Security: Page 2
-
Treasury threatens fines for ransomware payments
The math problem organizations were solving for — does recovery cost less than the ransom — must now factor in an unknown quantity: fines.
By Samantha Schwartz • Oct. 02, 2020 -
Slack picks Reddit alum as chief security officer
The company named its first CSO Geoff Belknap in 2016, but Larkin Ryder has been serving as Slack's interim CSO since Belknap departed in 2019.
By Samantha Schwartz • Oct. 01, 2020 -
Explore the Trendline➔
Yujin Kim/CIO DiveTrendlineCybersecurity
Security strategies benefit from nimbleness as companies respond to a pandemic, a boundless perimeter and questions about supply chain trust.
By CIO Dive staff -
Major ocean carrier suspects malware attack led to data breach
CMA CGM said its back offices are being reconnected to the network, which will improve bookings and document processing time.
By Matt Leonard • UPDATED: Sept. 30, 2020 at 11:09 a.m. -
Security experts overlook attacker-favored credential stuffing
With an endless cycle of breaches, hackers have a large pool of exposed credentials to throw at websites, increasing their probability of success.
By Samantha Schwartz • Sept. 30, 2020 -
UHS hit with ransomware attack, working to restore IT operations
The for-profit owner of around 400 hospitals is struggling to contain the ripple effects of a cyberattack that locked it out of computer and phone systems.
By Rebecca Pifer • Sept. 29, 2020 -
How global companies factor their supply chain into data protection, privacy
International Paper purposefully duplicates technologies to comply with international laws, from one vendor to another.
By Samantha Schwartz • Sept. 25, 2020 -
'Rogue' employees caused Shopify's data breach. What makes an insider a threat?
Coinciding crises are contributing to "a perfect storm for malicious insiders," Forrester's Joseph Blankenship says.
By Samantha Schwartz • Sept. 24, 2020 -
How to negotiate software costs as IT budgets are slashed
If vendors can't provide a degree of flexibility, abandon the deal, according to Paul McKay, senior analyst at Forrester.
By Samantha Schwartz • Sept. 23, 2020 -
6 types of CISO and the companies they thrive in
Jeff Pollard, VP and principal analyst at Forrester, wants CISOs to discover the type of leader they are — transformational, tactical, steady — and run with it.
By Samantha Schwartz • Sept. 22, 2020 -
How cloud threat protection takes on shadow IT
Cloud access security broker capabilities — discovery, data loss prevention, threat protection, encryption, logging — should sit between every kind of app a company houses.
By Samantha Schwartz • Sept. 21, 2020 -
What security needs to know before diving into SaaS contracts
If employees don't engage with security red flags, the agreement fails to address the underlying issue: an application outside of a company's risk appetite.
By Samantha Schwartz • Sept. 18, 2020 -
Data doesn't speak for itself: 4 benefits of giving security metrics context
When presenting security metrics and data to non-technical stakeholders, security leaders' messaging could get lost in translation.
By Samantha Schwartz • Sept. 17, 2020 -
Security pushes DevOps to breaking point
The future of DevOps is "going to break application security," said Dale Gardner, research director at Gartner.
By Samantha Schwartz • Sept. 16, 2020 -
Rangel, David. [photograph]. Retrieved from https://unsplash.com/photos/4m7gmLNr3M0.
Gartner: 10 key security projects through 2021
As companies adapt to changes in March and what's anticipated for the next 12 months, Brian Reed, senior director analyst at Gartner, wants the focus on projects, not programs.
By Samantha Schwartz • Sept. 15, 2020 -
How a government security framework reduces third-party risks
The DOD says its contractor network includes upwards of 300,000 companies, and conducting an audit of all of them couldn't be done. This logjam helped create the Cybersecurity Maturity Model Certification Accreditation Body.
By Samantha Schwartz • Sept. 14, 2020 -
Targeted cyberattacks on telehealth vendors skyrocketed along with adoption, report finds
Telehealth vendor security alerts jumped 30% during COVID-19 compared to pre-pandemic levels, analysis from SecurityScorecard and DarkOwl found.
By Rebecca Pifer • Sept. 11, 2020 -
Zero trust is widely praised. What's the adoption hangup?
The framework has a steep learning curve and requires modern technology, a Deloitte expert said.
By Samantha Schwartz • Sept. 10, 2020 -
From VPNs to zero trust, coronavirus shaped security priorities
While there are differences in security priorities pre-pandemic, a lot of hurdles were related to scale.
By Samantha Schwartz • Sept. 09, 2020 -
How last week's outages, DDoS attacks impacted internet infrastructure
The outages highlight two areas of concern: cyberattacks in the age of COVID-19 and the internet's longstanding fragility.
By Samantha Schwartz • UPDATED: Sept. 9, 2020 at 11:17 a.m. -
Retrieved from Pixabay.
Cloud shared responsibility models are misunderstood, report says
Any disconnect between where a CSP's security services end and the customer's security responsibilities pick up is a recipe for disaster.
By Samantha Schwartz • Sept. 03, 2020 -
Sponsored by Bridgecrew
Comprehensive DevSecOps includes securing cloud infrastructure
Teams often overlook emerging security risks. Fortunately, new tools can help find and proactively mitigate those risks before they lead to data breaches.
-
Top network services companies leave exposed to the internet
Gaps in security programs, including a lack of personnel, expertise or resources, amplify the risk of an unsafe service going undetected.
By Samantha Schwartz • Sept. 02, 2020 -
Ransomware attacks 'raising the bar' as cities struggle to respond
A former FBI special agent in New York walked through a typical ransomware attack with a series of redacted screenshots, as well as the report.
By Chris Teale • Aug. 31, 2020 -
First half of 2020 led to nearly 800 disclosed vulnerabilities: report
Microsoft's Patch Tuesday increased to an average of 102.7 fixes a month since January, according to a report from Trend Micro.
By Samantha Schwartz • Aug. 28, 2020 -
Risk leaders prepare for technology challenges of reentry
As new conditions unravel, integrating risk management will make sure the processes developed in lockdown are as sustainable as the country emerges from COVID-19.
By Samantha Schwartz • Aug. 27, 2020