Clorox CISO departs, CIO to step in, months after cyberattack

The C-suite change comes in the aftermath of a cyberattack that damaged IT infrastructure, led to widespread disruption and negatively impacted earnings. 

By Lindsey Wilkinson • Nov. 16, 2023

CISA targets software identification in push to boost supply chain security

The plan is part of a wider effort to boost software security using vulnerability management and SBOMs.

By David Jones • Oct. 31, 2023

Explore the Trendline➔

Cybersecurity

Security strategies benefit from nimbleness as companies respond to Log4j and other high-profile vulnerabilities, a boundless perimeter and questions about supply chain trust. 

By CIO Dive staff

LastPass working through ‘systemic’ security overhaul

The company is retooling its security infrastructure in the wake of a major cyberattack that impacted customer trust last year.

By Matt Kapko • Oct. 26, 2023

CISA’s top 10 misconfigurations reveal ‘systemic weaknesses’

Poor credential management, lackluster patching and other common security mistakes continue to harm large enterprises.

By Matt Kapko • Oct. 20, 2023

SMBs seek cyber training, support as attack risk surges

Small- and medium-sized businesses deal with higher cyber risks than larger enterprises with more resources, according to Sage analysis.

By David Jones • Oct. 19, 2023

How P&G rolled out its internal generative AI model

Built on OpenAI's API, the solution supports over 35 use cases, CIO Vittorio Cretella said.

By Lindsey Wilkinson • Oct. 18, 2023

Where to invest to close the cybersecurity skills gap

Executives in search of top cybersecurity talent should refine their recruitment processes and company culture.

By Jen A. Miller • Oct. 9, 2023

What to consider when choosing cybersecurity providers

While it might be easier for an organization to build its core cybersecurity system from a single company, that may not always be the right option.

By Sue Poremba • Oct. 6, 2023

AWS kicks off cloud race to mandate MFA by default

The cloud giant will start requiring users with the highest level of privileges to use MFA starting in mid-2024.

By Matt Kapko • Oct. 4, 2023

Cyber investments on pace to reach $215B in 2024: Gartner

The firm expects security services, the industry’s largest segment, to account for 42% of all spending and rise 11% to $90 billion next year.

By Matt Kapko • Oct. 4, 2023

Threats in cloud top list of executive cyber concerns, PwC finds

Lack of tech talent is a contributing factor, as more than 2 in 5 executives grapple with in-house skills gaps.

By Matt Ashare • Oct. 3, 2023

Cloud sprawl frustrates enterprise connectivity

Companies are losing control of IT and security amid a tangle of apps and SaaS tools, according to a Forrester report commissioned by Cloudflare.

By Matt Ashare • Sept. 26, 2023

FBI director urges private sector to work with the agency on cyber threats

Christopher Wray told attendees at Mandiant’s mWISE 2023 private sector assistance contributed to the success of several recent operations.

By David Jones • Sept. 25, 2023

What Cisco learned about Mac vs. PC in the enterprise

A year-long internal trial revealed MacBooks were less vulnerable to cyber threats than PCs, and less expensive over time, according to SVP and CIO Fletcher Previn.

By Matt Ashare • Sept. 21, 2023

Cloud attainable for SMBs as costs come down

AWS sees opportunities for business growth in tech-hungry small and midsize businesses.

By Matt Ashare • Sept. 20, 2023

Compromised credential use jumps 300% in cloud intrusions: IBM

Valid credentials are also a hot commodity in the cybercrime marketplace, accounting for the vast majority of assets for sale on the dark web, IBM found.

By Matt Kapko • Sept. 15, 2023

SEC disclosure rules: What’s the role of the CIO?

The new rules for reporting cybersecurity incidents highlight the CIO's role as a communicator and connector.

By Roberto Torres • Sept. 13, 2023

Cybersecurity investments boost profitability, resilience: White House

Resilience spending will help companies avoid downtime, acting National Cyber Director Kemba Walden said at the Billington Cybersecurity Summit.

By David Jones • Sept. 7, 2023

SEC cyber disclosure rules are taking effect: Here’s what to expect

With enforcement on the horizon, much of the SEC's rules for material disclosures are subject to interpretation.

By Naomi Eide • Sept. 1, 2023

Software industry urged to assume risk on open source security

The Open Source Security Foundation called on commercial and non-commercial organizations that use open source software components to adopt better security practices.

By David Jones • Sept. 1, 2023

Security basics aren’t so basic — they’re hard

Lax security controls cause heavy damages, and security experts warn unmet basic requirements lead, time and again, to data breaches.

By Matt Kapko • Aug. 21, 2023

Hidden revenue: Checkout is the key to conversion in retail

Learn how important the customer checkout experience is in e-commerce.

Aug. 21, 2023

AWS customers’ most common security mistake

All too often organizations are not doing least-privilege work with identity systems, according to AWS’ Mark Ryland.

By Matt Kapko • Aug. 18, 2023

Zoom’s AI terms overhaul set the stage for broader data use scrutiny

The shift to adopt generative AI has created tension between SaaS vendors' data desires and enterprises' security concerns.

By Lindsey Wilkinson • Aug. 16, 2023

SEC cyber rules ignite tension between reputation and security risk

The rules, which take effect Sept. 5, encountered mixed reactions. Some champion board-level accountability. Others say the rules are too big of a lift.

By David Jones • Aug. 16, 2023