Help wanted for 3.4M jobs: Cyber workforce shortage is an acute, worldwide problem

Research from (ICS)2 shows an ongoing skills gap in the information security space is under greater pressure than before.

By David Jones • Oct. 24, 2022

4 security predictions from Google’s cyber leaders

The hopeful forecasts aren’t exclusive to Google’s cybersecurity experts. Many believe the industry is poised to deliver on its mission with greater efficiency and effect.

By Matt Kapko • Oct. 21, 2022

Explore the Trendline➔

Risk Management

Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

By Cybersecurity Dive staff

4 ways Target dynamically tracks the most alarming threats

The retailer’s threat analysts identify stakeholders and map adversaries’ intents and capabilities. The company notes it’s also important to not treat all threats equally.

By Matt Kapko • Oct. 20, 2022

Uber ex-CSO verdict raises thorny issues of cyber governance and transparency

The former chief security officer of the ride-sharing firm is seen by many as a scapegoat for an unsupervised and unaccountable corporate culture.

By David Jones • Oct. 19, 2022

Cybersecurity spending on pace to surpass $260B by 2026

Gartner pinned annual double-digit growth on three transitionary megatrends: remote work, zero trust network access, and the cloud.

By Matt Kapko • Oct. 18, 2022

Mandiant CEO pledges to automate threat intel under Google

Google’s chops in artificial intelligence, cloud computing and analytics play a central role in Mandiant’s emboldened vision.

By Matt Kapko • Oct. 17, 2022

As cybersecurity threats rage, colleges invest in risk prevention and pay higher insurance premiums

Cyber insurance policy renewal price increases are typically between 40% and 60%, with some increases hitting the triple digits, S&P said.

By Rick Seltzer • Oct. 14, 2022

4 tips to protect IT employees from phishing attacks

No one is perfect, and that includes your IT professionals. Here's what security experts say could help mitigate human error.

By Lindsey Wilkinson • Oct. 14, 2022

Signs of stability emerge in turbulent cyber insurance market

Rates continue to soar, but Marsh research shows the pace of increases is slowing. 

By Naomi Eide • Oct. 13, 2022

Microsoft’s CISO on why cloud matters for security response

Cloud can give companies insight into current and future threats as the landscape grows more complex, said Bret Arsenault.

By Roberto Torres • Oct. 12, 2022

Mandiant propels Google Cloud’s security prospects

With Mandiant officially under his wing, Google Cloud CISO Phil Venables expects the incident responders to help Google become a proactive force.

By Matt Kapko • Oct. 11, 2022

What is phishing-resistant multifactor authentication? It’s complicated.

Physical keys with cryptographic protocols can deliver higher levels of assurance, but organizations shouldn’t conflate resistance with infallibility.

By Matt Kapko • Oct. 10, 2022

CISOs, corporate boards in wide disagreement on cyber resilience

A study backed by researchers from MIT shows corporate boards are more focused on cyber risk, but are out of alignment with CISOs on key issues. 

By David Jones • Oct. 10, 2022

Cybersecurity needs a statewide approach, report finds

Research from Deloitte and state CIOs shows cities often hesitate to work with states on cybersecurity to protect their autonomy, but local government cyber grants could change that. 

By Michael Brady • Oct. 10, 2022

Multifactor authentication is not all it’s cracked up to be

Text message and email-based authentication aren’t just the weakest variants of MFA. Cybersecurity professionals say they are broken.

By Matt Kapko • Oct. 5, 2022

Why user experience is essential to identity protection

Organizations must strike a delicate balance between maximizing end-user protection and minimizing the security-related obstacles.

By Kapil Raina • Oct. 5, 2022

Security to take an outsized role in IT spending in 2023

“If you look across all of these categories, security is a line item in all of them,” Spiceworks Ziff Davis’ Peter Tsai said.

By Matt Ashare • Oct. 4, 2022

C-suite, boards are prioritizing cybersecurity, but still expect increased threats

Senior executives around the world are taking risk management more seriously, PwC research found, but many are still concerned about business resilience.

By David Jones • Sept. 30, 2022

Google Cloud research links CI/CD to security prowess

The benefits of automated processes for application development extend beyond organizational performance and have a positive impact on security.

By Matt Kapko • Sept. 29, 2022

Most organizations had a cloud-related security incident in the past year

Security leaders consider the risk of cloud-based incidents higher than on-premises incidents, yet they expect to move more applications to the cloud. 

By David Jones • Sept. 28, 2022

Cyber paradox: Security looms as obstacle and opportunity in cloud migration

Data protection and compliance solutions are easing cloud adoption even as cyber concerns persist.

By Matt Ashare • Sept. 27, 2022

How common telecom cyber risks snowball in cloud, open source

Public cloud plays a central role in the modernization of wireless networks. But more open source software, vendors and vulnerabilities could spell trouble.

By Matt Kapko • Sept. 23, 2022

Organizations rapidly shift tactics to secure the software supply chain

Synopsys’ 13th annual BSIMM study shows rapid increases in automation and use of SBOMs among software producers and other organizations.

By David Jones • Sept. 22, 2022

The tools and strategies schools need for ransomware defense

CISOs empathize with the unenviable position schools are in as they confront ransomware. The right capabilities could make a big difference.

By Matt Kapko • Sept. 22, 2022

‘Shift-left’ software strategy challenged by security and compliance

Developer burnout and supply chain concerns mount as companies push to begin software testing early in the development process.

By Matt Ashare • Sept. 22, 2022