Security: Page 4
-
White House considers ban on ransom payments, with caveats
Experts suggest the effort, a reversal from the administration's previous stance, is fraught with complications that could cause unintended consequences.
By Matt Kapko • May 8, 2023 -
How 7 cybersecurity experts manage their passwords
What do CIOs and other cyber experts do to manage credentials? Hint: they don’t reuse passwords.
By Matt Kapko • May 4, 2023 -
Trendline
Cybersecurity
Security strategies benefit from nimbleness as companies respond to Log4j and other high-profile vulnerabilities, a boundless perimeter and questions about supply chain trust.
By CIO Dive staff -
Software industry leaders debate real costs and benefits of CISA security push
The global effort toward secure by design is seen as a potential game changer for software security, but may require investments and cultural changes.
By David Jones • April 17, 2023 -
There’s a movement afoot to make tech vendors responsible for cybersecurity
The international joint guide to secure by design encapsulates security recommendations long-touted by CISA, including technical tactics for software and infrastructure design.
By Matt Kapko • April 13, 2023 -
How Target approaches identity and access management
Designing an IAM system that provides a good user experience while preventing unauthorized access is a critical responsibility.
By Matt Kapko • April 12, 2023 -
Leftover data lurks in the enterprise, creating business risk
When an organization has little data visibility, it becomes even more vulnerable to leaks and breaches — as well as insider and external threats.
By Sue Poremba • April 11, 2023 -
Samsung employees leaked corporate data in ChatGPT: report
Data privacy is a concern for companies with employees using ChatGPT’s web-based interface, as input data is used to train and improve the tool.
By Lindsey Wilkinson • April 7, 2023 -
IT security leaders still told to keep data breaches quiet, study finds
Bitdefender research found 7 in 10 IT and security professionals in the U.S. have been asked to keep a breach confidential.
By David Jones • April 6, 2023 -
Upskilling, reskilling central to competing for tech talent, survey finds
Leading organizations were more likely than their peers to put in place upskilling or reskilling initiatives, a report from NTT DATA found.
By Roberto Torres • April 4, 2023 -
Microsoft unveils Security Copilot built on GPT-4
The technology combines OpenAI's generative AI capabilities with Microsoft's threat intelligence and security network.
By David Jones • March 28, 2023 -
Deep Dive
Tech vendor risk raises vetting stakes in wake of SVB crisis
Deposits are safe, but tech startups may no longer have access to venture debt and the lines of credit that helped fuel innovation.
By Matt Ashare • March 27, 2023 -
5 tips to counter identity and access management risks
Many organizations rely on identity and access management tools for credential management and authentication. But these systems aren’t foolproof.
By Matt Kapko • March 24, 2023 -
ChatGPT bug underlines need to limit shadow IT
If you share information with the tool, you do so at your own risk, according to experts.
By Lindsey Wilkinson • March 23, 2023 -
FTC opens inquiry into cloud market competition, security
As consolidation among hyperscalers grows, federal authorities are raising concerns over cloud dependence in critical sectors.
By Matt Ashare • March 22, 2023 -
Ill-prepared against cyberattacks? You’re not alone, Cisco says
The cybersecurity readiness gap looms large, and smaller organizations were ranked the least prepared.
By Matt Kapko • March 22, 2023 -
Security drives software purchases for half of US companies
The study from Capterra comes weeks after the U.S. announced plans to shift liability for weak product security onto the tech industry.
By David Jones • March 21, 2023 -
Workforce reductions hinder tech upskilling: report
As layoffs and hiring freezes reach tech companies, funding and scheduling training becomes a problem, a Pluralsight report found.
By Matt Ashare • March 20, 2023 -
Cybersecurity market confronts potential consequences of banking crisis
Bank seizures impose new challenges on vendors in every segment — and may spur consolidation.
By Matt Kapko • March 17, 2023 -
Bank failure panic fuels moment of opportunity for threat actors
Threat hunters and security executives warned organizations to look out for malicious activity as regulators step in to operate Silicon Valley Bank.
By Matt Kapko • March 15, 2023 -
Organizations tempt risk as they deploy code more frequently
An imbalance between developers and security professionals on staff spotlights a disconnect between these business functions and objectives.
By Matt Kapko • March 7, 2023 -
LastPass aftermath leaves long to-do list for business customers
Organizations using the password manager are exposed after a major breach compromised credentials and, potentially, business secrets.
By Matt Kapko • March 6, 2023 -
The US cyber strategy is out. Now, officials just have to implement it
Industry stakeholders signal a willingness to discuss further steps, while congressional leaders hint additional action may be on the table.
By David Jones • March 3, 2023 -
Stressed much? It’s chronic in cybersecurity
The psychological toll of security will spur high levels of churn among security leaders, Gartner expects.
By Naomi Eide • Feb. 28, 2023 -
Companies grapple with post-breach disclosure risks
The concerns leading organizations to withhold information are aplenty, including reputational damage and financial impacts.
By Matt Kapko • Feb. 21, 2023 -
Threat actors can use ChatGPT, too. Here’s what businesses should watch
While IT departments seek enterprise applications, cyber teams must be on the lookout for attacks using the generative AI technology.
By Lindsey Wilkinson • Feb. 21, 2023