Security


  • Image attribution tooltip

    Photo by Canva Studio from Pexels

    More research connects security burnout with business risk

    One in three 1Password respondents said burnout adds to a decline in initiative and motivation, which also reduces compliance with security protocols.

    By Samantha Schwartz • Dec. 7, 2021
  • Image attribution tooltip

    AdobeStock / Cronislaw

    Sponsored by LiveRamp

    The 5 risks of sharing data with partners

    Selecting a provider that focuses on privacy will help you build trust with data governance stakeholders.

    By Davis Wilkinson, Senior Product Manager, LiveRamp Privacy Tech Solutions • Dec. 6, 2021
  • Explore the Trendline
    Image attribution tooltip
    Yujin Kim/CIO Dive
    Trendline

    Cybersecurity

    Security strategies benefit from nimbleness as companies respond to a pandemic, a boundless perimeter and questions about supply chain trust. 

    By CIO Dive staff
  • Image attribution tooltip

    Adobe Stock, Amnaj Khetsamtip

    Sponsored by Code42

    The death of non-competes & how to protect an IP

    Non-competes don't stop IP theft, but this new approach to data protection will.

    Dec. 6, 2021
  • Image attribution tooltip
    Justin Sullivan via Getty Images

    Marriott is still covering — and recovering — expenses from its 2018 data breach

    The hotel has seen an increase in renewal costs for its cyber insurance "over the last several years," the company said. 

    By Samantha Schwartz • Dec. 3, 2021
  • Image attribution tooltip
    PeopleImages via Getty Images

    Security disconnect: Why the CISO role is evolving

    CISOs are too focused on security operations, writing policies or vendor management. But their time is better spent on business strategy.

    By Samantha Schwartz • Nov. 29, 2021
  • Image attribution tooltip
    vchal via Getty Images

    Enterprises prepare for ransomware threats during Thanksgiving

    Retail, transportation and other sectors are bracing for heightened cyber risks, placing renewed pressure on security operations. 

    By David Jones • Nov. 23, 2021
  • Image attribution tooltip
    Adeline Kon/CIO Dive

    The Water Cooler: How 5 executives disconnect for the holidays

    Fully unplugging during a holiday break can be challenging — and a little scary, given the elevated cybersecurity risk. But it's not impossible.

    By Nov. 19, 2021
  • Image attribution tooltip
    iStock / Getty Images Plus via Getty Images

    What to consider when connecting cyber, business strategy

    The common issue security and business leaders run into is miscommunication, Gartner's Jeffrey Wheatman said. 

    By Samantha Schwartz • Nov. 17, 2021
  • Image attribution tooltip
    iStock / Getty Images Plus via Getty Images

    A year after SolarWinds, third-party risk still threatens the software supply chain

    Using open source or commercially available software for digital transformation has introduced risk into organizations' environments.

    By David Jones • Nov. 12, 2021
  • Image attribution tooltip
    Ian Forsyth / Stringer via Getty Images

    Better security, access policies can combat cloud misconfigurations

    Data disclosures from cloud misconfigurations are often the result of human error — but policies, not users, are to blame.  

    By Brian Eastwood • Nov. 4, 2021
  • Image attribution tooltip
    Spencer Platt via Getty Images

    Corporate boards, C-suites finally prioritize cyber after years of business risk

    Following a surge of supply chain attacks and ransomware over the past year, enterprise leaders are giving cybersecurity the attention it deserves.

    By David Jones • Nov. 3, 2021
  • Image attribution tooltip
    Permission granted by Code42
    Sponsored by Code42

    Solving the people problem: insider risk and trust

    Insider risk is a people problem — but your people aren't the problem.

    Nov. 1, 2021
  • Image attribution tooltip
    Adeline Kon/CIO Dive

    The Water Cooler: How 5 execs operate under crisis

    When an outage or attack hits, IT executives must calmly guide the organization toward a resolution. It's often easier said than done.

    By Oct. 29, 2021
  • Image attribution tooltip
    Leon Neal via Getty Images

    IT's most 'anxiety-inducing' cyberattacks of 2021

    "PrintNightmare is just like the flipping gift that keeps on giving," Jason Slagle of CNWR IT Consultants said. "You can get popped by it, and then literally every week there's some sort of update." 

    By Samantha Schwartz • Oct. 29, 2021
  • Image attribution tooltip
    Jeenah Moon via Getty Images

    SolarWinds threat actor targeted IT service providers in thousands of attacks, Microsoft says

    The Russian nation-state threat actor Nobelium used password spraying to gain access to reseller and IT service provider systems. At least 14 attacks resulted in breaches, Microsoft said. 

    By Samantha Schwartz • Oct. 25, 2021
  • Avoid paying ransoms, Gartner says. Instead, focus on situational awareness

    In the event of a ransomware attack, CISOs need to pause amid chaos and gain a better understand around steps to recovery. 

    By Samantha Schwartz • Oct. 20, 2021
  • Image attribution tooltip

    Adobe Stock, zephyr_p

    Sponsored by ConvergeOne

    As ransomware attacks skyrocket, blind spots leave organizations vulnerable

    Ransomware attacks are becoming more complex with organizations now facing double or triple extortions. Common blind spots continue to place scores of organizations at risk.

    By Chris Ripkey, Senior Director – Cybersecurity, ConvergeOne • Oct. 18, 2021
  • Image attribution tooltip
    Carl Court via Getty Images

    Users have bad security habits. What can businesses do?

    "As strange as it sounds, in the case of a security incident in the enterprise, you can't blame the user," Bitdefender's Alex "Jay" Balan said. 

    By Samantha Schwartz • Oct. 14, 2021
  • CISOs: Approach the board with precision, simplicity

    Executives from PepsiCo, Mandiant and Texas Children's Hospital honed the art of approaching the board. Their techniques leave stakeholders asking, "Do you need anything?"

    By Samantha Schwartz • Oct. 11, 2021
  • Image attribution tooltip
    Adeline Kon/CIO Dive
    Column

    The Water Cooler: 4 IT execs on their first incident response steps

    The first step to recovery is planning ahead. But during a crisis, how leadership prioritizes resources and actions from the get-go can determine mitigation.

    By , Oct. 1, 2021
  • Image attribution tooltip
    Photo illustration by Danielle Ternes/CIO Dive; photograph by yucelyilmaz via Getty Images

    With remote work, any employee could be an insider threat. How is CISA mitigating the risk?

    Companies can use a new self-assessment tool from CISA to generate reports on their tolerance and capabilities for preventing insider threats. 

    By Samantha Schwartz • Sept. 30, 2021
  • Image attribution tooltip

    Markus Spiske

    How hackers are making the leap from cloud to the software build processes

    Almost all deployed third-party container applications have known vulnerabilities, research from Palo Alto Networks' Unit 42 found.

    By Samantha Schwartz • Sept. 29, 2021
  • Image attribution tooltip

    Markus Spiske

    How to build software supply chain transparency

    The Biden administration wants more transparency in the software supply chain. Will private industry join in?

    By Samantha Schwartz • Sept. 22, 2021
  • Image attribution tooltip

    Photo by cottonbro from Pexels

    Enterprises plan major investments as remote work escalates security risk: report

    Companies are struggling to manage security as the work-from-home model moves from an emergency stopgap to a more permanent environment. 

    By David Jones • Sept. 22, 2021
  • Image attribution tooltip
    Brendan Smialowski / Stringer via Getty Images

    Boards rethink incident response playbook as ransomware surges

    Corporate boards are no longer rubber-stamping assurances from CIOs or CISOs but are bringing in outside experts, asking more questions and preparing for the risk of personal liability.

    By David Jones • Sept. 16, 2021