AWS builds a lake for multivendor security data sharing

Security data is scattered and often stored in fragments from multiple sources. AWS wants to centralize that in a single data lake.

By Matt Kapko • Dec. 2, 2022

CrowdStrike CEO: SMB deals delayed as enterprises hold firm on cyber spend

Fears of a recession are impacting the cybersecurity investments of smaller organizations and enterprises in different ways, George Kurtz said.

By Matt Kapko • Dec. 1, 2022

Explore the Trendline➔

Risk Management

Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

By Cybersecurity Dive staff

Walmart security, operating at a vast scale, turns to automation

Security operations centers, part of Walmart Global Tech, process 6 trillion data points each year, a feat unattainable through manual methods. 

By Naomi Eide • Nov. 30, 2022

AWS CEO stresses the core elements of cloud security

Adam Selipsky described security as a prerequisite for organizations to trust cloud infrastructure. And for that, he claimed, AWS is the best in the game.

By Matt Kapko • Nov. 30, 2022

Where is AWS in the cybersecurity conversation?

The cloud leader doesn’t emphasize security and share information at the same level as its competitors. Experts say that's by design.

By Matt Kapko • Nov. 29, 2022

As companies tighten tech spend, demand for cybersecurity services grows

Managed service providers can help fill talent needs and tame costs, but that strategy may require additional risk mitigation.

By Suman Bhattacharyya • Nov. 28, 2022

Defense Department launches zero trust, phasing out perimeter defense strategy

Private sector partners say the rollout will raise the security bar to better protect the entire defense industry ecosystem.

By David Jones • Nov. 23, 2022

Growing Mastodon security community grapples with CISA impersonators

An infosec.exchange account impersonating CISA Director Jen Easterly was suspended by the Mastodon instance administrator Monday, as the security community searches for a Twitter alternative.

By Matt Kapko • Nov. 23, 2022

Security awareness training needs a revamp

Too often security training is seen as a negative experience and a time to reprimand those who make security gaffes. But old strategies aren’t working. It’s time for a redo. 

By Sue Poremba • Nov. 22, 2022

Tech sector execs see potential recession as a business opportunity

Technology company leaders are preparing for economic downturn by investing selectively in the workforce and new technologies, according to EY survey.

By Matt Ashare • Nov. 21, 2022

Where will the security community turn, if not Twitter?

A consistent stream of credibility hits could cause lasting damage for cybersecurity and those who flock there.

By Matt Kapko • Nov. 21, 2022

Palo Alto Networks reports strong fiscal Q1 as security needs outpace economic fears

The security firm also agreed to buy Cider Security, boosting its software supply chain security business.

By David Jones • Nov. 21, 2022

SMB cyber budgets under pressure amid slowing economy

The potential budget cuts during a period marked by market volatility could increase organizational risk.

By Matt Kapko • Nov. 17, 2022

Critical infrastructure providers ask CISA to place guardrails on reporting requirements

Top companies and industry groups fear incident reporting mandates would overwhelm CISA with noise. 

By David Jones • Nov. 16, 2022

Confidential computing critical for cloud security, Google and Intel say

Confidential computing aims to isolate and encrypt data in use. The technology is young, but it could deliver significant gains for cloud security.

By Matt Kapko • Nov. 15, 2022

K-12 schools lack resources, funding to combat ransomware threat

One-fifth of schools spend less than 1% of their IT budgets on security, a MS-ISAC report shows.

By David Jones • Nov. 14, 2022

5 security musts for industrial control systems

OT involves a collection of dedicated systems and physics, and that creates distinct security requirements, said Robert M. Lee, CEO and co-founder at Dragos.

By Matt Kapko • Nov. 10, 2022

Mondelē​​z settlement in NotPetya case renews concerns about cyber insurance coverage

The legal dispute between the snack giant and insurer Zurich American, which lasted four years, raises further questions about how insurers cover acts of cyber war.

By David Jones • Nov. 8, 2022

Face it, password policies and managers are not protecting users

Passwords haven’t worked as a solid security strategy in a long time. The policies are there, so why are passwords security’s weak spot?

By Sue Poremba • Nov. 7, 2022

How to implement an effective system to address third-party risk

Current processes for assessing and managing third-party cybersecurity risks are cumbersome and ineffective. CISOs must adopt new principles to address business exposure.

By Sam Olyaei • Nov. 7, 2022

CISA demystifies phishing-resistant MFA

The “gold standard” safeguard isn’t a one-size-fits-all or all-or-nothing endeavor. For most organizations, a phased approach works best.

By Matt Kapko • Nov. 4, 2022

NIST seeks water industry feedback on boosting cyber resilience

The Biden administration is turning its security attention to the water and wastewater treatment industry, which has become vulnerable to cyberattacks as facilities grow more digital.

By David Jones • Nov. 4, 2022

Industrial providers ramp up cyber risk posture as OT threats evolve

The majority of industrial organizations have increased OT security budgets and conducted security audits but aging technology and staffing woes persist, a new report found. 

By David Jones • Oct. 31, 2022

‘Point solutions just need to die’: The end of the one-trick security tool

The deconstruction of security products has foisted many avoidable challenges upon organizations and the industry at large.

By Matt Kapko • Oct. 31, 2022

Microsoft security business surges as cloud segment hit by slumping economy

Higher energy costs and the macro economic slowdown is impacting the company’s cloud segment, while it continues to grow its enterprise security business.

By David Jones • Oct. 26, 2022