HackerOne's breach highlights security business partner risk

No malicious intent or activity was found and copies of the data were deleted after a HackerOne community member disclosed a vulnerability. 

By Samantha Schwartz • Dec. 5, 2019

58% of companies fail to meet GDPR's data request deadlines

By comparison, 70% of companies last year didn't meet requests on time, according to Talend.

By Samantha Schwartz • Dec. 4, 2019

Enterprise neglect leaves Black Friday cybersecurity responsibility to customers

Cybercriminals feed on shoppers with weak personal cyber hygiene. Have companies done enough to protect customers?

By Samantha Schwartz • Nov. 27, 2019

Maersk CISO on NotPetya recovery, workforce harmony and what makes a security chief

The shipping giant tapped Andy Powell a year after it was hit by NotPetya. In the 18 months since, Powell increased its security organization from 28 people to about 150. 

By Samantha Schwartz • Nov. 22, 2019

Microsoft heightens privacy obligations with updates to cloud contracts

The changes under GDPR will roll out globally to Microsoft customers, in keeping with a company trend of expanding privacy regulations beyond their scope.

By Roberto Torres • Nov. 18, 2019

'Golden bullet' clauses protect CISOs after a breach

A financial cushion will not shield an executive from public scrutiny, but it can alleviate the burden of blame.

By Samantha Schwartz • Nov. 18, 2019

Capital One removes CISO from role following breach

Michael Johnson will remain at Capital One as an advisor, focused on the bank's ongoing response to the data breach. The bank is conducting an external search for a new CISO. 

By Samantha Schwartz • Nov. 7, 2019

0% unemployment rate and 5 other numbers you need to know about cybersecurity

For professionals considering a job in cybersecurity, the outlook is promising.

By Samantha Schwartz • Nov. 7, 2019

5 questions with Cisco's CISO

Steve Martino is tasked with leading Cisco's security strategy, navigating risk in an environment where threats are ever-present and human error is assured. 

By Naomi Eide • Nov. 7, 2019

Don't do the obvious after a ransomware attack, do remain paranoid

Nearly one-third of adults chose to restart their computers in response to a ransomware attack, according to a Stanford survey, a potentially devastating mistake.  

By Samantha Schwartz • Nov. 6, 2019

Gartner's strategic tech trends for 2020: Part 2, computing moves to the edge

AI-based systems are becoming smarter, giving rise to autonomy. Hardware is shrinking, pushing computing to the edge. And the ever-hyped blockchain is finding "practical" applications.

By Naomi Eide • Nov. 5, 2019

How to keep IT security team ahead of alert fatigue

With e-commerce and cybercrime growing exponentially, alert fatigue has seeped into the digital realm. It's the electronic equivalent of the boy who cried wolf, and it's taking a toll.

By Samuel Bocetta • Nov. 4, 2019

Cybersecurity tricks and treats to protect your business

For CISOs and security professionals, it’s always spooky season. There is nothing make-believe about their arch-enemies —​ cybercriminals — who lurk tirelessly in the shadowy background.

By Edgardo Artusi • Oct. 31, 2019

What industry gets wrong about cyber insurance

Despite common perception, recovery from a cyber event — such as paying a ransom — cannot be decided by a carrier.

By Samantha Schwartz • Oct. 31, 2019

Zappos bucks cash payouts, proposes 10% discount as breach settlement

Impacted customers received emails this week entitling them to a one-time, 10% discount through the end of the year following the 2012 data breach.

By Samantha Schwartz • Oct. 18, 2019

The forgotten ones: Ransomware preys on the resource-poor

When Brookside Medical Center was hit with ransomware, it refused to pay. The practice was forced to shutter. 

By Samantha Schwartz • Oct. 17, 2019

Bracing for 'holy crap,' zero-day exploits

If malicious code is written with "purpose," any computer can run it.

By Samantha Schwartz • Oct. 15, 2019

3 things CIOs should discuss with the CEO to optimize cybersecurity

As a business partner, the CIO must provide solutions to cybersecurity concerns and become a champion for working collaboratively with the business.

By Aaron Shum • Oct. 14, 2019

Are retailers doomed for more outages this holiday season?

J. Crew, Lowe's and Walmart experienced tech glitches or crashes last Black Friday. Experts weigh in on how companies can prevent a repeat this year.

By Caroline Jansen • Oct. 7, 2019

63% of new hires bring data from old employers. What's the risk?

To get a leg up when starting a new job some employees bring data from past roles. While enterprising, it threatens business reputation and poses legal, security and financial risks. 

By Samantha Schwartz • Oct. 3, 2019

Zero trust 101 and the art of healthy skepticism

Where Kubernetes, multifactor authentication and default suspicion intersect.

By Samantha Schwartz • Oct. 1, 2019

Success in DevOps adoption can boost security, research finds

Puppet research found companies that integrate security into the software development lifecycle are "twice as confident in their security posture."

By Naomi Eide • Oct. 1, 2019

Shift to digital business is booming, but are CEOs ignoring associated risk?

Risk that exists beyond a company's core network and into the cloud is "stuff that CEOs really do not understand," said John Wheeler, senior director analyst at Gartner.

By Samantha Schwartz • Sept. 27, 2019

DoorDash data breach impacts 4.9M people

Customers, delivery workers and merchants had names, email and delivery addresses, order history, phone numbers and passwords stolen in the May 4 breach, the company confirmed this week.

By Alicia Kelso • Sept. 27, 2019

Fidelity Investments​ translates risk scenarios for the C-suite

One of the most important pieces of risk management is having a more strategic presentation. Take it to the people who facilitate change.

By Samantha Schwartz • Sept. 26, 2019