Security


  • Close-up of customer service representative wearing wireless headset working on desktop computer in call center.
    Image attribution tooltip
    simonkr via Getty Images
    Image attribution tooltip

    AI could perform more than half of HR assistant tasks by 2032, report says

    Companies will overhaul their business and operating models as AI adoption grows over the next three years, according to a Cognizant report.

    By Carolyn Crist • May 21, 2024
  • A sign is posted in front of a Google office on April 26, 2022 in San Francisco, California. Google parent company Alphabet will report first quarter earnings today after the closing bell.
    Image attribution tooltip
    Justin Sullivan / Staff via Getty Images
    Image attribution tooltip

    Google leverages Microsoft’s cyber gaps to woo Workspace customers

    “The repeated security challenges with Microsoft call for a better alternative for enterprises and public-sector organizations alike,” Google said Monday.

    By May 20, 2024
  • Cybersecurity priorities 2020 Explore the Trendline
    Image attribution tooltip
    Yujin Kim/CIO Dive
    Image attribution tooltip
    Trendline

    Cybersecurity

    Security strategies benefit from nimbleness as companies respond to Log4j and other high-profile vulnerabilities, a boundless perimeter and questions about supply chain trust. 

    By CIO Dive staff
  • An IBM sign stands outside an IBM building May 10, 2005 in downtown Chicago, Illinois.
    Image attribution tooltip
    Tim Boyle / Staff via Getty Images
    Image attribution tooltip

    Palo Alto Networks signs broad enterprise cybersecurity partnership with IBM

    The enterprise security giant will capitalize on a platform consolidation strategy as IBM concedes on transition to cloud security.

    By David Jones • May 17, 2024
  • The White House in Washington, D.C.
    Image attribution tooltip
    TriggerPhoto via Getty Images
    Image attribution tooltip

    White House wants to hold the software sector accountable for security

    Federal officials are taking steps toward a long-stated goal of shifting the security burden from technology users to the companies that build it.

    By David Jones • May 13, 2024
  • Fingers hover over a computer keyboard with numbers on a screen, against a shadowy backdrop.
    Image attribution tooltip
    jariyawat thinsandee via Getty Images
    Image attribution tooltip

    Only one-third of firms deploy safeguards against generative AI threats, report finds

    Generative AI gives attackers an edge over cyber defenders, according to a survey of security experts.

    By Jim Tyson • May 13, 2024
  • CISA Director Jen Easterly speaks at Carnegie Mellon University urging the tech industry to embrace secure-by-design product development.
    Image attribution tooltip
    Permission granted by Carnegie Mellon University
    Image attribution tooltip

    68 tech, security vendors commit to secure-by-design practices

    Microsoft and Google are among the providers signing a voluntary pledge to boost cyber resiliency and transparency.

    By David Jones • May 10, 2024
  • Azure OpenAI confidentiality loophole
    Image attribution tooltip
    jeenah Moon via Getty Images
    Image attribution tooltip

    Microsoft restructures security governance, aligning deputy CISOs and engineering teams

    The company will enhance management roles under the CISO and partially tie compensation to security performance.

    By David Jones • May 7, 2024
  • Attendees walk through an expo hall at AWS re:Invent 2023, a conference hosted by Amazon Web Services, at The Venetian Las Vegas on November 28, 2023 in Las Vegas, Nevada.
    Image attribution tooltip
    Noah Berger / Stringer via Getty Images
    Image attribution tooltip

    Amazon tempts enterprises to customize AI on AWS

    CEO Andy Jassy called the hyperscaler’s move to open its Bedrock platform to tailored models “a sneaky big launch.”

    By May 3, 2024
  • Andy Jassy, Amazon President & CEO attends the Los Angeles Premiere of Amazon Prime Video's "The Lord Of The Rings: The Rings Of Power" at The Culver Studios on August 15, 2022 in Culver City, Califor
    Image attribution tooltip
    Kevin Winter / Staff via Getty Images
    Image attribution tooltip

    Amazon CEO touts AWS cloud security as AI risk concerns mount

    Andy Jassy urged enterprises “not to overlook the security and operational performance” of cloud-based generative AI services. “It’s less sexy, but critically important.”

    By May 1, 2024
  • Abstract black and white monochrome art with surreal funnel.
    Image attribution tooltip
    Philipp Tur/Getty Images Plus via Getty Images
    Image attribution tooltip

    What is success in cybersecurity? Failing less.

    Defenders aren’t measured by pure wins or losses. Intrusions will happen, and their job is to keep a bad situation from getting worse.

    By Matt Kapko • April 29, 2024
  • Young Woman Writing Code on Desktop Computer in Stylish Loft Apartment in the Evening.
    Image attribution tooltip
    gorodenkoff via Getty Images
    Image attribution tooltip

    Cybersecurity jobs pay well, but gender disparities persist

    ISC2’s analysis found significant financial benefits for U.S. cybersecurity professionals, but pay gaps persist across levels of seniority by gender.

    By Matt Kapko • April 12, 2024
  • Microsoft logo is seen in the background.
    Image attribution tooltip
    Jeenah Moon via Getty Images
    Image attribution tooltip

    Microsoft Exchange state-linked hack entirely preventable, cyber review board finds

    The technology giant’s corporate culture fell short on security investments and risk management, and needs significant reforms, according to a damning report by the U.S. Cyber Safety Review Board.

    By David Jones • April 3, 2024
  • Matrix background of blurred programming code.
    Image attribution tooltip
    Getty Plus via Getty Images
    Image attribution tooltip

    Threat groups hit enterprise software, network infrastructure hard in 2023

    Actively exploited high-risk vulnerabilities rose threefold in enterprise software and network infrastructure, according to Recorded Future.

    By Matt Kapko • March 25, 2024
  • Threat actor views data file
    Image attribution tooltip
    iStock / Getty Images Plus via Getty Images
    Image attribution tooltip

    How CIOs can infuse security into generative AI adoption

    As the AI ecosystem grows and more tools connect to internal data, threat actors have a wider field to introduce vulnerabilities.

    By March 21, 2024
  • Photo illustration of a VF Corp. SEC filing.
    Image attribution tooltip

    Photo illustration: Industry Dive; US Securities and Exchange Commission

    Image attribution tooltip

    How companies describe cyber incidents in SEC filings

    The words businesses use in cybersecurity disclosures matter. They can channel confidence in the recovery process, potential impacts and legal liabilities.

    By Matt Kapko • March 21, 2024
  • Close up of Gary Gensler speaking during a senate hearing
    Image attribution tooltip
    Kevin Dietsch/Getty Images via Getty Images
    Image attribution tooltip

    3 months into cyber disclosure rules, what’s material to the SEC?

    As attacks become more sophisticated and destructive, companies are struggling to find conclusive estimates of the financial impact of cyberattacks.

    By David Jones • March 19, 2024
  • Computer language script and coding on screen.
    Image attribution tooltip
    themotioncloud via Getty Images
    Image attribution tooltip

    White House adds teeth to secure software development requirements

    The guidelines are designed to ensure software producers working with the U.S. government comply with standards for secure development.

    By David Jones • March 15, 2024
  • CrowdStrike booth at RSA Conference in San Francisco.
    Image attribution tooltip
    Matt Kapko/CIO Dive
    Image attribution tooltip

    Cloud intrusions spiked 75% in 2023, CrowdStrike says

    Threat actors took advantage of inconsistent cloud security structures, abusing unique features of the technology to initiate attacks.

    By Matt Kapko • Feb. 26, 2024
  • National Cyber Director Harry Coker speaks in Washington.
    Image attribution tooltip
    Permission granted by Information Technology Industry Council
    Image attribution tooltip

    National cyber director urges private sector collaboration to counter nation-state cyber threat

    The Biden administration is exploring plans to hold manufacturers accountable for poor security while also working to harmonize regulations, the official said.

    By David Jones • Feb. 13, 2024
  • The White House in Washington DC at summer day.
    Image attribution tooltip
    lucky-photographer via Getty Images
    Image attribution tooltip

    What to know about the 200-member AI safety alliance

    The alliance aims to support "the development and deployment of safe and trustworthy artificial intelligence," the U.S. Department of Commerce said.

    By Feb. 8, 2024
  • IT workers code in office
    Image attribution tooltip
    AnnaStills via Getty Images
    Image attribution tooltip

    AI-generated code leads to security issues for most businesses: report

    More than three-quarters of developers bypass established protocols to use code completion tools despite potential risks, Snyk’s research found. 

    By Jan. 29, 2024
  • Microsoft's visitor center at its Redmond campus.
    Image attribution tooltip
    Stephen Brashear via Getty Images
    Image attribution tooltip

    Midnight Blizzard attack seen as another sign of Microsoft falling short on security

    Critics say the hack of senior Microsoft executives’ emails is another example of a longstanding series of security lapses and foot-dragging by the company.

    By David Jones • Jan. 26, 2024
  • Satya Nadella, CEO of Microsoft, speaks to the media about a joint project called the Volkswagen Automotive Cloud on February 27, 2019 in Berlin, Germany
    Image attribution tooltip
    Sean Gallup via Getty Images
    Image attribution tooltip

    Microsoft to overhaul internal security practices after Midnight Blizzard attack

    After the company disclosed a Russia-affiliated threat actor stole data from senior executives, experts are raising questions about its security capabilities and practices.

    By David Jones • Jan. 22, 2024
  • With cyberattacks becoming more frequent, now is the time for CFOs to shore up their cybersecurity programs and strategies.
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    Cyber tops business risk for enterprises worldwide, report finds

    Worries over cybersecurity replaced business interruption as the top concern among U.S. businesses, according to the Allianz Risk Barometer.

    By David Jones • Jan. 17, 2024
  • A photo illustration of LastPass logos on a hard drive disk held in someone's hand.
    Image attribution tooltip
    Leon Neal via Getty Images
    Image attribution tooltip

    LastPass enforces 12-character master password lengths

    The password manager enforced its guidance on master password complexity nearly a year and a half after a major cyberattack.

    By Matt Kapko • Jan. 5, 2024