Nearly 1 in 3 software development professionals unaware of secure practices

The knowledge gap, identified in a Linux Foundation report, comes as malicious hackers increasingly target critical vulnerabilities.

By David Jones • July 16, 2024

Risk escalates as communication channels proliferate

The chance of losing data to a breach rises in tandem with the number of channels — like email and file sharing — that an organization uses.

By Robert Freedman • July 10, 2024

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Snowflake allows admins to enforce MFA as breach investigations conclude

Three months after an attacker targeted more than 100 customer environments, Snowflake is making it easier for existing customers to enforce MFA, but it isn’t requiring it.

By Matt Kapko • July 9, 2024

3 key lessons for CISOs from recent medical cyber quakes

Medical-grade breaches result in casualties all around. So, what can be done to push back?

July 8, 2024

Supreme Court ruling on Chevron doctrine may upend future cybersecurity regulation

Experts expect new legal challenges against numerous agency cybersecurity requirements, including incident reporting mandates and rules governing critical infrastructure sectors.

By David Jones • Updated July 8, 2024

Microsoft alerts additional customers of state-linked threat group attacks

The company told customers the Midnight Blizzard attacks disclosed in January were more widespread than previously known.

By David Jones • June 28, 2024

Industrial cyberattacks fuel surge in OT cybersecurity spending

Operators in mining, oil and gas, utilities and manufacturing are among the top spenders, according to ABI Research.

By Matt Kapko • June 28, 2024

Cyber insurance terms drive companies to invest more in security, report finds

Though recovery costs continue to outpace coverage, companies are investing in network security to lower premiums and yield better policy terms.

By David Jones • June 26, 2024

Cloud security becoming top priority for companies worldwide

Application sprawl and the sensitive nature of the data organizations place in the cloud is complicating security, Thales found.

By David Jones • June 25, 2024

Ransomware victims are becoming less likely to pay up

Despite a jump in ransom demands last year, companies are plotting better defenses against attacks that can incur deep business interruption costs, Marsh said.

By Justin Bachman • June 21, 2024

MFA plays a rising role in major attacks, research finds

Poor configurations and deliberate MFA bypasses were at the center of numerous attacks in recent months, Cisco Talos found.

By David Jones • June 18, 2024

Microsoft president promises significant culture changes geared towards security

Brad Smith detailed plans to tie compensation to security, as lawmakers raised new questions about the company’s commitment to transparency.

By David Jones • June 14, 2024

Microsoft will take full ownership for security failures in House testimony

Brad Smith, the company’s vice chair and president, will acknowledge extensive security lapses while outlining steps the company, industry and nation need to move forward.

By David Jones • June 13, 2024

Snowflake-linked attacks are testing the cloud’s shared responsibility status quo

Assigning responsibility for missing security controls is tricky. The burden is collective but cloud providers need to raise minimum standards, experts say.

By Matt Kapko • June 13, 2024

Rust Foundation leads the charge to improve critical systems security

The foundation is standing up a consortium to boost the responsible use of the programming language at a time of heightened security risks.

By David Jones • June 12, 2024

Apple makes a password manager play in a heavily targeted market

The new, standalone app Passwords places credential management front and center for Apple’s massive user base.

By Matt Kapko • June 11, 2024

Telecom, media and tech companies are cyber defense standouts: Moody’s

Cybersecurity spending in the sector doubled during the past five years, accounting for 10% of companies’ technology budgets in 2023, the credit ratings and research firm said.

By Matt Kapko • June 7, 2024

Tenable to acquire Eureka Security for greater visibility into cloud data environment

The deal marks the latest acquisition in a market undergoing pricing adjustments and increased pressure to offer unified platforms.

By David Jones • June 6, 2024

CrowdStrike soars above industry spending concerns, digs at rivals

The cybersecurity firm defied growing industry pressures on cybersecurity revenue while continuing to jab rivals Microsoft and Palo Alto Networks. 

By David Jones • June 5, 2024

Security concerns mount as businesses deploy AI coding tools

Organizations are deploying the technology without enough protocols to ensure safe, secure use.

By Lindsey Wilkinson • June 5, 2024

How to identify and implement security automation use cases

It might be a “fun” engineering challenge to see what is possible to automate, but often the results will not justify the expense and effort, Gartner’s Kevin Schmidt writes.

By Kevin Schmidt • June 4, 2024

Securing your call centers: Best practices for cybersecurity protection

All call centers face cybersecurity threats because they handle information like credit card numbers, health records, and personal purchase history. However, call centers that support federal agencies have the added risk of handling highly sensitive information, making them prime targets for cybercriminals.

By Jerry Dotson, Vice President of Public Sector, Avaya • June 3, 2024

NIST has a plan to clear the vulnerability analysis backlog

The Cybersecurity and Infrastructure Security Agency and government contractor Analygence will help clear the National Vulnerability Database backlog.

By Matt Kapko • May 31, 2024

CISOs under pressure from boards to downplay cyber risk: study

Research from Trend Micro shows tension between CISOs and senior enterprise leadership. Many security leaders say they're perceived as nags.

By David Jones • May 30, 2024

Okta rides out cyberattack fallout with ‘minimal impact’

CEO and Co-Founder Todd McKinnon said it’s going to take some time before Okta can put the cyberattack behind it.

By Matt Kapko • May 30, 2024