Microsoft surpasses $20B in security revenue as enterprise customers consolidate

The company’s cybersecurity business is growing, but CEO Satya Nadella warned that customers, in an uncertain economy, are exercising caution.

By David Jones • Jan. 30, 2023

Threat actors are using remote monitoring software to launch phishing attacks

CISA, the NSA and MS-ISAC warned threat actors could leverage legitimate tools using help-desk themed lures. 

By David Jones • Jan. 27, 2023

Live Nation’s IT capabilities scrutinized as company blames bots

Senators questioned whether there was a fundamental flaw in the company's technology stack in a high-profile congressional hearing.

By Lindsey Wilkinson • Jan. 25, 2023

Only half of companies have the budgets necessary to mitigate cybersecurity risks: study

Macroeconomic pressures squeeze IT security spending, Neustar data shows.

By David Jones • Jan. 24, 2023

Top tech talent rewarded with remote work

Software and data professions command the highest percentage of flexible work options, a Remote report shows.

By Matt Ashare • Jan. 24, 2023

Threat actors lure phishing victims with phony salary bumps, bonuses

Multiple campaigns underscore threat actors’ ability to shift tactics and target employees by exploiting current events and themes.

By Matt Kapko • Jan. 19, 2023

Cyber, business interruption remain top global corporate risks

Cybersecurity risk sits top of mind for corporations around the world, according to Allianz Global.

By David Jones • Jan. 18, 2023

The cybersecurity talent shortage: The outlook for 2023

The available potential workforce isn’t keeping pace with demand, and experts blame a lack of interest from young people entering the job market.

By Sue Poremba • Jan. 13, 2023

Slack employee tokens stolen, GitHub repository breached

The firm said a threat actor downloaded private code repositories, but none included customer data or the company’s primary code base.

By David Jones • Jan. 5, 2023

Rackspace executives stand by ransomware response

Chief Product Officer Josh Prewitt said the company restored email access to more than three-quarters of its Hosted Exchange customers. 

By David Jones • Dec. 16, 2022

What does it take to be good at cybersecurity?

Few large enterprises meet Deloitte’s standards for high cyber maturity. The 21% at that level reap benefits not typically associated with security.

By Matt Kapko • Dec. 13, 2022

Fear, panic and Log4j: One year later

Fears of catastrophic cyberattacks have thus far failed to materialize. But federal authorities stress threat actors are playing the long game.

By David Jones • Dec. 12, 2022

Google stresses unmet need for software supply chain security

The open source software ecosystem remains vulnerable, and fragmented efforts could stifle progress, according to Google.

By Matt Kapko • Dec. 9, 2022

Internet Explorer is still a viable attack vector

North Korea-linked threat actors are using a technique that has been widely used to exploit the browser since 2017, Google researchers found.

By Matt Kapko • Dec. 8, 2022

AWS CEO stresses the core elements of cloud security

Adam Selipsky described security as a prerequisite for organizations to trust cloud infrastructure. And for that, he claimed, AWS is the best in the game.

By Matt Kapko • Dec. 1, 2022

Why cyberattackers love IT professionals — and how organizations can keep risk at bay

Limiting admin access is one step toward strengthening defenses, but there are other ways to reduce vulnerabilities.

By Brian Eastwood • Nov. 30, 2022

Tech surveillance can stave off insider threats, but employers need guardrails

When security surveillance becomes intrusive, electronic surveillance and automated management strategies can evolve into a liability.

By Lindsey Wilkinson • Nov. 29, 2022

As CIOs tighten tech spend, demand for cybersecurity services grows

Managed service providers can help fill talent needs and tame costs, but that strategy may require additional risk mitigation.

By Suman Bhattacharyya • Nov. 28, 2022

Cybercriminals strike understaffed organizations on weekends and holidays

Organizations are short-staffed on holidays and weekends, even though that's when attackers are likely to strike, Cybereason research found.

By Matt Kapko • Nov. 21, 2022

McDonald’s to launch cybersecurity apprenticeship program

The restaurant chain's initiative is among nearly 200 registered apprenticeships programs approved or under development as part of the White House's Cybersecurity Apprenticeship Sprint.

By Lindsey Wilkinson • Nov. 16, 2022

No, your CEO is not texting you

Everyone wants to stay on good terms with their employer. Threat actors know this too and exploit this weakness accordingly. Don’t fall for it.

By Matt Kapko • Nov. 11, 2022

Cloud or on-prem? Companies flip-flop on workload decisions

Shifting data back and forth between cloud and on-prem, a common practice, complicates cybersecurity efforts.

By Matt Ashare • Nov. 10, 2022

Break-fix, cloud integration and security open enterprise doors for MSPs

Managed service providers are using one-off projects to initiate long-term relationships with companies beset by talent shortages and budgeting constraints.

By Matt Ashare • Nov. 7, 2022

Face it, password policies and managers are not protecting users

Passwords haven’t worked as a solid security strategy in a long time. The policies are there, so why are passwords security’s weak spot?

By Sue Poremba • Nov. 7, 2022

‘Point solutions just need to die’: The end of the one-trick security tool

The deconstruction of security products makes companies grapple with avoidable IT challenges.

By Matt Kapko • Oct. 31, 2022