Everyone wants to be more secure —​ as long as it isn't an inconvenience

Apply that logic for CIOs and IT leaders, except the stumbling block revolves around revenue, or a lack thereof. 

By Marc Mazur • March 19, 2020

2 cybersecurity considerations for a remote workforce

Companies that already have remote workers — whether a handful or a few thousand — know the associated risks.

By Samantha Schwartz • March 19, 2020

HHS suffers cyberattack as US deals with coronavirus response

The intent of the attack was to slow systems, though it was unsuccessful "in a meaningful way," according to the Bloomberg report.

By Samantha Schwartz • Updated March 16, 2020

Commission put out a 200-page guide for US cybersecurity: Here are 3 takeaways

The Cyberspace Solarium Commission spent a year analyzing how industry and government could work together to enhance cybersecurity. Will it make a difference?

By Samantha Schwartz • March 12, 2020

Banks engage in self-hacks to keep defenses sharp

Enlisting teams of hackers to look for vulnerabilities helps banks take their security efforts beyond scanning software.

By Robert Freedman • March 11, 2020

Why the government says industry can't wait for a single cyber catastrophe

In its forthcoming report, the Cyberspace Solarium Commission consulted with the private sector to prioritize critical infrastructure in anticipation of a cyber Pearl Harbor.

By Samantha Schwartz • March 10, 2020

Fragmented security patches prevailing issue for CIOs

Flaws force inventory management and security to meet at a crossroads. Inventory management is the foundation for maintaining security hygiene and without it, companies could prolong risk.

By Samantha Schwartz • March 6, 2020

Confidence in breach response low as privacy fines sink into companies

On average, organizations experienced seven breaches that required reporting under GDPR, according to research from Ponemon Institute and Experian. 

By Samantha Schwartz • March 4, 2020

Boeing, Tesla manufacturer breached after ransomware attack

A ransomware attack hit Visser Precision, resulting in a breach of non-disclosure agreements and proprietary data, according to Brett Callow, threat analyst at Emsisoft.

By Samantha Schwartz • March 2, 2020

CISOs who leave after 2 years may not finish what they start

"Unless you sit in a role for an extended period of time, you don't know that the next transition is coming," said Dave Estlick, CISO of Chipotle.

By Samantha Schwartz • Feb. 27, 2020

Internal actors account for 30% of cyberattacks in manufacturing

Proper network segmentation can minimize the threat from internal actors by limiting access to applications or databases to specific employees. 

By Matt Leonard • Feb. 26, 2020

How 4 CISOs handle stress on the job

Nearly 90% of CISOs say they are under moderate or high stress, according to a Nominet survey. 

By Samantha Schwartz • Feb. 25, 2020

What 13 RSA Conference attendees want to know

"On the commercial side, the old guard will be under a lot of pressure and challenges from up-and-coming unicorns," said Zvi Guterman, founder and CEO of CloudShare, on the heels of RSA's sale. 

By Samantha Schwartz • Feb. 24, 2020

MGM Resorts breach opens door for California privacy penalties

The hospitality and entertainment company said it is "confident" no financial information was involved in the incident.

By Samantha Schwartz • Feb. 20, 2020

96% of insurers bundle cyber into commercial offerings, report finds

Cyber premiums accounted for less than 1% of the U.S. property and casualty industry in 2018, according to CB Insights. 

By Samantha Schwartz • Feb. 19, 2020

Dell Technologies sells RSA Security for $2.1B

Dell Technologies is finding its way. In a five-year period, the company went public to private and then back to public.​

By Samantha Schwartz • Feb. 18, 2020

How data science tools can lighten the load for cybersecurity teams

Inside security operations centers, data science can help identify attack patterns and increase the chances of detecting threats before it's too late.

By Roberto Torres • Feb. 18, 2020

Why 67% of companies fear they can't sustain privacy compliance

True privacy depends on where and how data travels. 

By Samantha Schwartz • Feb. 12, 2020

4 Chinese military members charged in Equifax hack

The attackers routed traffic through 34 servers in nearly 20 countries to mask their true location, the Justice Department said Monday.

By Dan Ennis , Samantha Schwartz • Feb. 10, 2020

Security professional calls for 'kumbaya' approach to information sharing across sectors

If the leader — in this case, DHS — is alone in the ability to identify and sound the alarm about risk, companies have to wait until an employee or an audit finds it.

By Samantha Schwartz • Feb. 10, 2020

It took 2 years for federal agencies to meet a 45-day cybersecurity directive

The September 2016 directive was in response to flaws impacting firewalls, Cisco Adaptive Security Appliance and Cisco ROM Monitor Integrity.

By Samantha Schwartz • Feb. 6, 2020

Insecure cloud coding templates run rampant, research finds

To maintain a template's "integrity" or prevent outside manipulation, organizations can use role-based access controls and version controls.

By Samantha Schwartz • Feb. 5, 2020

An expired Microsoft security certificate took down Teams

To restore service after a certificate expires, companies have to find where the credentials are stored, update all of them and reset applications if necessary. 

By Samantha Schwartz • Feb. 4, 2020

Organizations only protect 60% of their business ecosystem, Accenture finds

Bad actors find holes in data aggregators, brokers, contractors or other service providers that sit between customers and the companies they do business with.

By Samantha Schwartz • Feb. 3, 2020

For zero trust to work, machines and humans require identities

The security method challenges traditional notions of identity management because it includes people, devices and machines.

By Samantha Schwartz • Jan. 30, 2020