Security

Drew Angerer via Getty Images

Colonial Pipeline disconnects OT systems to silo ransomware IT threat

Industrial environments operate on infrastructure that frequently maintains hard-to-patch — and sometimes obsolete — technology.
By David Jones • May 12, 2021
Michael M. Santiago via Getty Images via Getty Images

Critical infrastructure flaws surface after years of underinvestment, inaction

The Colonial Pipeline ransomware attack shows how providers — particularly in the energy sector — knew the warning signs but were slow to respond.
By David Jones • May 11, 2021
Explore the Trendline➔

Yujin Kim/CIO Dive

Trendline
Cybersecurity

Security strategies benefit from nimbleness as companies respond to a pandemic, a boundless perimeter and questions about supply chain trust.
By CIO Dive staff
Depositphotos

How IT can support security in the event of a cyberattack

CIOs and CISOs operate as separate jobs leading different departments, but with work that overlaps. Who leads what in the event of an attack can become muddled.
By Jen A. Miller • April 08, 2021
Wormwood, Matilda. Retrieved from Pexels.

VPN security falls short as demand increases for remote workforce at scale

Despite repeated warnings, enterprise customers have fallen behind on patching and upgrades as internal productivity needs take priority.
By David Jones • April 07, 2021
Traitov/iStock/Getty via Getty Images

Half of companies lack security to support cloud-based IAM: report

Almost all (98%) of IT executives report challenges with IAM sourced from the cloud, including lack of visibility and increased complexity.
By Katie Malone • March 30, 2021
LiveRamp

Sponsored by LiveRamp
A framework for evaluating privacy-preserving data infrastructure for collaboration

Businesses are increasingly exploring and launching collaborations with internal and external partners. A key opportunity for CIOs is to facilitate data collaboration in a way that preserves privacy at scale.
By David Gilmore, Head of Privacy Technology Solutions, LiveRamp • March 22, 2021
Fotolia

How to build security into cloud after a hasty adoption

While application adoption may have clouded visibility into the infrastructure, organizations reinstating clarity can build stronger security postures.
By Katie Malone • March 18, 2021
Photo illustration by Danielle Ternes/CIO Dive; photograph by ismagilov via Getty Images

Post-SolarWinds, IT departments increase vendor scrutiny

It's still too soon to know the hack's full impact on IT, but so far, security experts report changing relationships with third-party vendors.
By Katie Malone • March 12, 2021
Kendall Davis for CIO Dive

Enterprises scramble to secure Microsoft Exchange as cybercriminals rush in

Researchers fear, more than two months after the threat was discovered, criminal hackers have had plenty of time to loot data or plant undetected seeds of compromise.
By David Jones • March 10, 2021
CC0 Public Domain Free for commercial use No attribution required Pixabay

Companies overestimate ability to manage remote worker security

Employees working outside the office are granted excessive access privileges and are falling prey to phishing attacks, research from Tanium and PSB Insights found.
By David Jones • March 04, 2021
Getty Images

Apple faces new malware threats as company makes enterprise push

Apple made recent inroads with corporate customers and is detailing extensive security upgrades as a way of attracting enterprise customers. Through it all, new techniques test the company's defenses.
By David Jones • Feb. 23, 2021
Photo by Josh Appel on Unsplash

Are businesses underinvesting in cybersecurity?

The issue isn't how large of a cybersecurity investment an organization makes. Rather, if it is spending funds properly.
By Sue Poremba • Feb. 16, 2021
Rangel, David. [photograph]. Retrieved from https://unsplash.com/photos/4m7gmLNr3M0.

Software supply chain hacks highlight an ugly truth: The build process is broken

Software makers are coming to terms with security gaps they knew existed as the fallout from the SolarWinds hack continues.
By Samantha Schwartz • Feb. 12, 2021
sestovic/E+/Getty via Getty Images

SolarWinds fallout turns security eye to Microsoft Office 365

Office 365 has been linked to incidents ranging from points of compromise to the unauthorized access of government officials' emails.
By David Jones • Feb. 09, 2021
Photo by Drew Beamer on Unsplash

How to translate threats and risk to C-suite

When communicating with the C-suite or shareholders, CISOs have to speak equal parts security and bottom line.
By Samantha Schwartz • Feb. 01, 2021
DESIGNECOLOGIST. [Photograph]. Retrieved from Unsplash.

Cyberthreat trends in the remote work landscape

With more workers logging in from home, companies face new cybersecurity challenges and opportunities.
By David Jones • Jan. 25, 2021
Fotolia

Financial services companies embrace cloud as security concerns grow

Equifax CISO and a study from Nutanix address how investing in cloud security helps to protect sensitive financial data.
By David Jones • Jan. 15, 2021
thanyakij, bongkarn. (2019). Retrieved from Pexels.

Poor software quality cost businesses $2 trillion last year and put security at risk

The COVID-19 pandemic played a role in the rise of operational software failure, the report author says.
By Roberto Torres • Jan. 07, 2021
ThisisEngineering RAEng/Unsplash

Sponsored by AppDynamics
Is your business ready for digital experience monitoring?

By 2025, IT teams will have to report UX metrics for 70% of technology efforts. Are you ready?
By Wei Li • Dec. 21, 2020
Williams, Antrell. (2015). "New Orleans Skyline" [Photograph]. Retrieved from Flickr.

New Orleans leaders share lessons from 2019 cyberattack

CIO Kimberly LaGrue said early and intensive preparations were key to preventing disaster and recovering without paying a ransom to the hackers.
By Chris Teale • Dec. 18, 2020
Getty

What the SolarWinds compromise means for IT

A renewed awareness of IT supply chain risks emerged from the attack. CIOs now seek more visibility into the inner workings of their providers.
By Roberto Torres • Dec. 17, 2020
CC0 Public Domain Free for commercial use No attribution required Pixabay

IT execs face growing pressure to balance security with productivity

Companies are caught between competing interests as remote workers offset digital security needs with work-life balance.
By David Jones • Dec. 14, 2020
Permission granted by Johnson & Johnson

Dive Awards
CISO of the Year: Marene Allison, Johnson & Johnson

In a year of uncertainty, J&J's security mission remained a constant. Under Allison's leadership, the company's resilience has been a decade in the making.
By Samantha Schwartz • Dec. 09, 2020
Getty Images

5 state ballot initiatives to watch in 2020: results

Data and privacy took center stage across state ballots this year, changing how businesses are required to operate.
By Roberto Torres • UPDATED: Nov. 5, 2020 at 7:52 a.m.
Getty

Why is the CIO-CISO dynamic strained?

In an enterprise where every executive has competing priorities in deadlines, money and personnel, some CISOs and CIOs fight for equal shares.
By Samantha Schwartz • Oct. 27, 2020