Security
-
What do Kanye, Nutella and Google have in common? Bad passwords
From celebrities to the national government, poor password hygiene continues to threaten network integrity.
By Alex Hickey
-
'Cyber espionage' group targets sensitive telecom, government IT services data
Seedworm — also known as MuddyWater — is the only known hacker group to leverage the Powermud backdoor.
By Samantha Ann Schwartz • Dec. 12, 2018
-
Equifax's 'aggressive growth strategy' contributed to IT complexity and failure
The U.S. House of Representatives found a combination of legacy systems and integrations increased the likelihood of the firm's data breach.
By Samantha Ann Schwartz • Dec. 11, 2018
-
Digital security takes a backseat to customer experience, Equifax report finds
As digital security becomes a greater business priority, responsibility is shifting away from just the CIO and CISO.
By Alex Hickey • Dec. 10, 2018
-
OpinionDon't let vendors put customers — and a business's reputation — at risk
In addition to security and data protection demands, organizations must be vigilant about how third-party service providers approach these obligations.
By Steve Richardson
-
More than passwords: Quora breach highlights risks of third-party authentication
While the company did report and act on the incident in a timely manner, the compromise of consumer data is still serious.
By Alex Hickey • Dec. 05, 2018
-
Quick response to 1st major Kubernetes flaw could strengthen trust in the system
Big providers demonstrated they can identify, fix and patch the serious security issue in a timely manner, according to StackRox's Wei Lien Dang.
By Alex Hickey • Dec. 05, 2018
-
Dive AwardsCISO of the Year: Jamil Farshchi, Equifax
Equifax brought on Jamil Farshchi, the former CISO of Home Depot, after suffering a catastrophic breach in 2017.
By Alex Hickey • Dec. 03, 2018
-
Marriott's cybersecurity nightmare: A lesson in M&A risks
When an acquisition takes place, security continuity isn't always part of the contract. Now, the cost of Starwood is more than Marriott initially bargained for.
By Samantha Ann Schwartz • Dec. 03, 2018
-
500M hit by Marriott data breach; intrusion undetected since 2014
The perpetrators had copied and encrypted guest information and begun the process of removing it.
By Samantha Ann Schwartz • Nov. 30, 2018
-
AWS takes on shadow IT with customizable software marketplace
Most IT professionals want to ignore software as a service applications, but they can't afford to do so because eventually a enough of it will demand attention.
By Samantha Ann Schwartz • Nov. 28, 2018
-
Uber hit with $1.2M in fines for 2016 data breach
Regulators from the U.K. and the Netherlands penalized Uber, which tried to cover up the breach that compromised 57 million worldwide accounts.
By Samantha Ann Schwartz • Nov. 27, 2018
-
Deep Dive'Regulation without teeth is just a document': 6 months in, industry awaits major GDPR enforcement
Experts worry that without significant enforcement action in 2019, businesses could stop caring about the data privacy regulation.
By Alex Hickey • Nov. 26, 2018
-
Cyberthreats swallow SMBs burdened by supply chain attacks
A sufficient security posture is hindered by a lack of personnel, small budgets and general confusion over how to protect against cyberattacks.
By Samantha Ann Schwartz • Nov. 26, 2018
-
BlackBerry to buy Cylance for $1.4B as company continues security evolution
After retiring its mobile phone in 2016, the company has found new footing and confidence in mobile security.
By Samantha Ann Schwartz • Nov. 16, 2018
-
Gotta catch 'em all: Pokémon International complies with data privacy standards
The Pokémon Company International, following the successes of Pokémon Go, is learning the rules of the world its app has taken by storm.
By Alex Hickey • Nov. 14, 2018
-
IT professionals looking for work can name their price
Companies of all sizes plan to increase their cybersecurity talent, but smaller organizations also want more skills for DevOps, hardware and infrastructure.
By Samantha Ann Schwartz • Nov. 07, 2018
-
What digital change means for cybersecurity: Rip up the playbook and take risks
Playbooks are good learning tools, but if attackers aren't following the rules, why should anyone else?
By Samantha Ann Schwartz • Nov. 01, 2018
-
How the nastiest ransomware and flaws get their names
Which one of these was not the name of an attack/flaw: Heartbleed, Masacre3, Venom, Petya, Frogwarts? Read to find out.
By Samantha Ann Schwartz • Oct. 31, 2018
-
CIOs and CISOs no longer solely own cybersecurity responsibility
"Very few people own consequence right now," said William Evanina, director at the Office of the National Intelligence, but "we should all own consequence."
By Samantha Ann Schwartz • Oct. 31, 2018
-
What businesses can learn from election security vulnerabilities
It's inevitable that voting machines will be hacked, according to Absolute's Josh Mayfield. The real question is how widespread it will be and whether a catastrophe can be avoided.
By Alex Hickey • Oct. 30, 2018
-
As federal policy lags, state legislative pipeline is more important for CIOs
California is a good place to look to gauge where state policy is headed.
By Alex Hickey
-
95% of companies report cybersecurity culture disconnect
Moving away from a checkbox mindset and toward a collaborative view can help establish a culture of shared reasonability for security.
By Samantha Ann Schwartz • Oct. 26, 2018
-
Highest-paying IT certifications and why they matter
Companies turn away from "four-year-degree-itis" to widen the talent pool.
By Naomi Eide • Oct. 26, 2018
-
Apple's Cook pushes for US privacy law, with GDPR model in mind
As scrutiny around handling of user data grows, a more comprehensive, countrywide law would potentially give Apple an edge over competitors.
By Peter Adams • Oct. 25, 2018