Strategy: Page 28
-
How to support overworked, understaffed security operations
Strapped for resources, companies can either have their security practitioners wear too many hats, or outsource the responsibilities.
By Samantha Schwartz • April 12, 2021 -
Permission granted by Johnson & Johnson
Deep Dive4 tools to fight fraud, counterfeits and cyberattacks in the COVID-19 vaccine supply chain
Visibility technologies and real-time data provide one version of the truth in a rapidly built supply chain.
By Deborah Abrams Kaplan • April 7, 2021 -
Explore the Trendlineā
.shock via Getty Images
TrendlineRisk Management
Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues.
By Cybersecurity Dive staff -
Daphne Howland/Cybersecurity Dive
Why SMBs miss out on the white-glove cyber insurance advantage
Insurance companies spend less time with SMBs evaluating individual risk profiles, weakening a piece of the global cyber economy.
By Samantha Schwartz • April 5, 2021 -
Traitov/iStock/Getty via Getty Images
Half of companies lack security to support cloud-based IAM: report
Almost all (98%) of IT executives report challenges with IAM sourced from the cloud, including lack of visibility and increased complexity.
By Katie Malone • April 1, 2021 -
Enterprises lag on firmware security spending in face of rising threat
IT security officials are often more worried about the difficulty of detecting malware threats, in part because firmware attacks are hard to catch, a Microsoft-commissioned report found.
By David Jones • April 1, 2021 -
How tools impact cyber insurance premiums
From the day insurers write a policy through its term expiration, there is too much volatility for insurance providers to adequately capture risk.
By Samantha Schwartz • March 31, 2021 -
Traitov/iStock/Getty via Getty Images
Companies use cloud to make network security easier
With the cloud taking over hardware and infrastructure security responsibilities, customers are free to handle application and software security.
By Samantha Schwartz • March 29, 2021 -
Operational threat intelligence leans on facts, less anecdotal evidence
Digesting threat intelligence looks different in IT environments than OT.
By Samantha Schwartz • March 25, 2021 -
As cyber insurers quantify risk, security spending provides little info
Quantifying risk appetite, an assessment insurance premiums are based on, is an imperfect science for providers and customers.
By Samantha Schwartz • March 24, 2021 -
Getty Images
Spending on IAM, zero trust to rise as companies extend remote work
The shift to remote work placed more pressure on IT and security departments to secure corporate data without interrupting productivity.
By David Jones • March 23, 2021 -
OpinionPrioritizing risk in M&A due diligence in the COVID-19 era, and beyond
Imagine acquiring a company with an infected network, and then connecting your company to that flawed network. That can introduce serious issues into a previously protected company.
By Ray Rothrock • March 22, 2021 -
Information sharing works, but a key obstacle awaits: reluctance
The private sector owns the majority of the attack surface. Brand-name IT and security companies have the ability, and a degree of responsibility, to contribute their expertise to national defense.
By Samantha Schwartz • March 18, 2021 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images
Long-term SolarWinds consequencesSolarWinds rethinks software builds, weeds out code disparities
An attacker would have to compromise two different environments to achieve the same attack on the same code if a company has reproducibility.
By Samantha Schwartz • March 17, 2021 -
Getty Images
Cloud security a shared responsibility. Where's the confusion?
The cloud meant replacing on-premise risks with a new kind risk. Some companies are unsure how to translate those responsibilities into actions.
By Samantha Schwartz • March 15, 2021 -
Thai Phi Le/Cybersecurity Dive
Federal $1.9 trillion relief bill clears path for more security, modernization funds
The appropriations in the law come as the federal government and private industry respond to two major hacks: SolarWinds and Microsoft Exchange.
By Samantha Schwartz • Updated March 11, 2021 -
White House prioritizes software security, assesses OT
"If you can't see a network quickly, you certainly don't have a prayer defending a network," said Deputy National Security Advisor Anne Neuberger.
By Samantha Schwartz • March 8, 2021 -
What OT security experts want from their IT counterparts
While IT and OT have been converging for more than a decade, the culture of cybersecurity is stuck in a silo, limiting the abilities of OT security practitioners.
By Samantha Schwartz • March 5, 2021 -
4 questions to ask after discovering a cyberattack
Identifying signs of an ongoing attack or backdoor deployment is nearly impossible for digital laggards.
By Samantha Schwartz • March 4, 2021 -
What makes ransomware a constant enterprise pain point
Threat groups mimic and manipulate the tactics, techniques and procedures of other groups, making ransomware attacks more difficult to prevent.
By Samantha Schwartz • March 3, 2021 -
Getty Images
Legacy tech, privacy and security issues bog down healthcare innovation
The pandemic drove hospitals and healthcare facilities to further rely on connected devices, increasing the potential for vulnerabilities in the process.
By Roberto Torres • Feb. 26, 2021 -
Businesses boost cyber budgets to improve confidence in security solutions: report
Security leaders had the least confidence in security roadmaps, security-related technology, and internal teams and skill sets, according to an Insight survey.
By Katie Malone • Feb. 25, 2021 -
Courtesy of Target
How Target bridges communication gaps between threat intel analysis, detection teams
The WAVE matrix, a tool the retailer built in-house, is transferable to smaller teams with employees covering multiple security domains.
By Samantha Schwartz • Feb. 25, 2021 -
Getty Images
Apple faces malware threats as it makes an enterprise push
Apple made recent inroads with corporate customers and is detailing extensive security upgrades as a way of attracting the enterprise. Through it all, new techniques test the company's defenses.
By David Jones • Feb. 23, 2021 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images
Long-term SolarWinds consequences
SolarWinds attack poses long-term threat of disruption, White House says
The SolarWinds hack compromised at least nine federal agencies and 100 private sector companies, said Deputy National Security Advisor Anne Neuberger in a briefing Wednesday.
By Samantha Schwartz • Feb. 18, 2021 -
Photo by Josh Appel on Unsplash
Are businesses underinvesting in cybersecurity?
The issue isn't how large of a cybersecurity investment an organization makes, but rather, if it is spending funds properly.
By Sue Poremba • Feb. 16, 2021
Previous
