Strategy
-
Delta, CrowdStrike file dueling lawsuits as squabble continues
The airline seeks to recover damages of more than $500 million in the aftermath of a disruptive IT outage in July. The software provider is looking to hold its liability to the terms of its service agreement.
By Roberto Torres • Oct. 28, 2024 -
Microsoft CEO asked board to cut pay in connection with security overhaul
Yet, Satya Nadella's fiscal 2024 compensation far exceeded 2023 thanks to Microsoft's strong market performance.
By David Jones • Oct. 25, 2024 -
Trendline
Risk Management
Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues.
By Cybersecurity Dive staff -
4 ways AI could impact employees, workflows: Gartner
Technology leaders can expect AI to continue to raise questions around workforce shifts, privacy procedures and security techniques.
By Lindsey Wilkinson • Oct. 23, 2024 -
Opinion
How to implement attack surface management
ASM is a core component of exposure management that organizations can leverage to enhance vulnerability management.
By Steve Santos • Oct. 23, 2024 -
FCC expands cooperation with states on data security, privacy enforcement
More states are working with the agency to investigate possible violations of consumer privacy and data security laws.
By David Jones • Oct. 22, 2024 -
CISOs are gaining influence among corporate leadership
A Deloitte Global report shows CISOs are involved in a growing set of strategic decisions about digital transformation, cloud and other technology issues.
By David Jones • Oct. 21, 2024 -
Sophos to buy Secureworks in $859M push into XDR
The deal follows a marketwide push for vendor consolidation and a growing interest in more end-to-end offerings from a single provider.
By Matt Kapko • Oct. 21, 2024 -
Microsoft confirms partial loss of security log data on multiple platforms
The company previously expanded free access to security logs on several platforms, including Purview, following the 2023 state-linked hack of Exchange Online.
By David Jones • Oct. 18, 2024 -
FBI, CISA seek input on software security, configuration changes
Authorities are seeking public comment on steps the software industry can take to make their products more resistant to malicious threat activity.
By David Jones • Oct. 17, 2024 -
Majority of global CISOs want to split roles as regulatory burdens grow
Trellix research shows rising cybersecurity demands from the SEC and other government bodies are pushing CISOs even closer to the edge.
By David Jones • Oct. 15, 2024 -
Where organizations invest after a data breach
Asking customers to foot the bill for data breach remediation will not prevent future data breaches or address the issues that cause costs to increase.
By Sue Poremba • Oct. 14, 2024 -
Sponsored by Tines
Leading CISOs weigh in on AI’s role in security: 7 key takeaways
Learn how CISOs are approaching AI adoption and embracing innovation -- while mitigating risk.
By Thomas Kinsella, COO and co-founder • Oct. 14, 2024 -
Decrease in deals and large rounds cut cyber funding to $2.1B in Q3
The decline in funding accentuates the inconsistent pace of venture capital investments in cyber startups.
By Matt Kapko • Oct. 10, 2024 -
Cyber risk tops C-suite concerns heading into US election
A report by PwC shows American business leaders will continue to focus on data regulation, AI and technology investments regardless of which party prevails in November.
By David Jones • Oct. 10, 2024 -
Deep Dive
CIOs turn to NIST to tackle generative AI’s many risks
Discover's CIO is one of many tech leaders working to limit generative AI missteps by turning to risk management frameworks to get deployment right from the outset.
By Lindsey Wilkinson • Oct. 9, 2024 -
CISOs, C-suite remain at odds over corporate cyber resilience
Security and IT executives, more than a year after a SEC vote on incident disclosure, still face an uphill battle to articulate risk strategy.
By David Jones • Oct. 7, 2024 -
Counter Ransomware Initiative summit emphasizes arduous effort
An international collective of cyber officials continued discussions with the White House on how to counter ransomware attacks, reduce payments and increase response capabilities.
By Matt Kapko • Oct. 7, 2024 -
United Airlines leaned on real-time data to recover from the CrowdStrike outage
The airline modernized its technology foundations with better customer experiences in mind. Then, a major software outage underscored the importance of live data.
By Matt Ashare • Oct. 4, 2024 -
What’s next for CrowdStrike on the road to repair its reputation?
The cybersecurity vendor finds itself operating from a vulnerable position. Efforts to earn back trust are complex and some require industrywide support.
By Matt Kapko • Oct. 3, 2024 -
Two-thirds of healthcare organizations hit by ransomware in past year: survey
Nearly 40% of healthcare organizations reported it took more than a month to recover after an attack, according to the survey by cybersecurity firm Sophos.
By Emily Olsen • Oct. 2, 2024 -
State CISOs up against a growing threat environment with minimal funding, report finds
A report by Deloitte and NASCIO warns that states do not have the resources necessary to fight state-backed and criminal threat groups.
By David Jones • Oct. 2, 2024 -
Customers are done with passwords. Do businesses have a solution?
Research shows customers are frustrated with the login experience, and the friction can cost businesses customers.
By Kristen Doerer • Sept. 30, 2024 -
For Google to reduce memory-safety defects, it focused on new code
Google’s experience provides software developers a roadmap to address one of the most persistent security problems: memory-safety CVEs.
By Matt Kapko • Sept. 26, 2024 -
CrowdStrike CEO pushes ‘resilient by design’ framework, promising changes
The cybersecurity vendor is embracing a new business framework to address security deployment lapses and the fragility of interconnected systems.
By Matt Kapko • Sept. 26, 2024 -
CISA again raises alarm on hacktivist threat to water utilities
The alert comes just days after an attack against a water treatment facility in Kansas.
By David Jones • Sept. 26, 2024