‘Shift-left’ software strategy challenged by security and compliance

Developer burnout and supply chain concerns mount as companies push to begin software testing early in the development process.

By Matt Ashare • Sept. 15, 2022

Security vendor consolidation a priority for majority of organizations worldwide

More organizations want to reduce the complexity of their security stacks, Gartner reserach shows.

By David Jones • Sept. 14, 2022

The metaverse joins the list of enterprise IT maybes

Securing, operationalizing and defining the metaverse are three challenges to wide adoption. Inventing the metaverse is another. 

By Matt Ashare • Sept. 9, 2022

CISA Director: Tech industry should infuse security at product design stage

Agency director Jen Easterly outlined a push for faster incident reporting and closer industry collaboration.

By David Jones • Sept. 9, 2022

Highest-paid IT certifications show the clout of data skills

Cyber and cloud remain high on the list of top-paying credentials, but ROI for data certifications reflects increased need for data engineers, scientists and analysts.

By Matt Ashare • Sept. 9, 2022

Most organizations remain unprepared for ransomware attacks

Too many organizations are failing to meet cybersecurity demands. Ransomware attacks abound and humans are still the weakest link.

By Matt Kapko • Sept. 7, 2022

SaaS sprawl amps up security challenges amid heightened risk

Two-thirds of businesses say they're spending more on SaaS applications year over year, Axonius data shows.

By Roberto Torres • Aug. 31, 2022

Slack enhances platform security amid rapid expansion and heightened risk

The enterprise messaging platform has faced increased customer concerns about security and privacy.

By David Jones • Aug. 31, 2022

Changing cyber insurance guidance from Lloyd’s reflects a market in turmoil

Rising ransomware attacks and higher payout demands have battered the insurance industry, leaving many organizations exposed and vulnerable. 

By David Jones • Aug. 31, 2022

Cybersecurity spending strategies in uncertain economic times

The need for strong cybersecurity programs doesn’t make it immune to cuts.

By Sue Poremba • Aug. 26, 2022

Risk of cyberattack emerges as top concern of US executives

PwC research shows cyber risk is a top concern among entire C-suite and corporate boards as companies spend more to boost resilience.

By David Jones • Aug. 22, 2022

Mailchimp breach shines new light on digital identity, supply chain risk

Sophisticated threat actors are targeting weak links in the email marketing space to go after vulnerable financial targets.

By David Jones • Aug. 18, 2022

CISO salaries balloon, likely spurred by demand

Tenure matters, but not as you might suspect. Median total cash compensation fell for CISOs who have been in their roles at least five years, Heidrick & Struggles found. 

By Naomi Eide • Aug. 18, 2022

Zero trust skyrockets, nearing universal adoption

A report from Okta shows organizations fully embracing zero-trust principles, as hybrid work requires long-term changes to identity management. 

By David Jones • Aug. 16, 2022

Don’t count on government, tech vendors to fix security woes, former CISA chief Krebs says

The state of cybersecurity is bad and it’s going to get worse, Chris Krebs said at Black Hat. But somehow things might eventually get better.

By Matt Kapko • Aug. 11, 2022

AWS, Splunk lead open source effort to spot and curb cyberattacks

A broad group of 18 tech companies is collaborating to establish a less cumbersome model for cybersecurity defense coordination.

By Matt Kapko • Aug. 10, 2022

Delivering the promise of resiliency across all tenets of risk

To protect data against a number of risks, organizations need comprehensive, end-to-end resiliency.

By Stephen Manley, Chief Technology Officer, Druva • Aug. 8, 2022

Slack resets passwords en masse after invite link vulnerability

The bug, which went undetected for five years, impacts at least 60,000 users but likely more.

By Matt Kapko • Aug. 5, 2022

Ransomware defense guidance risks hang-ups under many steps

Small and mid-sized businesses don’t typically have the resources to meet every safeguard. But every action, however small, helps.

By Matt Kapko • Aug. 4, 2022

Most cyberattacks come from ransomware, email compromise

Attackers are scanning for vulnerabilities in unpatched systems within 15 minutes, stressing the pace and scale of the threat.

By Matt Kapko • Aug. 2, 2022

AWS wants to be an enterprise security strategy advisor

The cloud giant advised customers to focus on specific needs, and rely on embedded defenses running automatically behind the scenes.

By Matt Kapko • July 27, 2022

Where 5 programs are investing to close cyber skills gap

In line with a White House push to close the cyber skills gap, technology firms, nonprofits and other organizations have launched a range of programs to develop a new generation of workers.

By David Jones • July 26, 2022

Threat actors use Google Drive, Dropbox to launch cyberattacks

By using trusted applications, threat actors gain a low-cost way to collect data and host malware, Unit 42 researchers said.

By David Jones • July 20, 2022

Fake GitHub commits can trick developers into using malicious code

Threat actors can easily alter the identity and timestamp associated with software updates, putting developers at serious risk, Checkmarx research shows.

By Matt Kapko • July 18, 2022

5 experts demystify post-cloud migration challenges

Businesses must think about what comes after cloud migration and prepare for the challenges that arise once workloads are transferred.

By Lindsey Wilkinson • July 15, 2022