Employees can't quit habit of writing down, sharing passwords

Amid heightened threats, workers are incorporating company names into passwords, writing them on sticky notes and sharing them via email.

By David Jones • April 6, 2021

Cybersecurity spending is up but so are breaches

Healthcare, media, entertainment and gaming experienced the greatest growth in breaches last year, coinciding with a "big shift" toward digital transformation, Canalys found.

By Samantha Schwartz • March 30, 2021

Explore the Trendline➔

Securing the cloud

A host of new technologies and a spate of incidents at top providers means businesses have even more cloud security conundrums to consider. 

By Cybersecurity Dive staff

Security leaders: Expect more insider data leaks, threats in 2021

The rise stems from a lack of accurate insight from data loss prevention and cloud access security broker technologies.

By David Jones • March 29, 2021

Remote work gives rise to more executive credential theft

Threat actors are increasingly using social engineering to cultivate vulnerable end users and compromise networks, according to a CyberArk report.

By David Jones • March 25, 2021

55% of healthcare breaches feature ransomware: report

The healthcare industry is a favored target by cybercriminals: Hospitals cannot tolerate downtime or put off emergency patient care.

By Samantha Schwartz • March 10, 2021

Qualys confirms data breach related to Accellion after documents leak

The cloud security firm retained FireEye and insists the breach had no impact on production environments or its code base.

By David Jones • March 4, 2021

Companies overestimate ability to manage remote worker security

Employees working outside the office are granted excessive access privileges and are falling prey to phishing attacks, research from Tanium and PSB Insights found.

By David Jones • March 2, 2021

Senate SolarWinds hearing turns attention to breach notification laws, intel sharing

Amazon Web Services came under fire for declining to attend the hearing as top executives emphasized the need for faster disclosure and industrywide standards.

By David Jones • Feb. 24, 2021

Accellion breach victim lists grows as Kroger discloses compromise

None of the organizations impacted by the Accellion hack so far have attributed who was responsible for the compromise.

By Samantha Schwartz • Feb. 22, 2021

Ransomware, poor security drove spike in healthcare breaches in 2020

A rise in ransomware and phishing attacks led to a 55% increase in healthcare breaches last year, according to Bitglass.

By David Jones • Feb. 17, 2021

The next generation of email security

Now, with a single approval of an API, every line of cloud business communication can be secured.

Feb. 16, 2021

Supply chain attacks renew focus on limiting privileged access to cloud data

Supply chain attacks and rapid shifts to cloud data storage have led companies to reduce access by third-party vendors and employees to sensitive data.

By David Jones • Jan. 29, 2021

Privacy investments mitigate security losses, report finds

Spending on data privacy has become a priority amid new concerns about COVID-19 data and remote work environments, a study from Cisco shows.

By David Jones • Jan. 26, 2021

Verizon: Software installation enables sneaky cyber espionage

Compared to other breaches, cyber espionage campaigns move "low and slow," said Verizon's John Grim. 

By Samantha Schwartz • Jan. 22, 2021

2020 marked by fewer, but more damaging, data breaches

The total number of records exposed in data breaches — more than 37 billion — represented a 141% increase from 2019, Risk Based Security says.

By Naomi Eide • Jan. 21, 2021

Microsoft's latest SolarWinds discovery highlights systemic supply chain weaknesses

Organizations are rushing to mitigate the full extent of the damage from compromise discovered three weeks ago. 

By Naomi Eide • Jan. 4, 2021

Full impact of SolarWinds attack begins to emerge across tech sector, federal agencies

Several leading technology companies and other organizations are evaluating the impact of the SolarWinds breach and other recent nation-state attacks. 

By David Jones • Dec. 23, 2020

Weighing the risks of disclosing a cyber incident

Not telling law enforcement or a regulator is an admission by an organization: We do not consider this cyber incident reportable.

By Samantha Schwartz • Dec. 10, 2020

COVID-19 vaccine data manipulated after leak, EU drug regulator says

The compromised data included vaccine information from the Pfizer and BioNTech COVID-19 vaccine, the regulator said.

By Samantha Schwartz • Updated Jan. 15, 2021

Home Depot codifies data reforms in $17.5M breach settlement with states

The home improvement retailer reached a $17.5 million settlement following a multistate investigation into its 2014 hacking.

By David Jones • Nov. 25, 2020

28% of 'extreme' cyber incidents cost more than $100M, report finds

Outside of financial fallout, cyber incidents can damage corporate reputations, increase regulatory oversight and impact executive careers, Cyentia found. 

By Samantha Schwartz • Nov. 10, 2020

Marriott finds financial reprieve in reduced GDPR penalty

The U.K.'s Information Commissioner's Office also reduced British Airways' fine, citing economic impact of COVID-19 as a factor.

By Samantha Schwartz • Nov. 2, 2020

Understanding Carnival's ransomware attack, hitting two different data types

Last week the cruise line disclosed a ransomware attack that impacted employee and customer data. The security divisions can get murky.

By Samantha Schwartz • Aug. 26, 2020

5 charts that show the impact, and cost, of data breaches

With every day a breach goes undetected or unresolved, costs mount, customers lose patience, and a company earns a reputation of neglect.

By Samantha Schwartz • July 29, 2020

What industry gets wrong about cyber insurance

Despite common perception, recovery from a cyber event — such as paying a ransom — cannot be decided by a carrier.

By Samantha Schwartz • Oct. 31, 2019