White House releases cyber budget priorities for fiscal year 2025

Federal agencies are advised to demonstrate how their spending aligns with the national cybersecurity strategy.

By Matt Kapko • June 29, 2023

What to do after a data breach

Long before a data breach, well-prepared companies set up incident response teams with workers from multiple departments.

By Sue Poremba • June 29, 2023

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Rubrik, Microsoft partner to leverage generative AI for faster incident response

The collaboration will integrate Rubrik Security Cloud with Microsoft Sentinel and Azure OpenAI Service.

By David Jones • June 28, 2023

State and local governments grapple to mitigate cyber risks

Municipalities are being pushed to step up investments amid high insurance premiums and strict demands on risk prevention.

By David Jones • June 27, 2023

How are states supporting K-12 cybersecurity amid growing threats?

As state efforts slowly ramp up to help struggling districts, they alone can’t completely remedy cybersecurity risks, one ed tech expert said.

By Anna Merod • June 23, 2023

Cyber CEOs are all-in on generative AI

Generative AI and LLMs are gaining attention in the security industry but not everyone is convinced the technologies will deliver the benefits promised.

By Matt Kapko • June 21, 2023

LastPass CEO reflects on lessons learned, regrets and moving forward from a cyberattack

Karim Toubba is ready to talk nearly a year after LastPass suffered a cyberattack that became one of the biggest security blunders of 2022.

By Matt Kapko • June 13, 2023

Cyber insurance market is stabilizing as growth remains certain, Moody’s says

Escalating price increases have moderated as the business has become profitable. Insurance firms are placing tight controls regarding cyber hygiene practices.

By David Jones • June 8, 2023

Dragos to slash 9% of workforce, trim other costs amid sales slowdown

The industrial cybersecurity specialist cited is reporting a longer sales cycle and is fighting to maintain long term independence.

By David Jones • June 8, 2023

Existing security policy for critical infrastructure needs major overhaul, commission says

The Cyberspace Solarium Commission 2.0 says the federal relationship with the private sector is based on outdated policy.

By David Jones • June 7, 2023

When adopting security tools, less is more, Gartner says

Security professionals say they want to consolidate vendors but, in actuality, Gartner fields far more calls about new technologies than reducing the cyber tech stack. 

By Naomi Eide • June 6, 2023

CrowdStrike adds threat data to generative AI push

The security vendor plans to use different LLMs for specific purposes. It may also build some of its own, CEO George Kurtz said.

By Matt Kapko • June 1, 2023

CISOs still expect cyber budget increases amid economic pressure

A study from Nuspire shows CISOs continue to focus on maximizing value as they seek more efficient and simplified security posture.

By David Jones • June 1, 2023

Only one-third of school districts have a full-time employee dedicated to cybersecurity

For the last six years, cybersecurity has continued to be a top concern for ed tech leaders, according to a survey by the Consortium for School Networking.

By Anna Merod • June 1, 2023

Palo Alto Networks teases plans for generative AI across security services

The security vendor is taking a restrained approach to deploying generative AI products, but the company’s leaders still believe the technology will herald a major shift for cybersecurity.

By Matt Kapko • May 31, 2023

PyPI to mandate 2FA by the end of 2023

The mandate is part of a larger effort to prevent account takeover attacks.

By David Jones • May 30, 2023

Why cyber is also a CIO problem

When an incursion occurs, IT teams need to have a recovery plan and backup systems ready for deployment.

By Matt Ashare • May 25, 2023

CISA updates ransomware guide 3 years after its debut

The #StopRansomware guide, updated in partnership with the FBI, NSA and MS-ISAC, reflects aggressive new techniques used by threat actors, including double extortion.

By David Jones • May 24, 2023

BEC attacks rise as criminal hackers employ new tactics to evade detection

Threat actors are using cybercrime as a service to grow industrial strength campaigns and leveraging residential IP addresses.

By David Jones • May 23, 2023

IT security budgets are shifting as companies target risk reduction

Organizations are designing their security spending around keeping the business secure and operations running smoothly.

By Sue Poremba • May 22, 2023

Critical infrastructure security spending to grow 83% by 2027: ABI Research

Analysts forecast cybersecurity spending among critical infrastructure organizations to grow from an estimated $129 billion in 2022 to almost $236 billion by 2027.

By Matt Kapko • May 19, 2023

Cyber resilience programs falling short on preparing workers for a crisis

The report from Immersive Labs raises questions about whether corporate employees would know how to respond after a major cyberattack.

By David Jones • May 18, 2023

Why and how to report a ransomware attack

The majority of ransomware attacks go unreported, creating a blind spot that hampers response, recovery efforts and the prevention of future attacks.

By Matt Kapko • May 18, 2023

Flood of ransom payments continues as officials mull ban

The revived debate over the viability of a ransom payment ban comes down to the cost ransomware is causing organizations globally.

By Matt Kapko • May 11, 2023

CISA director wary of technology industry repeating its mistakes with AI

The multibillion-dollar cybersecurity industry is the result of misaligned incentives, where speed-to-market outranked security, Jen Easterly said. 

By Naomi Eide • May 11, 2023