Security: Page 2

  • CIO involvement in security grows as CEOs target risk reduction

    An IDG survey found security improvements are driving IT budget increases. 

    By Samantha Schwartz • Jan. 27, 2022
  • Image attribution tooltip
    Sam Wasson via Getty Images

    Careless employees behind the majority of insider threat incidents: report

    As companies come to terms with the semi-permanence of mass remote work, insider cybersecurity threats continue to rise — and it's partially due to employee apathy. 

    By Samantha Schwartz • Jan. 25, 2022
  • Explore the Trendline
    Image attribution tooltip
    Yujin Kim/CIO Dive


    Security strategies benefit from nimbleness as companies respond to a pandemic, a boundless perimeter and questions about supply chain trust. 

    By CIO Dive staff
  • Image attribution tooltip
    iStock / Getty Images Plus via Getty Images

    Using portions of open source in software development threatens app security

    While companies employ safeguards to detect flaws in applications, the likelihood of organizations running a complete database of all the places a vulnerability lives is slim.

    By Samantha Schwartz • Jan. 20, 2022
  • Image attribution tooltip
    da-kuk via Getty Images

    Google Drive, OneDrive top cloud apps for malware delivery: report

    Google Drive replaced Microsoft OneDrive as the app with most malware downloads in 2021, accounting for more than one-third of malware downloads.

    By Samantha Schwartz • Jan. 12, 2022
  • Image attribution tooltip
    rfranca via Getty Images

    Phishing lures await in Google Docs comments

    Email addresses are hidden when someone mentions a user in a comment, so the human instinct to question the legitimacy of the notification decreases. 

    By Samantha Schwartz • Jan. 10, 2022
  • Image attribution tooltip via Getty Images

    C-suite leaders confident in ransomware protections, despite more attacks

    The increase in confidence may come from improved communication between business leaders and security teams, according to (ISC)².

    By Samantha Schwartz • Jan. 5, 2022
  • Image attribution tooltip
    sefa ozel via Getty Images

    Log4j threats expected to play out well into 2022

    As industry returns from the holiday break, organizations are assessing potential security threats from Log4j, ranging from coin miners to hands-on-keyboard attacks.

    By David Jones • Jan. 4, 2022
  • Image attribution tooltip
    iStock / Getty Images Plus via Getty Images

    Organizations still downloading vulnerable Log4j versions

    Log4j vulnerabilities impacted more than 17,000 Java packages, representing about 4% of the ecosystem, researchers found.

    By David Jones • Dec. 22, 2021
  • Image attribution tooltip


    Sponsored by Kaspersky

    5 trends businesses to consider when planning 2022 cybersecurity budgets

    Read more from Kaspersky's Vice President of Corporate Business on 2022 cybersecurity budget trends.

    By Evgeniya Naumova, Executive VP, Corporate Business at Kaspersky • Dec. 20, 2021
  • Image attribution tooltip
    DKosig via Getty Images

    Log4j: What we know (and what's yet to come)

    The vulnerability has upended federal officials and the infosec industry, putting hundreds of millions of devices and systems at risk. 

    By David Jones • Dec. 17, 2021
  • Image attribution tooltip
    South_agency via Getty Images

    Security teams prepare for the years-long threat Log4j poses

    Industry is still investigating the full extent of the vulnerability, which limits the actions security teams can immediately take. 

    By Samantha Schwartz • Dec. 16, 2021
  • Image attribution tooltip
    iStock / Getty Images Plus via Getty Images

    Log4j threat expands as second vulnerability emerges and nation states pounce

    Early-stage ransomware attempts are underway, and federal officials are urging organizations to protect IT systems.

    By David Jones • Dec. 15, 2021
  • Image attribution tooltip
    Photo illustration by Danielle Ternes/CIO Dive; photograph by yucelyilmaz via Getty Images

    Log4j under siege, millions of devices vulnerable

    Technology firms are scrambling to investigate and patch their systems amid reports of more than 800,000 attempted attacks.

    By David Jones • Dec. 14, 2021
  • Image attribution tooltip
    Traitov/iStock/Getty via Getty Images

    Is the security of legacy IT providers prompting a confidence crisis?

    Research commissioned by CrowdStrike found security professionals are losing confidence in providers like Microsoft amid the rise in supply chain attacks. Microsoft has thoughts. 

    By David Jones • Dec. 8, 2021
  • Image attribution tooltip

    Photo by Canva Studio from Pexels

    More research connects security burnout with business risk

    One in three 1Password respondents said burnout adds to a decline in initiative and motivation, which also reduces compliance with security protocols.

    By Samantha Schwartz • Dec. 7, 2021
  • Image attribution tooltip

    AdobeStock / Cronislaw

    Sponsored by LiveRamp

    The 5 risks of sharing data with partners

    Selecting a provider that focuses on privacy will help you build trust with data governance stakeholders.

    By Davis Wilkinson, Senior Product Manager, LiveRamp Privacy Tech Solutions • Dec. 6, 2021
  • Image attribution tooltip

    Adobe Stock, Amnaj Khetsamtip

    Sponsored by Code42

    The death of non-competes and how to protect an IP

    Non-competes don't stop IP theft, but this new approach to data protection will.

    Dec. 6, 2021
  • Image attribution tooltip
    Justin Sullivan via Getty Images

    Marriott is still covering — and recovering — expenses from its 2018 data breach

    The hotel has seen an increase in renewal costs for its cyber insurance "over the last several years," the company said. 

    By Samantha Schwartz • Dec. 3, 2021
  • Image attribution tooltip
    PeopleImages via Getty Images

    Security disconnect: Why the CISO role is evolving

    CISOs are too focused on security operations, writing policies or vendor management. But their time is better spent on business strategy.

    By Samantha Schwartz • Nov. 29, 2021
  • Image attribution tooltip
    vchal via Getty Images

    Enterprises prepare for ransomware threats during Thanksgiving

    Retail, transportation and other sectors are bracing for heightened cyber risks, placing renewed pressure on security operations. 

    By David Jones • Nov. 23, 2021
  • Image attribution tooltip
    Adeline Kon/CIO Dive

    The Water Cooler: How 5 executives disconnect for the holidays

    Fully unplugging during a holiday break can be challenging — and a little scary, given the elevated cybersecurity risk. But it's not impossible.

    By Nov. 19, 2021
  • Image attribution tooltip
    iStock / Getty Images Plus via Getty Images

    What to consider when connecting cyber, business strategy

    The common issue security and business leaders run into is miscommunication, Gartner's Jeffrey Wheatman said. 

    By Samantha Schwartz • Nov. 17, 2021
  • Image attribution tooltip
    iStock / Getty Images Plus via Getty Images

    A year after SolarWinds, third-party risk still threatens the software supply chain

    Using open source or commercially available software for digital transformation has introduced risk into organizations' environments.

    By David Jones • Nov. 12, 2021
  • Image attribution tooltip
    Ian Forsyth / Stringer via Getty Images

    Better security, access policies can combat cloud misconfigurations

    Data disclosures from cloud misconfigurations are often the result of human error — but policies, not users, are to blame.  

    By Brian Eastwood • Nov. 4, 2021
  • Image attribution tooltip
    Spencer Platt via Getty Images

    Corporate boards, C-suites finally prioritize cyber after years of business risk

    Following a surge of supply chain attacks and ransomware over the past year, enterprise leaders are giving cybersecurity the attention it deserves.

    By David Jones • Nov. 3, 2021