GDPR strikes again: Marriott International faces $124M fine

The ICO stated that Marriott's data breach was a result of a failure to "undertake sufficient due diligence when it bought Starwood and should have done more to secure its systems." 

By Samantha Schwartz • July 9, 2019

British Airways slammed with record, 'unexpectedly stiff' GDPR fine

Though British Airways cooperated with the ICO in the aftermath of the breach, it didn't insulate the company from penalties.

By Samantha Schwartz • July 9, 2019

Cloudflare outage highlights the internet's fragility

"Our network operates as an extension of our customers' networks," said Cloudflare CTO John Graham-Cumming. If "we're down, they're down."

By Samantha Schwartz • July 3, 2019

4 years of CIO Dive: All the trends we watched

Obsessive focus on digital transformation and next-generation technology is ubiquitous across sectors. And the CIO influence has grown.

By Naomi Eide • July 3, 2019

How to lower your cyber exposure over the holiday weekend

On-the-go employees getting some work done over the Fourth of July weekend are moving targets. But there are tools and practices that can help reduce risk.

By Roberto Torres • July 3, 2019

Cloudflare's outage sends quake through global internet

The internet is comprised of a network of networks, which creates intimate interconnectedness. When one provider goes down, a domino effect begins.

By Samantha Schwartz • July 2, 2019

Ransomware: Why it's sometimes OK to pay up

"It's really a straightforward math problem," said Josh Zelonis, senior analyst at Forrester.

By Samantha Schwartz • July 1, 2019

American Express wields 'stick' to enforce phishing prevention program

The company added consequences to its phishing training program, creating a corporate culture buzzing about security. 

By Naomi Eide • June 26, 2019

Cybersecurity issues bog down half of M&A deals

Seven in 10 decision makers say data breaches are an immediate deal-breaker when evaluating mergers or acquisitions.

By Roberto Torres • June 24, 2019

Cyberattacks hit financial services 300 times more than other sectors

Even with persistent threats, financial firms fail to prepare and respond to attacks, according to Boston Consulting Group.

By Naomi Eide • June 21, 2019

How BMO Financial Group shapes its security strategy

Two years ago BMO Financial Group instituted a security strategy centered around business value, industry benchmarking, compliance and threat management, said CISO Aman Raheja.

By Naomi Eide • June 20, 2019

New breed of security vendor spells trouble for pure play firms

Cloud service providers are taking security market control from third parties. The key for keeping an edge in the market is having multicloud offerings and on-prem integrations.

By Naomi Eide • June 19, 2019

'Fear, uncertainty and doubt' in the security labor market

The struggle to hire security professionals is influenced by narrow job descriptions and lack of role standardization.

By Naomi Eide • June 18, 2019

A simple message for security teams: Prove the value

New technologies create new risks. New risks put pressure on the security organization. And the security organization, in a competitive threat and talent landscape, is asked to meet demands while proving worth.

By Naomi Eide • June 18, 2019

Microsoft Office 365 packs strong cyber defense features — if set up correctly

The suite of cloud-connected enterprise applications holds up well before, during and after an incident, experts said. But only if the right settings are in place. 

By Roberto Torres • June 17, 2019

Global beer maker hops into cybersecurity

AB InBev set up an internal cybersecurity unit in Israel to stave off any potential attacks, Reuters reports.

By Roberto Torres • June 14, 2019

Top 10 weaknesses found by bug bounty hunters

Companies paid $54 million last year to ethical hackers for detecting digital weak spots before the bad guys did. HackerOne ranked the most frequent vulnerabilities.

By Roberto Torres • June 12, 2019

Beyond the data breach: How retail is addressing cybersecurity

Experts say companies need to implement data protection strategies including training employees across departments and vetting third-party partners.

By Tatiana Walk-Morris • June 11, 2019

Facial recognition tech deemed 'not ready for primetime' in House committee

Members took issue with the technology on Tuesday, while law enforcement and federal government agencies defended its use.

By Chris Teale • June 6, 2019

Checking for vitals: Inside the Quest Diagnostics, LabCorp supply chain breach

The intrusion happened inside the American Medical Collection Agency, but responsibility is shared through its partner ecosystem.

By Samantha Schwartz • June 6, 2019

Phishing campaign puts two-factor authentication at risk, but what are the alternatives?

Even though the phishing campaign can sidestep 2FA, the security protocol is better than using only usernames and passwords.

By Samantha Schwartz • June 6, 2019

LabCorp says 7.7M patients exposed in same data breach as Quest Diagnostics

One of LabCorp's billing collections vendors experienced unauthorized activity on its web payment page between Aug. 1 and March 30.

By Samantha Schwartz , David Lim • June 5, 2019

NSA, Microsoft issue BlueKeep vulnerability warnings, call for 'all hands on deck'

Microsoft is "confident" an exploit exists for BlueKeep, a vulnerability in the Remote Desktop Protocol of older versions of Windows.

By Samantha Schwartz • June 5, 2019

11.9M Quest Diagnostics patients potentially exposed to data breach

Financial, medical and other personal information, such as Social Security numbers, may have been exposed, the company reported Monday morning.

By Samantha Schwartz , David Lim • June 3, 2019

WannaCry exploits healthcare companies with older, unmanaged devices that are difficult to patch

WannaCry is very much a threat, according to cybersecurity firm Armis. About 40% of healthcare delivery organizations have experienced at least one WannaCry attack in the last six months.

By Shannon Muchmore • May 31, 2019