Security awareness training needs a revamp

Too often security training is seen as a negative experience and a time to reprimand those who make security gaffes. But old strategies aren’t working. It’s time for a redo. 

By Sue Poremba • Nov. 22, 2022

McDonald’s to launch cybersecurity apprenticeship program

The restaurant chain's initiative is among nearly 200 registered apprenticeships programs approved or under development as part of the White House's Cybersecurity Apprenticeship Sprint.

By Lindsey Wilkinson • Nov. 16, 2022

CISA’s K-12 cyber education program goes nationwide

Cyber.org Range will introduce students to cybersecurity concepts and prepare them for intermediate-level jobs in a severely understaffed industry.

By Matt Kapko • Nov. 9, 2022

How one Regis graduate earned his master’s degree — and got his life back on track

Phillip Coffman persevered through mental health issues and homelessness, then worked to get his life back on track with graduate school. He discovered Regis University, and built himself back up with a master’s in cybersecurity.

Nov. 7, 2022

CommonSpirit taps new CIO with military background after cyberattack

NewYork-Presbyterian’s Daniel Barchi will take the new position starting Monday, just one month after the hospital chain suffered a high-profile ransomware attack. 

By Samantha Liss • Nov. 2, 2022

Microsoft security business surges as cloud segment hit by slumping economy

Higher energy costs and the macro economic slowdown is impacting the company’s cloud segment, while it continues to grow its enterprise security business.

By David Jones • Oct. 26, 2022

Becoming a CISO: Tips on how to approach the first few months on the job

Start with building a team and identifying key stakeholders. Then, once your team is together, toss out everything you planned to do.

By Sue Poremba • Oct. 24, 2022

How an Ohio district is cracking the code on cybersecurity training

In Lakota Local Schools, a high school cybersecurity program gives students the opportunity to graduate into college programs and good-paying jobs.

By Lauren Barack • Oct. 21, 2022

Cyber defense is not IT’s job alone, CISA CTO says

While tech executives must provide critical tools and procedures to lower cyber risk, the whole organization is responsible for fending off attackers.

By Roberto Torres • Oct. 19, 2022

Uber ex-CSO verdict raises thorny issues of cyber governance and transparency

The former chief security officer of the ride-sharing firm is seen by many as a scapegoat for an unsupervised and unaccountable corporate culture.

By David Jones • Oct. 19, 2022

Struggling to find cyber pros? Look to your network admins

Network knowledge and skills are central to cyber. Certification programs provide a direct route from systems to security.

By Matt Ashare • Oct. 18, 2022

Tenable’s CIO pushes resource optimization as company pursues $1B in revenue

Technology veteran Patricia Grant is joining the cybersecurity company amid sustained industry growth. Her challenge now is to help Tenable scale.

By Lindsey Wilkinson • Oct. 13, 2022

CISOs, corporate boards in wide disagreement on cyber resilience

A study backed by researchers from MIT shows corporate boards are more focused on cyber risk, but are out of alignment with CISOs on key issues. 

By David Jones • Oct. 10, 2022

Incident responders report alarming rates of mental strain

Ransomware, long work days and responsibilities stretched across multiple overlapping incidents all contribute to stress, according to an IBM Security study.

By Matt Kapko • Oct. 7, 2022

The modern CISO: Today’s top cybersecurity concerns and what comes next

CISOs are up against talent shortages and retention concerns amid an increasingly sophisticated threat landscape.

By Sue Poremba • Sept. 7, 2022

Succession planning takes center stage in the fight to retain security talent

To reduce attrition, security and tech leaders must provide a clear path for advancement, not just for managers but for all members of the team.

By Jess Burn • Aug. 24, 2022

Risk of cyberattack emerges as top concern of US executives

A PwC study shows cyber risk is a top concern among entire C-suite and corporate boards as companies are spending additional funds to boost resilience.

By David Jones • Aug. 19, 2022

Google Cloud’s CISO is a short-term cyber pessimist, but a long-term optimist

Respite from seemingly omnipresent threats is hard to come by, but Phil Venables takes comfort in wins, not losses.

By Matt Kapko • Aug. 18, 2022

CISO salaries balloon, likely spurred by demand

Tenure matters, but not as you might suspect. Median total cash compensation dropped for CISOs in their roles at least five years, Heidrick & Struggles found. 

By Naomi Eide • Aug. 16, 2022

US falters while ‘cybercriminals have been eating our lunch,’ ex-CISA chief Krebs says

A dizzying array of agencies and disorganized efforts bolsters Chris Krebs’ call for a cybersecurity governance overhaul.

By Matt Kapko • Aug. 12, 2022

US must take a lead role in cyber diplomacy, State Dept. nominee says

Nathaniel Fick told lawmakers the U.S. should promote international cyber norms to protect national security from authoritarian threats. 

By David Jones • Aug. 4, 2022

Tips for translating cyber risk into board-friendly language

Just because boards are more aware of the rise in cyberattacks does not mean they understand how digital technology and cybersecurity translate into business risk.

By Lucia Milică • Aug. 1, 2022

Relentless vulnerabilities and patches induce cybersecurity burnout

Cybersecurity professionals are confronting a chronic vulnerability-patch cycle and the situation is getting worse.

By Matt Kapko • July 26, 2022

Where 5 programs are investing to close cyber skills gap

In line with a White House push to close the cyber skills gap, technology firms, nonprofits and other organizations have launched a range of programs to develop a new generation of workers.

By David Jones • July 21, 2022

As cyber talent demand heats up, hiring managers should shift expectations

Companies trying to fill cybersecurity roles need to stop looking for unicorns and expand their search to qualified, but often overlooked, job candidates.  

By Brian Eastwood • July 12, 2022