Security pushes DevOps to breaking point

The future of DevOps is "going to break application security," said Dale Gardner, research director at Gartner.

By Samantha Schwartz • Sept. 16, 2020

Gartner: 10 key security projects through 2021

As companies adapt to changes in March and what's anticipated for the next 12 months, Brian Reed, senior director analyst at Gartner, wants the focus on projects, not programs.

By Samantha Schwartz • Sept. 15, 2020

How a government security framework reduces third-party risks

The DOD says its contractor network includes upwards of 300,000 companies, and conducting an audit of all of them couldn't be done. This logjam helped create the Cybersecurity Maturity Model Certification Accreditation Body.

By Samantha Schwartz • Sept. 14, 2020

Targeted cyberattacks on telehealth vendors skyrocketed along with adoption, report finds

Telehealth vendor security alerts jumped 30% during COVID-19 compared to pre-pandemic levels, analysis from SecurityScorecard and DarkOwl found.

By Rebecca Pifer • Sept. 11, 2020

Zero trust is widely praised. What's the adoption hangup?

The framework has a steep learning curve and requires modern technology, a Deloitte expert said.

By Samantha Schwartz • Sept. 10, 2020

From VPNs to zero trust, coronavirus shaped security priorities

While there are differences in security priorities pre-pandemic, a lot of hurdles were related to scale.

By Samantha Schwartz • Sept. 9, 2020

How last week's outages, DDoS attacks impacted internet infrastructure

The outages highlight two areas of concern: cyberattacks in the age of COVID-19 and the internet's longstanding fragility.

By Samantha Schwartz • Updated Sept. 9, 2020

Cloud shared responsibility models are misunderstood, report says

Any disconnect between where a CSP's security services end and the customer's security responsibilities pick up is a recipe for disaster.

By Samantha Schwartz • Sept. 3, 2020

Comprehensive DevSecOps includes securing cloud infrastructure

Teams often overlook emerging security risks. Fortunately, new tools can help find and proactively mitigate those risks before they lead to data breaches.

Sept. 3, 2020

Top network services companies leave exposed to the internet

Gaps in security programs, including a lack of personnel, expertise or resources, amplify the risk of an unsafe service going undetected.

By Samantha Schwartz • Sept. 2, 2020

Ransomware attacks 'raising the bar' as cities struggle to respond

A former FBI special agent in New York walked through a typical ransomware attack with a series of redacted screenshots, as well as the report.

By Chris Teale • Aug. 31, 2020

First half of 2020 led to nearly 800 disclosed vulnerabilities: report

Microsoft's Patch Tuesday increased to an average of 102.7 fixes a month since January, according to a report from Trend Micro.

By Samantha Schwartz • Aug. 28, 2020

Risk leaders prepare for technology challenges of reentry

As new conditions unravel, integrating risk management will make sure the processes developed in lockdown are as sustainable as the country emerges from COVID-19.

By Samantha Schwartz • Aug. 27, 2020

Understanding Carnival's ransomware attack, hitting two different data types

Last week the cruise line disclosed a ransomware attack that impacted employee and customer data. The security divisions can get murky.

By Samantha Schwartz • Aug. 26, 2020

Sink or swim: Companies adopt tech in effort to stay afloat during pandemic, recession

While new technologies alleviate the burden of rapid adaptation to customer demand, risk is a constant factor.

By Samantha Schwartz • Aug. 25, 2020

Deloitte: Companies turn to cybersecurity, cloud in pandemic response

Executives care about agility and sustaining operations through disruption. Cloud acts as a backbone, while cybersecurity is a fence.

By Roberto Torres • Aug. 24, 2020

Coronavirus tests Ohio State, Stanford CISOs as fall semester begins

CISOs lost visibility when students and staff went home. Since then, they've gained capacity to react faster to security challenges.

By Samantha Schwartz • Aug. 21, 2020

Carnival hit by ransomware, employee and customer data at risk

If the attack is concluded as negligent and a result of insufficient security protocols, the company could face privacy-related fines from employees and customers. 

By Samantha Schwartz • Aug. 19, 2020

Tabletop exercises can exceed $50K, limited to annual testing

With fewer tabletop exercises, organizations cannot perform a variety of cyberattack scenarios and develop "muscle memory" for responses. 

By Samantha Schwartz • Aug. 17, 2020

COVID-19 is shattering cyberattack records

The daily inundation of misinformation, misconceptions and misunderstandings has given cybercriminals an endless buffet of cyber-based ammo to iterate their attacks.

By Samantha Schwartz • Aug. 12, 2020

Capital One to pay $80M penalty over 2019 data breach

In its consent order, the Office of the Comptroller of the Currency said the bank "failed to establish appropriate risk management" and "failed to identify numerous control weaknesses and gaps in the cloud operating environment."

By Anna Hrushka , Samantha Schwartz • Aug. 6, 2020

How confident are security leaders in their ROI?

Business-aligned leaders are nearly five-times more likely to collaborate with stakeholders on cost, performance and risk reductions than more reactive leaders, according to a Tenable report.

By Samantha Schwartz • Aug. 5, 2020

Internet disruptions up 45% since January, ThousandEyes finds

If outages result from massive upticks in traffic, they can ripple through businesses, no matter their connection to the internet or an ISP. 

By Samantha Schwartz • Aug. 4, 2020

Paradigm shift left VPNs, edge security awaiting long-term strategy

Companies are coming to terms with the reality of securing every employee's network. In some cases, they're unable to. 

By Samantha Schwartz • July 30, 2020

Investing in too many cybersecurity tools could hurt defenses

While programs, software and tools are essential to any cybersecurity defense plan, these must work in tandem with security educated employees. 

By Samuel Bocetta • July 30, 2020