Security hampers enterprise cloud adoption: report

Multicloud adds complexity as IT security teams struggle with alert fatigue.

By David Jones • Feb. 23, 2022

Critical SAP vulnerabilities leave broad exposure, fixes require downtime

Thousands of systems remain vulnerable, including applications not connected to the public internet. 

By David Jones • Feb. 17, 2022

Critical SAP vulnerabilities spur CISA, researcher pleas for urgent patching

Onapsis security researchers warn attackers could take full control of systems to steal data, disrupt critical business functions and launch ransomware.

By David Jones • Feb. 10, 2022

Security strategies evolve while spending flatlines

Organizations want more bang for their buck, which can mean eschewing single-use products. 

By Brian Eastwood • Feb. 9, 2022

Cyberthreat trends to watch in 2022

Cybercriminals are finding ways to manipulate corporate data, and for that problem, there really is no end in sight.

By Sue Poremba • Jan. 31, 2022

How Log4j is shaping enterprise security strategies

Federal officials warned companies of the long-term implications of Log4j. Leaders are taking internal steps to keep threat actors at bay.

By Roberto Torres • Jan. 27, 2022

CIO involvement in security grows as CEOs target risk reduction

An IDG survey found security improvements are driving IT budget increases. 

By Samantha Schwartz • Jan. 27, 2022

Careless employees behind the majority of insider threat incidents: report

As companies come to terms with the semi-permanence of mass remote work, insider cybersecurity threats continue to rise — and it's partially due to employee apathy. 

By Samantha Schwartz • Jan. 25, 2022

Using portions of open source in software development threatens app security

While companies employ safeguards to detect flaws in applications, the likelihood of organizations running a complete database of all the places a vulnerability lives is slim.

By Samantha Schwartz • Jan. 20, 2022

Google Drive, OneDrive top cloud apps for malware delivery: report

Google Drive replaced Microsoft OneDrive as the app with most malware downloads in 2021, accounting for more than one-third of malware downloads.

By Samantha Schwartz • Jan. 12, 2022

Phishing lures await in Google Docs comments

Email addresses are hidden when someone mentions a user in a comment, so the human instinct to question the legitimacy of the notification decreases. 

By Samantha Schwartz • Jan. 10, 2022

C-suite leaders confident in ransomware protections, despite more attacks

The increase in confidence may come from improved communication between business leaders and security teams, according to (ISC)².

By Samantha Schwartz • Jan. 5, 2022

Log4j threats expected to play out well into 2022

As industry returns from the holiday break, organizations are assessing potential security threats from Log4j, ranging from coin miners to hands-on-keyboard attacks.

By David Jones • Jan. 4, 2022

Organizations still downloading vulnerable Log4j versions

Log4j vulnerabilities impacted more than 17,000 Java packages, representing about 4% of the ecosystem, researchers found.

By David Jones • Dec. 22, 2021

5 trends businesses to consider when planning 2022 cybersecurity budgets

Read more from Kaspersky's Vice President of Corporate Business on 2022 cybersecurity budget trends.

By Evgeniya Naumova, Executive VP, Corporate Business at Kaspersky • Dec. 20, 2021

Log4j: What we know (and what's yet to come)

The vulnerability has upended federal officials and the infosec industry, putting hundreds of millions of devices and systems at risk. 

By David Jones • Dec. 17, 2021

Security teams prepare for the years-long threat Log4j poses

Industry is still investigating the full extent of the vulnerability, which limits the actions security teams can immediately take. 

By Samantha Schwartz • Dec. 16, 2021

Log4j threat expands as second vulnerability emerges and nation states pounce

Early-stage ransomware attempts are underway, and federal officials are urging organizations to protect IT systems.

By David Jones • Dec. 15, 2021

Log4j under siege, millions of devices vulnerable

Technology firms are scrambling to investigate and patch their systems amid reports of more than 800,000 attempted attacks.

By David Jones • Dec. 14, 2021

Is the security of legacy IT providers prompting a confidence crisis?

Research commissioned by CrowdStrike found security professionals are losing confidence in providers like Microsoft amid the rise in supply chain attacks. Microsoft has thoughts. 

By David Jones • Dec. 8, 2021

More research connects security burnout with business risk

One in three 1Password respondents said burnout adds to a decline in initiative and motivation, which also reduces compliance with security protocols.

By Samantha Schwartz • Dec. 7, 2021

The 5 risks of sharing data with partners

Selecting a provider that focuses on privacy will help you build trust with data governance stakeholders.

By Davis Wilkinson, Senior Product Manager, LiveRamp Privacy Tech Solutions • Dec. 6, 2021

The death of non-competes and how to protect an IP

Non-competes don't stop IP theft, but this new approach to data protection will.

Dec. 6, 2021

Marriott is still covering — and recovering — expenses from its 2018 data breach

The hotel has seen an increase in renewal costs for its cyber insurance "over the last several years," the company said. 

By Samantha Schwartz • Dec. 3, 2021

Security disconnect: Why the CISO role is evolving

CISOs are too focused on security operations, writing policies or vendor management. But their time is better spent on business strategy.

By Samantha Schwartz • Nov. 29, 2021