CrowdStrike soars on security tool consolidation demand

CEO George Kurtz said the company will consider potential acquisition targets as M&A discussions heat up across the industry.

By David Jones • Aug. 31, 2023

Mandiant blends Google Cloud, AI to automate threat hunting

Google Cloud is bringing Mandiant’s threat hunting intelligence to customers’ Chronicle environments and infusing Duet AI across its security portfolio.

By Matt Kapko • Aug. 29, 2023

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Cyber insurance providers increase scrutiny on enterprise risk, report finds

Policyholders face higher costs and additional exclusions, even as the market stabilizes, a study on behalf of Delinia found.

By David Jones • Aug. 29, 2023

Software industry urged to assume risk on open source security

The Open Source Security Foundation called on commercial and non-commercial organizations that use open source software components to adopt better security practices.

By David Jones • Aug. 25, 2023

Generative AI tips and warnings from 5 providers

Understanding model limitations and keeping humans in the loop is critical to productive adoption of AI, according to several software leaders.

By Lindsey Wilkinson • Aug. 25, 2023

Government investigation puts spotlight on password insecurity

A team working for the Department of Interior’s inspector general successfully cracked 1 in 5 active user passwords, a ratio that highlights traps in cybersecurity standards, Mike Kosask from LastPass writes.

By Michael Kosak • Aug. 24, 2023

For security to benefit from AI, companies need to shore up their data

CISOs need to address the structure, management and curation of data as they pursue benefits from generative AI, according to an IDC report.

By Matt Kapko • Aug. 24, 2023

Ransomware attack dwell times fall, pressuring companies to quickly respond

The median dwell time for ransomware attacks hit a new low of five days in the first half of the year, according to Sophos.

By Matt Kapko • Aug. 23, 2023

SentinelOne pursues potential sale amid slow growth, report says

The cybersecurity firm recently announced job cuts and is competing in a turbulent market in recent months.

By David Jones • Aug. 22, 2023

Zoom’s AI terms overhaul sets stage for broader data use scrutiny

The shift to adopt generative AI has created tension between SaaS vendors' data desires and enterprises' security concerns.

By Lindsey Wilkinson • Aug. 22, 2023

Palo Alto Networks posts strong Q4 amid consolidation, new SEC rules

Despite spooking analysts with an unusual late Friday earnings presentation, investors breathed easy as the company shared a positive outlook in its earnings report. 

By David Jones • Aug. 21, 2023

Cyber authorities have a plan to defend remote monitoring tools

Threat actors can turn one point of attack into many by targeting remote management services that lack security controls.

By Matt Kapko • Aug. 18, 2023

Palo Alto Networks closely watched ahead of late Friday Q4 report

The cybersecurity firm's unusually timed fiscal fourth-quarter earnings report comes amid turbulence in the sector.

By David Jones • Aug. 18, 2023

Suncor CEO says company mostly recovered from June cyberattack

The incident was serious and not worth repeating, President and CEO Rich Kruger said. "I’d rather have a root canal than go through one of these attacks again.”

By David Jones • Aug. 17, 2023

Security basics aren’t so basic — they’re hard

Lax security controls cause heavy damages, and security experts warn how unmet basics turn up, time and again, when things go wrong.

By Matt Kapko • Aug. 17, 2023

AWS customers’ most common security mistake

All too often organizations are not doing least-privilege work with identity systems, AWS’ Mark Ryland told Cybersecurity Dive.

By Matt Kapko • Aug. 16, 2023

How disjoined threat intelligence limits companies — and what to do about it

There’s no shortage of research on attackers, but for many CISOs, turning those insights into action is a difficult endeavor.

By Matt Kapko • Aug. 15, 2023

Why Walden thinks this national cybersecurity strategy will work

The acting national cyber director, armed with more talent at the federal level and an implementation plan, is striving for lasting impact.

By Matt Kapko • Aug. 11, 2023

White House wants input on open source security, memory-safe languages

Federal agencies put out a request for information Thursday, building on Biden administration priorities to help secure open source post-Log4j.

By David Jones • Aug. 11, 2023

3 best practices from the White House K-12 cybersecurity summit

School leaders must take prevention seriously and know who to call when an attack happens, government officials and educators said.

By Kara Arundel • Aug. 11, 2023

4 ways organizations can take back the advantage from attackers

By reorienting systems defense around resilience, “we become more like attackers, we become nimble, empirical, curious,” Kelly Shortridge said at Black Hat USA 2023. 

By Matt Kapko • Aug. 10, 2023

New York rolls out statewide cybersecurity strategy

The strategy follows previous steps to enhance local cybersecurity and protect critical infrastructure across the state.

By David Jones • Aug. 10, 2023

Rapid7 to cut 18% of workforce, shutter certain offices

The cybersecurity firm had been the subject of speculation about pursuing a possible sale.

By David Jones • Aug. 9, 2023

NIST releases draft overhaul of its core cybersecurity framework

It marks the first major update to federal risk guidance since 2014 and incorporates new issues, including supply chain security and threats to small business.

By David Jones • Aug. 9, 2023

The MOVEit spree is as bad as — or worse than — you think it is

The mass exploit has compromised more than 600 organizations, but that only scratches the surface of the potential number of downstream victims. Security experts project years of fallout.

By Matt Kapko • Aug. 9, 2023