America's in a cyberwar and 'I am not convinced we're winning,' former House intel chair says

There's a machine learning arms race taking place between system defenders and hackers, and the advantage boils down to who has the most training data.

By Alex Hickey • July 23, 2018

Call the exterminator: Awards for bug bounties up 33%

Unlike hackers, technology can only do so much, and most security scanners cannot find a flaw it doesn't already know exists.

By Samantha Schwartz • July 12, 2018

Explore the Trendline➔

IT Security

Executives are working to improve the security posture of their businesses, a task that requires cross-function collaboration.

By CIO Dive staff

Making cybersecurity work, one state at a time, starting with Virginia

State officials need to ensure that businesses know what supply chains, and thereby threat networks, they are a part of.

By Alex Hickey • July 11, 2018

Group behind Ticketmaster breach hit 800 companies in global credit card skimming campaign

Magecart transitioned from hacking websites directly to hacking components from suppliers.

By Samantha Schwartz • July 11, 2018

With tech IPOs returning 61%, Tenable throws its name in the ring

In another strong performance by an enterprise tech company in the market, Tenable began publicly trading Thursday and closed the day up 31.5%. 

By Alex Hickey • Updated July 27, 2018

It is unrealistic for website developers to manage the volume of malware created daily

On average, organizations face about 50 cyberattacks a day, an increase of 14% from Q4 2017, according to a SiteLock report.

By Samantha Schwartz • June 28, 2018

Hackers 'dumb down' DDoS attacks, spurring rise in the last year

Attackers are learning to adapt to mitigations on the fly and that makes dealing with attacks more difficult. 

By Samantha Schwartz • June 27, 2018

Beyond a morbid nod, cyberattack anniversaries are good for their lessons

Five takeaways from cybersecurity experts a year after NotPetya.

By Samantha Schwartz • June 27, 2018

After NotPetya, FedEx invests in security and flexible IT

How companies choose to embrace technology after a cyberattack speaks to their acceptance of digital transformation. 

By Samantha Schwartz • June 26, 2018

What is WPA3 and why should businesses care?

The Wi-Fi protection protocol includes improved network resiliency, protective management frames for critical workloads and 192-bit cryptographic strength.

By Alex Hickey • June 26, 2018

AI, blockchain top this season's companies to watch hot list

Both domains are surrounded by more hype than meaningful application, but early innovators are setting the standards and roadmap for the technologies.

By Alex Hickey • June 14, 2018

'Cattle-not-pet' system management could have prevented Atlanta's ransomware attack

By managing systems "like cattle, not pets," IT can just eliminate what is threatening the rest of the system or "herd."

By Samantha Schwartz • June 8, 2018

Why DevOps is the answer to reducing security flaws and risk

Companies inherently reduce risk by making smaller changes at once, said Mark Nunnikhoven, VP of cloud research for Trend Micro.

By Naomi Eide • June 7, 2018

To suss out hacking, hire people who think like hackers, say security experts

Hackers exploiting how humans "orient" themselves are likely to achieve their objective, so a change in the security culture alone is not enough.

By Samantha Schwartz • June 7, 2018

Cybersecurity vendors put money where their mouth is with $1M warranties

Like a car manufacturer that has to recall a faulty automobile, cyber warranty programs move the onus of responsibility to vendors. 

By Alex Hickey • June 7, 2018

Sen. Warner to tech industry: 'Work with us'

The U.S. needs a strong relationship between Congress and tech because "if you leave us on our own, we're going to mess it up," said the Virginia democrat.

By Alex Hickey • June 6, 2018

How viable is machine learning for cybersecurity?

Business professionals who have been riding the ML high may be in store for a "hangover" when the trough of disillusionment hits. 

By Alex Hickey • June 5, 2018

How to get MTTR down to zero

Automated tools to reduce Mean Time to Remediation can make cloud infrastructure "self-healing," said Josh Stella, CEO and co-founder of Fugue.

By Samantha Schwartz • June 1, 2018

Federal agencies struggle with identifying cyberattack vectors

Agencies tend to allocate cyberdefense funds for "single point solutions" for "perceived security gaps" instead of the gaps that are already exploitable.

By Samantha Schwartz • June 1, 2018

The right training program could prevent your next data breach

A great cybersecurity learning strategy raises awareness, but it also gives employees tools to recognize and report risks.

By Riia O'Donnell • May 31, 2018

5 experts discuss how they got into cybersecurity

Though security education is becoming more formalized in university settings, many experts find themselves in cybersecurity by chance.

By Naomi Eide • May 31, 2018

Security tactics that won't slow your business down

The threat landscape is ever-changing, and the focus has shifted from keeping the attacker out to "what do we do and how will we know if they are already in?"

By Craig Riddell • May 29, 2018

What Georgia's failed 'hack back' bill says about the future of cybersecurity laws

Legislation proposing a retaliatory cyberattack as a line of defense misses the opportunity to understand how hacks happen and how to prevent them.

By Samantha Schwartz • May 29, 2018

Google and AWS lead in cloud native security

Security and risk professionals are increasingly reliant on the security capabilities built into public cloud offerings, believing it offers better security and price compared to what in-house teams could do on-premise. 

By Alex Hickey • May 24, 2018

Cybersecurity experts agree — expect more ransomware this year

Hackers will always take advantage of human error and poor judgment, so it’s up to security teams to educate line of business employees.

By Samantha Schwartz • May 24, 2018