Cyber defense is not IT’s job alone, CISA CTO says

While tech executives must provide critical tools and procedures to lower cyber risk, the whole organization is responsible for fending off attackers.

By Roberto Torres • Oct. 18, 2022

4 tips to protect IT employees from phishing attacks

No one is perfect, and that includes your IT professionals. Here's what security experts say could help mitigate human error.

By Lindsey Wilkinson • Oct. 14, 2022

Explore the Trendline➔

IT Security

Executives are working to improve the security posture of their businesses, a task that requires cross-function collaboration.

By CIO Dive staff

Mandiant propels Google Cloud’s security prospects

With Mandiant officially under his wing, Google Cloud CISO Phil Venables expects the incident responders to help Google become a proactive force.

By Matt Kapko • Oct. 12, 2022

Struggling to find cyber pros? Look to your network admins

Network knowledge and skills are central to cyber. Certification programs provide a direct route from systems to security.

By Matt Ashare • Oct. 10, 2022

Multifactor authentication is not all it’s cracked up to be

MFA is only as strong as the weakest link in the supply chain — and the resilience of each individual using it.

By Matt Kapko • Oct. 6, 2022

Tenable’s CIO pushes resource optimization as company pursues $1B in revenue

Technology veteran Patricia Grant is joining the cybersecurity company amid sustained industry growth. Her challenge now is to help Tenable scale.

By Lindsey Wilkinson • Oct. 5, 2022

C-suite, boards are prioritizing cybersecurity, but still expect increased threats

Senior executives are taking risk management more seriously, PwC found. But many are still concerned about business resilience.

By David Jones • Oct. 4, 2022

Security to take an outsized role in IT spending in 2023

Modernization has taught companies that cyber spend is a smart investment.

By Matt Ashare • Oct. 4, 2022

Microsoft investigating 2 zero-day vulnerabilities in Exchange Server

One vulnerability is a server-side request forgery, while the second allows remote-code execution when an attacker has access to PowerShell. 

By David Jones • Sept. 30, 2022

Microsoft’s CISO on why cloud matters for security response

Cloud can give companies insight into current and future threats as the landscape grows more complex, said Bret Arsenault.

By Roberto Torres • Sept. 29, 2022

Today’s top cybersecurity concerns — and what comes next

Cybersecurity executives are up against talent shortages and retention concerns amid increasingly sophisticated threats.

By Sue Poremba • Sept. 27, 2022

Cloud collaboration market boom is good news for Microsoft

With hybrid work entrenched and data security a looming concern, IT spend on collaboration bodes well for the No. 2 infrastructure cloud provider.

By Matt Ashare • Sept. 23, 2022

Organizations rapidly shift tactics to secure the software supply chain

Synopsys data shows rapid increases in automation and use of SBOMs among software producers and other organizations.

By David Jones • Sept. 22, 2022

Cloud security pros expect elevated risk for serious data breaches

Just one out of five cybersecurity and engineering professionals escaped the previous year without incident.

By Matt Kapko • Sept. 19, 2022

White House guidance on third-party software tests cyber risk strategy

The U.S. hopes that pushing software makers toward minimum security standards for federal use, a new baseline strategy will emerge industrywide.

By David Jones • Sept. 19, 2022

‘Shift-left’ software strategy challenged by security and compliance

Developer burnout and supply chain concerns mount as companies push to begin software testing early in the development process.

By Matt Ashare • Sept. 15, 2022

Security vendor consolidation a priority for majority of organizations worldwide

More organizations want to reduce the complexity of their security stacks, Gartner reserach shows.

By David Jones • Sept. 14, 2022

The metaverse joins the list of enterprise IT maybes

Securing, operationalizing and defining the metaverse are three challenges to wide adoption. Inventing the metaverse is another. 

By Matt Ashare • Sept. 9, 2022

CISA Director: Tech industry should infuse security at product design stage

Agency director Jen Easterly outlined a push for faster incident reporting and closer industry collaboration.

By David Jones • Sept. 9, 2022

Highest-paid IT certifications show the clout of data skills

Cyber and cloud remain high on the list of top-paying credentials, but ROI for data certifications reflects increased need for data engineers, scientists and analysts.

By Matt Ashare • Sept. 9, 2022

Most organizations remain unprepared for ransomware attacks

Too many organizations are failing to meet cybersecurity demands. Ransomware attacks abound and humans are still the weakest link.

By Matt Kapko • Sept. 7, 2022

SaaS sprawl amps up security challenges amid heightened risk

Two-thirds of businesses say they're spending more on SaaS applications year over year, Axonius data shows.

By Roberto Torres • Aug. 31, 2022

Slack enhances platform security amid rapid expansion and heightened risk

The enterprise messaging platform has faced increased customer concerns about security and privacy.

By David Jones • Aug. 31, 2022

Changing cyber insurance guidance from Lloyd’s reflects a market in turmoil

Rising ransomware attacks and higher payout demands have battered the insurance industry, leaving many organizations exposed and vulnerable. 

By David Jones • Aug. 31, 2022

Cybersecurity spending strategies in uncertain economic times

The need for strong cybersecurity programs doesn’t make it immune to cuts.

By Sue Poremba • Aug. 26, 2022