SolarWinds attack leads to renewed focus on IT relationships with corporate boards

Corporate governance and cybersecurity experts say IT officials need to clearly and regularly communicate potential risks and liabilities ahead of the next crisis. 

By David Jones • Jan. 7, 2021

Biden says US must treat cyberattacks with same 'seriousness of purpose' as weapons

As the president-elect prepares to take office in January, his administration faces one of the largest hacks on federal agencies. 

By Samantha Schwartz • Dec. 23, 2020

CISO of the Year: Marene Allison, Johnson & Johnson

In a year of uncertainty, J&J's security mission remained a constant. Under Allison's leadership, the company's resilience has been a decade in the making. 

By Samantha Schwartz • Dec. 9, 2020

What security experts expect from Biden's cyber strategy

The private sector is playing a more active role in national security. Now, security professionals are hungry for even more cross-sector collaboration.

By Samantha Schwartz • Dec. 3, 2020

Do not disturb: Setting time-off boundaries when work is just a click away

Taking meaningful time off empowers leadership to more effectively manage the team — and disrupts the culture of overworking.

By Katie Malone • Nov. 23, 2020

CISA's head was fired. How a leadership vacancy impacts the private sector

"I know that most, if not all, of my colleagues would currently pass on opportunities in the public sector, which is a shame," said RunSafe Security's Joe Saunders.

By Samantha Schwartz • Nov. 19, 2020

For Wells Fargo, tech, security and innovation drives risk management

Companies must look closely at technology as an operational risk, but neglecting innovation opens more windows for bad actors to enter, a Wells Fargo executive said. 

By Katie Malone • Nov. 19, 2020

After a ransomware attack, choose what data needs recovery first

Shaun Marion, CISO at Republic Services, doesn't treat all his data the same. There's some data he won't care about losing in light of a ransomware attack.

By Samantha Schwartz • Nov. 18, 2020

Famed hacker Mudge to lead Twitter security after summer of attacks

Cybersecurity industry executives say the hacker known as Mudge will help Twitter fight back against security and disinformation challenges. 

By David Jones • Nov. 17, 2020

Biden faces scrutiny on key appointments and policy priorities on privacy, cybersecurity

Experts say the incoming administration has an array of former Obama administration staff and will face pressure to reform a number of fronts. 

By David Jones • Nov. 13, 2020

Cybersecurity hiring spikes as pandemic forces global workforce restructuring

The cybersecurity industry has an ongoing issue with finding enough qualified workers, and the pandemic placed additional strain on corporate spending.

By David Jones • Nov. 11, 2020

Agility, teamwork, mission-focus: Why companies look to vets to fill cyber job gap

Organizations are working to transition military veterans into civilian cybersecurity jobs to provide vets with a stable post-service career and overcome a crucial workforce shortage.

By Katie Malone • Nov. 10, 2020

2020 gave cybersecurity more opportunity. Now CISOs have to seize it

CISOs influence risk appetite and budget. Technology trends, threats, regulations and the pandemic are out of their control.

By Samantha Schwartz • Nov. 6, 2020

NIST plays NICE with industry partners to grow cybersecurity workforce

In the first update to its strategic plan since 2016, the National Initiative for Cybersecurity Education seeks new ways to grow the cybersecurity workforce.

By Katie Malone • Oct. 29, 2020

Security accounts for just 5.7% of IT spend: Gartner

The range of IT security spending is between 1.7% to 11.5% of IT budgets, but "this is not necessarily good or bad," said Gartner's Tom Scholtz.

By Samantha Schwartz • Oct. 28, 2020

Why is the CIO-CISO dynamic strained?

In an enterprise where every executive has competing priorities in deadlines, money and personnel, some CISOs and CIOs fight for equal shares. 

By Samantha Schwartz • Oct. 27, 2020

5 cybersecurity and threat trends CISOs must watch

Attacks are all but guaranteed, threats are evolving and a digital realm is targeting the physical. What's keeping CISOs up at night? Everything. 

By Naomi Eide • Oct. 26, 2020

4 roles security organizations will see in 2021

Though "no two security leaders perform the same task," Gartner expects the cybersecurity function to add leaders who can address risk and digital ecosystems.

By Samantha Schwartz • Oct. 22, 2020

Slack picks Reddit alum as chief security officer

The company named its first CSO Geoff Belknap in 2016, but Larkin Ryder has been serving as Slack's interim CSO since Belknap departed in 2019. 

By Samantha Schwartz • Oct. 1, 2020

6 types of CISO and the companies they thrive in

Jeff Pollard, VP and principal analyst at Forrester, wants CISOs to discover the type of leader they are — transformational, tactical, steady — and run with it.

By Samantha Schwartz • Sept. 22, 2020

Why anti-phishing exercises could 'alienate' employees in crisis

Between maintaining business continuity and preserving employee well-being, CISOs had to decide if a pandemic was an appropriate time to test employee cybersecurity awareness.

By Samantha Schwartz • July 16, 2020

Goldman hires CISO away from Morgan Stanley

Matthew Chung joins the bank in a role vacated in May when Andy Ozment moved to Capital One. Goldman's interim CISO, Phil Venables, will leave the bank at the end of the year.

By Dan Ennis • Updated Oct. 2, 2020

'Golden bullet' clauses protect CISOs after a breach

A financial cushion will not shield an executive from public scrutiny, but it can alleviate the burden of blame.

By Samantha Schwartz • Nov. 18, 2019