • April 19, 2021 -
How IT can support security in the event of a cyberattack
CIOs and CISOs operate as separate jobs leading different departments, but with work that overlaps. Who leads what in the event of an attack can become muddled.
By Jen A. Miller • April 13, 2021 -
How to support overworked, understaffed security operations
Strapped for resources, companies can either have their security practitioners wear too many hats, or outsource the responsibilities.
By Samantha Schwartz • April 12, 2021 -
Permission granted by Johnson & Johnson
Deep Dive4 tools to fight fraud, counterfeits and cyberattacks in the COVID-19 vaccine supply chain
Visibility technologies and real-time data provide one version of the truth in a rapidly built supply chain.
By Deborah Abrams Kaplan • April 7, 2021 -
Daphne Howland/Cybersecurity Dive
Why SMBs miss out on the white-glove cyber insurance advantage
Insurance companies spend less time with SMBs evaluating individual risk profiles, weakening a piece of the global cyber economy.
By Samantha Schwartz • April 5, 2021 -
Getty Images
Half of companies lack security to support cloud-based IAM: report
Almost all (98%) of IT executives report challenges with IAM sourced from the cloud, including lack of visibility and increased complexity.
By Katie Malone • April 1, 2021 -
Enterprises lag on firmware security spending in face of rising threat
IT security officials are often more worried about the difficulty of detecting malware threats, in part because firmware attacks are hard to catch, a Microsoft-commissioned report found.
By David Jones • April 1, 2021 -
How tools impact cyber insurance premiums
From the day insurers write a policy through its term expiration, there is too much volatility for insurance providers to adequately capture risk.
By Samantha Schwartz • March 31, 2021 -
Getty Images
Companies use cloud to make network security easier
With the cloud taking over hardware and infrastructure security responsibilities, customers are free to handle application and software security.
By Samantha Schwartz • March 29, 2021 -
Operational threat intelligence leans on facts, less anecdotal evidence
Digesting threat intelligence looks different in IT environments than OT.
By Samantha Schwartz • March 25, 2021 -
As cyber insurers quantify risk, security spending provides little info
Quantifying risk appetite, an assessment insurance premiums are based on, is an imperfect science for providers and customers.
By Samantha Schwartz • March 24, 2021 -
Spending on IAM, zero trust to rise as companies extend remote work
The shift to remote work placed more pressure on IT and security departments to secure corporate data without interrupting productivity.
By David Jones • March 23, 2021 -
Opinion
Prioritizing risk in M&A due diligence in the COVID-19 era, and beyond
Imagine acquiring a company with an infected network, and then connecting your company to that flawed network. That can introduce serious issues into a previously protected company.
By Ray Rothrock • March 22, 2021 -
Information sharing works, but a key obstacle awaits: reluctance
The private sector owns the majority of the attack surface. Brand-name IT and security companies have the ability, and a degree of responsibility, to contribute their expertise to national defense.
By Samantha Schwartz • March 18, 2021 -
Getty Images
Long-term SolarWinds consequencesSolarWinds rethinks software builds, weeds out code disparities
An attacker would have to compromise two different environments to achieve the same attack on the same code if a company has reproducibility.
By Samantha Schwartz • March 17, 2021 -
Cloud security a shared responsibility. Where's the confusion?
The cloud meant replacing on-premise risks with a new kind risk. Some companies are unsure how to translate those responsibilities into actions.
By Samantha Schwartz • March 15, 2021
Previous
