Security: Page 2

It took 2 years for federal agencies to meet a 45-day cybersecurity directive

The September 2016 directive was in response to flaws impacting firewalls, Cisco Adaptive Security Appliance and Cisco ROM Monitor Integrity.

By Samantha Ann Schwartz • Feb. 06, 2020

Insecure cloud coding templates run rampant, research finds

To maintain a template's "integrity" or prevent outside manipulation, organizations can use role-based access controls and version controls.

By Samantha Ann Schwartz • Feb. 05, 2020

An expired Microsoft security certificate took down Teams

To restore service after a certificate expires, companies have to find where the credentials are stored, update all of them and reset applications if necessary. 

By Samantha Ann Schwartz • Feb. 04, 2020

Organizations only protect 60% of their business ecosystem, Accenture finds

Bad actors find holes in data aggregators, brokers, contractors or other service providers that sit between customers and the companies they do business with.

By Samantha Ann Schwartz • Feb. 03, 2020

For zero trust to work, machines and humans require identities

The security method challenges traditional notions of identity management because it includes people, devices and machines.

By Samantha Ann Schwartz • Jan. 30, 2020

Cyber insurance policies evolving to meet emerging risks — and premiums reflect it

Insurers are revamping how they underwrite policies, which could make them less forgiving of a client's cybersecurity hygiene.  

By Samantha Ann Schwartz • Jan. 28, 2020

Misconfigured Microsoft database exposes 250M customers' information

While personally identifiable information was largely redacted, tech support scams could befall impacted customers. 

By Samantha Ann Schwartz • Jan. 23, 2020

Chipotle, Target CISOs: Repurpose talent for cyber

"I'm as likely to hire somebody with an economics degree as I am with computer science. Economics is about finding patterns in the data," said Dave Estlick, CISO of Chipotle.

By Samantha Ann Schwartz • Jan. 22, 2020

To fend off attacks, CISOs share threat information. Even with competitors

Target's CISO is a member of a Twin Cities-based group of CISOs formed to outline threats companies see.

By Samantha Ann Schwartz • Jan. 21, 2020

Less than 2 years in, GDPR fines hit $126M

Google's $50 million fine for "intentional" data misuse remains the highest penalty to date.

By Samantha Ann Schwartz • Jan. 21, 2020

More cyberattacks tied to geopolitical conflict, businesses caught in the crosshairs

Companies saw an increase in cyberattacks attributed to foreign governments, a Radware study found. The report comes amid news nation-state hackers breached two U.S. municipalities in 2019.

By Samantha Ann Schwartz • Jan. 17, 2020

Board members find cybersecurity risk an existential threat

As cyberthreats rise, board members want to be involved in an issue they say requires more than operational decisions enacted by IT management.

By Roberto Torres • Jan. 16, 2020

Security is key for retailers. But it can't stand in the way of efficiency, CIO says

When overhauling the furniture retailer's connectivity solutions, Rent-A-Center's Mike Santimaw had to shift the security-focused model of the business.

By Samantha Ann Schwartz • Jan. 14, 2020

CIO Dive's business technology predictions for 2020

In 2020, CIOs will spend their days using data to maximize the efficiency of their workforce, as cyberattacks and fierce competition loom large.

By Samantha Ann Schwartz , Roberto Torres , Naomi Eide • Jan. 13, 2020

25 business technology trends for 2020

As tech leaders plan for 2020 and beyond, keep a close eye on interoperability and making technology purchasing decisions that can remain flexible in the long-term. 

Is the US private sector prepared for cyber aggression from Iran? Legislators say no

Industry has struggled with open lines of communication during a cyber crisis, and the federal government navigates a tenuous balance with information sharing.

By Samantha Ann Schwartz • Jan. 09, 2020

A company is suing its hackers — it doesn't know who they are

In a search for redress, cable manufacturer Southwire filed a civil suit against "John Doe," the yet-to-be identified operators behind a ransomware attack. 

By Samantha Ann Schwartz • Jan. 07, 2020

DHS warns of retaliation from Iran, potential cyberattacks

Iranian threat actors could already be "lying dormant" in U.S. computer networks, according to a former CIA officer.

By Samantha Ann Schwartz • Jan. 07, 2020

5 cybersecurity trends for 2020

With industry-known strains morphing into new killers and regulators dutifully watching for errors, companies are leaning on their infosec teams more than ever.

By Samantha Ann Schwartz • Jan. 06, 2020

Forrester: To stay secure, employers must balance insider threat protection and employee rights

Ethical challenges may require HR's involvement, but research found most HR professionals aren't serious enough about the topic. 

By Valerie Bolden-Barrett , Samantha Ann Schwartz • Jan. 06, 2020

CIO Dive's Top News of 2019

The world of business technology is nonstop and the Top News of 2019 honors the constant churn.

62% of breached data came from financial services in 2019

In financial services, an average breach costs $210 per record, while a "mega breach," like Capital One's, can cost up to $388 per record.

By Samantha Ann Schwartz • Dec. 23, 2019

Macy's data breach caused by a customized Magecart attack, research finds

Digital skimmers have been around for years, but a new type of point-of-sale attack is tailored for the target. 

By Samantha Ann Schwartz • Dec. 20, 2019

Kaspersky: IT security budgets fell in 2019

IT security budgets dropped by an average of $77,628 from 2018 to 2019.

By Samantha Ann Schwartz • Dec. 19, 2019

G Suite to cut off access to 'non-Google' apps by 2021 to protect account data

Third-party less secure apps include applications with access to a G Suite account's calendar, contacts, and email "via protocols such as CalDAV, CardDav and IMAP."

By Samantha Ann Schwartz • Dec. 17, 2019