An article from

Security

Flickr user openDemocracy

How global companies factor their supply chain into data protection, privacy

International Paper purposefully duplicates technologies to comply with international laws, from one vendor to another.
By Samantha Ann Schwartz • Sept. 25, 2020
Shopify

'Rogue' employees caused Shopify's data breach. What makes an insider a threat?

Coinciding crises are contributing to "a perfect storm for malicious insiders," Forrester's Joseph Blankenship says.
By Samantha Ann Schwartz • Sept. 24, 2020
Unsplash

How to negotiate software costs as IT budgets are slashed

If vendors can't provide a degree of flexibility, abandon the deal, according to Paul McKay, senior analyst at Forrester.
By Samantha Ann Schwartz • Sept. 23, 2020
Kevin Ku for Unsplash

6 types of CISO and the companies they thrive in

Jeff Pollard, VP and principal analyst at Forrester, wants CISOs to discover the type of leader they are — transformational, tactical, steady — and run with it.
By Samantha Ann Schwartz • Sept. 22, 2020
Fotolia

How cloud threat protection takes on shadow IT

Cloud access security broker capabilities — discovery, data loss prevention, threat protection, encryption, logging — should sit between every kind of app a company houses.
By Samantha Ann Schwartz • Sept. 21, 2020
CC0 Public Domain Free for commercial use No attribution required Pixabay

What security needs to know before diving into SaaS contracts

If employees don't engage with security red flags, the agreement fails to address the underlying issue: an application outside of a company's risk appetite.
By Samantha Ann Schwartz • Sept. 18, 2020
Data doesn't speak for itself: 4 benefits of giving security metrics context

When presenting security metrics and data to non-technical stakeholders, security leaders' messaging could get lost in translation.
By Samantha Ann Schwartz • Sept. 17, 2020
Pexels

Security pushes DevOps to breaking point

The future of DevOps is "going to break application security," said Dale Gardner, research director at Gartner.
By Samantha Ann Schwartz • Sept. 16, 2020
Rangel, David. [photograph]. Retrieved from https://unsplash.com/photos/4m7gmLNr3M0.

Gartner: 10 key security projects through 2021

As companies adapt to changes in March and what's anticipated for the next 12 months, Brian Reed, senior director analyst at Gartner, wants the focus on projects, not programs.
By Samantha Ann Schwartz • Sept. 15, 2020
Wikimedia Commons

How a government security framework reduces third-party risks

The DOD says its contractor network includes upwards of 300,000 companies, and conducting an audit of all of them couldn't be done. This logjam helped create the Cybersecurity Maturity Model Certification Accreditation Body.
By Samantha Ann Schwartz • Sept. 14, 2020
Wikimedia Commons

Targeted cyberattacks on telehealth vendors skyrocketed along with adoption, report finds

Telehealth vendor security alerts jumped 30% during COVID-19 compared to pre-pandemic levels, analysis from SecurityScorecard and DarkOwl found.
By Rebecca Pifer • Sept. 11, 2020
Marcos Mayer for Unsplash

Zero trust is widely praised. What's the adoption hangup?

The framework has a steep learning curve and requires modern technology, a Deloitte expert said.
By Samantha Ann Schwartz • Sept. 10, 2020
Kendall Davis / Supply Chain Dive

From VPNs to zero trust, coronavirus shaped security priorities

While there are differences in security priorities pre-pandemic, a lot of hurdles were related to scale.
By Samantha Ann Schwartz • Sept. 09, 2020
Getty Images

How last week's outages, DDoS attacks impacted internet infrastructure

The outages highlight two areas of concern: cyberattacks in the age of COVID-19 and the internet's longstanding fragility.
By Samantha Ann Schwartz • UPDATED: Sept. 9, 2020 at 11:17 a.m.
Retrieved from Pixabay.

Cloud shared responsibility models are misunderstood, report says

Any disconnect between where a CSP's security services end and the customer's security responsibilities pick up is a recipe for disaster.
By Samantha Ann Schwartz • Sept. 03, 2020
alvarez via Getty Images

Sponsored by Bridgecrew
Comprehensive DevSecOps includes securing cloud infrastructure

Teams often overlook emerging security risks. Fortunately, new tools can help find and proactively mitigate those risks before they lead to data breaches.
Kendall, Industry Dive

Top network services companies leave exposed to the internet

Gaps in security programs, including a lack of personnel, expertise or resources, amplify the risk of an unsafe service going undetected.
By Samantha Ann Schwartz • Sept. 02, 2020
Adobe Stock

Ransomware attacks 'raising the bar' as cities struggle to respond

A former FBI special agent in New York walked through a typical ransomware attack with a series of redacted screenshots, as well as the report.
By Chris Teale • Aug. 31, 2020
CIO Dive

First half of 2020 led to nearly 800 disclosed vulnerabilities: report

Microsoft's Patch Tuesday increased to an average of 102.7 fixes a month since January, according to a report from Trend Micro.
By Samantha Ann Schwartz • Aug. 28, 2020
Helloquence for Unsplash

Risk leaders prepare for technology challenges of reentry

As new conditions unravel, integrating risk management will make sure the processes developed in lockdown are as sustainable as the country emerges from COVID-19.
By Samantha Ann Schwartz • Aug. 27, 2020
Flickr / Roderick Eime

Understanding Carnival's ransomware attack, hitting two different data types

Last week the cruise line disclosed a ransomware attack that impacted employee and customer data. The security divisions can get murky.
By Samantha Ann Schwartz • Aug. 26, 2020
Pexels

Sink or swim: Companies adopt tech in effort to stay afloat during pandemic, recession

While new technologies alleviate the burden of rapid adaptation to customer demand, risk is a constant factor.
By Samantha Ann Schwartz • Aug. 25, 2020
Photo by Christina @ wocintechchat.com on Unsplash

Deloitte: Companies turn to cybersecurity, cloud in pandemic response

Executives care about agility and sustaining operations through disruption. Cloud acts as a backbone, while cybersecurity is a fence.
By Roberto Torres • Aug. 24, 2020
Nheyob via Wikimedia Commons

Coronavirus tests Ohio State, Stanford CISOs as fall semester begins

CISOs lost visibility when students and staff went home. Since then, they've gained capacity to react faster to security challenges.
By Samantha Ann Schwartz • Aug. 21, 2020
Flickr / Roderick Eime

Carnival hit by ransomware, employee and customer data at risk

If the attack is concluded as negligent and a result of insufficient security protocols, the company could face privacy-related fines from employees and customers.
By Samantha Ann Schwartz • Aug. 19, 2020

Home
- IT Strategy
- Cloud
- Security
- Big Data
- AI
- Software
- Hardware
- Future Tech
- Leadership
- Corporate
Deep Dive
Opinion
Library
Events

Get CIO Dive in your inbox

The free newsletter covering the top industry headlines

Select user consent: By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at anytime.