Security

Financial services companies embrace cloud as security concerns grow

Equifax CISO and a study from Nutanix address how investing in cloud security helps to protect sensitive financial data.

By David Jones • Jan. 15, 2021

Poor software quality cost businesses $2 trillion last year and put security at risk

The COVID-19 pandemic played a role in the rise of operational software failure, the report author says.

By Roberto Torres • Jan. 07, 2021

Explore the Trendline➔

Trendline

Cybersecurity

The COVID-19 pandemic, and ensuing recession, turned security strategies upside down. 

By CIO Dive staff

Sponsored by AppDynamics

Is your business ready for digital experience monitoring?

By 2025, IT teams will have to report UX metrics for 70% of technology efforts. Are you ready?

By Wei Li • Dec. 21, 2020

New Orleans leaders share lessons from 2019 cyberattack

CIO Kimberly LaGrue said early and intensive preparations were key to preventing disaster and recovering without paying a ransom to the hackers.

By Chris Teale • Dec. 18, 2020

What the SolarWinds compromise means for IT

A renewed awareness of IT supply chain risks emerged from the attack. CIOs now seek more visibility into the inner workings of their providers.

By Roberto Torres • Dec. 17, 2020

IT execs face growing pressure to balance security with productivity

Companies are caught between competing interests as remote workers offset digital security needs with work-life balance.

By David Jones • Dec. 14, 2020

Dive Awards

CISO of the Year: Marene Allison, Johnson & Johnson

In a year of uncertainty, J&J's security mission remained a constant. Under Allison's leadership, the company's resilience has been a decade in the making. 

By Samantha Schwartz • Dec. 09, 2020

5 state ballot initiatives to watch in 2020: results

Data and privacy took center stage across state ballots this year, changing how businesses are required to operate.

By Roberto Torres • UPDATED: Nov. 5, 2020 at 7:52 a.m.

Why is the CIO-CISO dynamic strained?

In an enterprise where every executive has competing priorities in deadlines, money and personnel, some CISOs and CIOs fight for equal shares. 

By Samantha Schwartz • Oct. 27, 2020

How Atlanta's CIO rebuilt IT after the city's cyberattack — and what's next

Inheriting a city technologically and economically wounded by a cyberattack, Gary Brantley had to turn to the basics.

By Samantha Schwartz • Oct. 20, 2020

Transit agencies 'ill prepared' for cyberattack: survey

Only 60% of agencies have a cybersecurity plan in place and 43% say their plan is insufficient, according to the Mineta Transportation Institute.

By Chris Teale • Oct. 14, 2020

Treasury threatens fines for ransomware payments

The math problem organizations were solving for — does recovery cost less than the ransom — must now factor in an unknown quantity: fines.

By Samantha Schwartz • Oct. 02, 2020

Slack picks Reddit alum as chief security officer

The company named its first CSO Geoff Belknap in 2016, but Larkin Ryder has been serving as Slack's interim CSO since Belknap departed in 2019. 

By Samantha Schwartz • Oct. 01, 2020

Major ocean carrier suspects malware attack led to data breach

CMA CGM said its back offices are being reconnected to the network, which will improve bookings and document processing time.

By Matt Leonard • UPDATED: Sept. 30, 2020 at 11:09 a.m.

Security experts overlook attacker-favored credential stuffing

With an endless cycle of breaches, hackers have a large pool of exposed credentials to throw at websites, increasing their probability of success. 

By Samantha Schwartz • Sept. 30, 2020

UHS hit with ransomware attack, working to restore IT operations

The for-profit owner of around 400 hospitals is struggling to contain the ripple effects of a cyberattack that locked it out of computer and phone systems.

By Rebecca Pifer • Sept. 29, 2020

How global companies factor their supply chain into data protection, privacy

International Paper purposefully duplicates technologies to comply with international laws, from one vendor to another.

By Samantha Schwartz • Sept. 25, 2020

'Rogue' employees caused Shopify's data breach. What makes an insider a threat?

Coinciding crises are contributing to "a perfect storm for malicious insiders," Forrester's Joseph Blankenship says.

By Samantha Schwartz • Sept. 24, 2020

How to negotiate software costs as IT budgets are slashed

If vendors can't provide a degree of flexibility, abandon the deal, according to Paul McKay, senior analyst at Forrester.

By Samantha Schwartz • Sept. 23, 2020

6 types of CISO and the companies they thrive in

Jeff Pollard, VP and principal analyst at Forrester, wants CISOs to discover the type of leader they are — transformational, tactical, steady — and run with it.

By Samantha Schwartz • Sept. 22, 2020

How cloud threat protection takes on shadow IT

Cloud access security broker capabilities — discovery, data loss prevention, threat protection, encryption, logging — should sit between every kind of app a company houses.

By Samantha Schwartz • Sept. 21, 2020

What security needs to know before diving into SaaS contracts

If employees don't engage with security red flags, the agreement fails to address the underlying issue: an application outside of a company's risk appetite.

By Samantha Schwartz • Sept. 18, 2020

Data doesn't speak for itself: 4 benefits of giving security metrics context

When presenting security metrics and data to non-technical stakeholders, security leaders' messaging could get lost in translation.

By Samantha Schwartz • Sept. 17, 2020

Security pushes DevOps to breaking point

The future of DevOps is "going to break application security," said Dale Gardner, research director at Gartner.

By Samantha Schwartz • Sept. 16, 2020

Gartner: 10 key security projects through 2021

As companies adapt to changes in March and what's anticipated for the next 12 months, Brian Reed, senior director analyst at Gartner, wants the focus on projects, not programs.

By Samantha Schwartz • Sept. 15, 2020