Security

1 in 4 security teams report to CIOs, but would benefit from CISO leadership: survey

Companies get more buy-in for risk assessments and alignment with business goals when cybersecurity reporting centers on the CISO, ISACA found.

By Samantha Schwartz • July 27, 2021

Engineers need cybersecurity training, too

Companies will undergo a shift in cyber culture, eventually combining the data engineers and network security professionals use to search for vulnerabilities.

By Samantha Schwartz • July 22, 2021

In modernization, security is a barrier and an incentive

Performance issues, training users on new systems and bandwidth costs represent hurdles to cloud transformation, according to an IBM survey.

By Katie Malone • July 21, 2021

IT defenses fail to prevent ransomware attacks: report

While 54% of organizations conduct anti-phishing training, 24% of ransomware attacks used phishing as the point of entry, a Cloudian survey found.

By Katie Malone • July 20, 2021

Want to quickly recover from ransomware? Plan ahead

Security teams need to understand how the business will work when an attacker limits access to its systems.

By Katie Malone • July 15, 2021

Kaseya: What's known (and unknown) about the ransomware attack

The historic ransomware attack against the remote-monitoring provider leaves a number of outstanding questions. 

By David Jones • July 12, 2021

Kaseya wrestles with service restoration following supply chain attack

The company is working with federal officials to recover from a ransomware attack that Kaseya said impacted up to 1,500 downstream customers.

By David Jones • July 06, 2021

Cost of ransomware: CISO exits, staff layoffs and unaccounted losses

Two-thirds of organizations incurred significant disruptions due to ransomware, a Cybereason survey found.

By Samantha Schwartz • June 21, 2021

CISOs, CIOs see heightened mobile security threat amid shift to hybrid

Mobile devices are difficult to secure because of a combination of untrusted personal apps and data stored on the same device, one security expert said.

By David Jones • June 16, 2021

Opinion

Rethinking the perimeter: How to bring confidential data workloads to the public cloud

Despite its porous nature and generally reactive stance to threats, a network perimeter still deflects the vast majority of attacks.

By Dan Petrozzo • June 14, 2021

Bad actors hide in everyday IT tools, complicating detection

Security tools automatically block certain threats, yet there's often a larger intrusion detection teams and services need to weed out.

By Samantha Schwartz • June 10, 2021

What to consider before paying a ransom

Amid rampant attacks, businesses have a choice: pay or suffer.

By Samantha Schwartz • June 07, 2021

Compromised cloud costs companies $6.2M annually, study finds

Attackers heavily target Microsoft 365 and Google Workspace accounts using brute force or phishing attacks, according to Ponemon Institute research.

By David Jones • May 27, 2021

Ransomware seen as top cyberthreat as extortion demands, payouts soar

Intelligence experts are warning of future ransomware risks as U.S. relations with nation-state cyber adversaries hit rock bottom. Complicating the threat, attackers are using shame as a tool. 

By David Jones • May 24, 2021

Opinion

Securing data in a hybrid work world

Companies must be vigilant and agile to mitigate data-based risk in a fast-paced, global business environment that is constantly changing.

By Sundhar Rajan • May 21, 2021

Sponsored by Cloudreach

Balance precision and speed for a smart cloud migration

When it comes to planning cloud migration, precision equals performance. Having said that, migration momentum must always be top of mind. So how do you balance the two?

Colonial Pipeline disconnects OT systems to silo ransomware IT threat

Industrial environments operate on infrastructure that frequently maintains hard-to-patch — and sometimes obsolete — technology.

By David Jones • May 12, 2021

Critical infrastructure flaws surface after years of underinvestment, inaction

The Colonial Pipeline ransomware attack shows how providers — particularly in the energy sector — knew the warning signs but were slow to respond.

By David Jones • May 11, 2021

How IT can support security in the event of a cyberattack

CIOs and CISOs operate as separate jobs leading different departments, but with work that overlaps. Who leads what in the event of an attack can become muddled. 

By Jen A. Miller • April 08, 2021

VPN security falls short as demand increases for remote workforce at scale

Despite repeated warnings, enterprise customers have fallen behind on patching and upgrades as internal productivity needs take priority. 

By David Jones • April 07, 2021

Half of companies lack security to support cloud-based IAM: report

Almost all (98%) of IT executives report challenges with IAM sourced from the cloud, including lack of visibility and increased complexity.

By Katie Malone • March 30, 2021

Sponsored by LiveRamp

A framework for evaluating privacy-preserving data infrastructure for collaboration

Businesses are increasingly exploring and launching collaborations with internal and external partners. A key opportunity for CIOs is to facilitate data collaboration in a way that preserves privacy at scale.

By David Gilmore, Head of Privacy Technology Solutions, LiveRamp • March 22, 2021

How to build security into cloud after a hasty adoption

While application adoption may have clouded visibility into the infrastructure, organizations reinstating clarity can build stronger security postures.

By Katie Malone • March 18, 2021

Post-SolarWinds, IT departments increase vendor scrutiny

It's still too soon to know the hack's full impact on IT, but so far, security experts report changing relationships with third-party vendors.

By Katie Malone • March 12, 2021

Enterprises scramble to secure Microsoft Exchange as cybercriminals rush in

Researchers fear, more than two months after the threat was discovered, criminal hackers have had plenty of time to loot data or plant undetected seeds of compromise.

By David Jones • March 10, 2021