Strategy
-
UK cyber chief warns country is at an inflection point as digital threats rise
In his first major speech, NCSC CEO Richard Horne said state linked and criminal threat groups are working to undermine the nation’s reliance on technology.
By David Jones • Dec. 3, 2024 -
When password rules change, who benefits?
As the National Institute of Standards and Technology rolls out updated password guidance, some experts want to make passwords a thing of the past.
By Sue Poremba • Dec. 2, 2024 -
Trendline
Risk Management
Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues.
By Cybersecurity Dive staff -
FBI, CISA warn of heightened risk of BEC attacks during holiday season
Authorities encouraged prompt reporting, which can help recover stolen payments.
By David Jones • Nov. 27, 2024 -
CrowdStrike avoids customer exodus after triggering global IT outage
The cybersecurity vendor reported $33.9 million in expenses related to the July 19 incident, which caused the company to swing to a loss.
By Matt Kapko • Nov. 27, 2024 -
As holiday season begins, US braces for looming risk of cyberattacks
Security teams are on the alert for nation-state threats and ransomware as millions of workers break for the Thanksgiving holiday weekend.
By David Jones • Nov. 26, 2024 -
Healthcare providers will need to boost cyber defenses amid AI adoption: Moody’s
AI could ease labor shortages, but health systems will need to increase cybersecurity spending to manage heightened risks, according to the credit ratings agency.
By Emily Olsen • Nov. 22, 2024 -
Microsoft unveils resiliency, security enhancements following July global IT outage
The updates are part of a larger effort at the company to overhaul its internal security culture.
By David Jones • Nov. 21, 2024 -
Palo Alto Networks boasts as customers coalesce on its platforms
The cybersecurity vendor said it ended its fiscal Q1 with 1,100 platformization deals and remains on pace to reach at least 2,500 such deals within five years.
By Matt Kapko • Nov. 21, 2024 -
Opinion
Security awareness and training is a method, not an outcome
In 2024, the idea of human risk management shifted from concept to reality as frustrated CISOs looked for solutions beyond security awareness and training to make real change.
By Jinan Budge • Nov. 20, 2024 -
Splunk accelerates Cisco’s security business as core networking sales decline
Security revenue doubled to $2 billion in Cisco’s recent quarter. Without Splunk’s contribution, its total revenue would have dropped 14%.
By Matt Kapko • Nov. 18, 2024 -
National cyber director calls for streamlined security regulations
Harry Coker Jr. assured critical infrastructure and private sector stakeholders that while standards are necessary, there is a need to harmonize burdensome compliance demands.
By David Jones • Nov. 14, 2024 -
Opinion
Who should be in the room when purchasing cyber insurance?
Cyber exposure should be treated just as seriously as a fire event, each with a high potential to disrupt business for extended periods of time, Peter Hedberg of Corvus Insurance writes.
By Peter Hedberg • Nov. 11, 2024 -
Sponsored by University of New Hampshire
Empowering the next generation of cyber leaders: Mentoring and talent development initiatives
With guidance and support from mentorship programs and talent development initiatives, employees can become better equipped for success.
Nov. 11, 2024 -
Tech executives reassess IT resilience in CrowdStrike outage aftermath
Nearly all organizations have known operational weaknesses that leave IT systems vulnerable to service interruptions, according to Cockroach Labs.
By Matt Ashare • Nov. 8, 2024 -
TSA proposes cyber risk management programs for surface transportation, pipeline operators
The proposed rule would also require the disclosure of cyber incidents to CISA and physical security concerns to TSA.
By David Jones • Nov. 7, 2024 -
Google Cloud to mandate MFA for all users in 2025
The policy change puts the three largest cloud providers — AWS, Microsoft Azure and Google Cloud — in position to have MFA mandates for some or all customers next year.
By Matt Kapko • Nov. 6, 2024 -
Cyberattacks hit 1 in 3 SMBs last year
Cyber woes for SMBs are exacerbated by a lack of resources to enact advanced security measures, Microsoft Security said in a report.
By Matt Kapko • Nov. 5, 2024 -
AI increases fraud risk, fintechs say
Financial firms monitor for fraud by looking for unusual activity, but an artificial intelligence model can be trained to transact like a real person.
By Patrick Cooley • Nov. 5, 2024 -
USDA, White House launch study to boost cyber resilience of rural water utilities
A yearlong program with the National Rural Water Association will provide technical assistance to water utilities led by Vermont and Oregon officials.
By David Jones • Nov. 4, 2024 -
Enterprise executives cite AI-assisted attacks as top emerging risk, Gartner finds
The analyst firm’s survey underscores growing concern about potential, yet unrealized, scenarios involving AI’s potential role in attacks.
By Matt Kapko • Nov. 4, 2024 -
Executives worry over aging IT systems
Despite ongoing modernization efforts, tech debt is still hindering mission-critical infrastructure, according to Kyndryl.
By Matt Ashare • Nov. 1, 2024 -
As presidential election looms, disparate approaches to cyber policy come into focus
Government officials and security leaders are hoping the nation’s need for cyber resilience will stand on bipartisan cooperation and transcend partisan politics regardless of the election results.
By David Jones • Oct. 31, 2024 -
CISA rolls out international strategic plan to bolster cyber cooperation
The agency is looking to strengthen intel sharing with key cyber partners, raise security standards and ensure a more resilient global supply chain.
By David Jones • Oct. 30, 2024 -
Delta, CrowdStrike file dueling lawsuits as squabble continues
The airline seeks to recover damages of more than $500 million in the aftermath of a disruptive IT outage in July. The software provider is looking to hold its liability to the terms of its service agreement.
By Roberto Torres • Oct. 28, 2024 -
Microsoft CEO asked board to cut pay in connection with security overhaul
Yet, Satya Nadella's fiscal 2024 compensation far exceeded 2023 thanks to Microsoft's strong market performance.
By David Jones • Oct. 25, 2024