Cisco to buy Splunk for $28B

Forrester's Allie Mellen calls it a massive win for Cisco's security business, but said security leaders are concerned about potential SIEM quality degradation. 

By Naomi Eide • Sept. 21, 2023

AI is entering the enterprise application security tool stack

Reports from Gartner and Rackspace show a broad enterprise appetite to weave AI into the tool stack, especially across application security.

By Naomi Eide • Sept. 20, 2023

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

US is making headway on securing cyber infrastructure, commission says

While Cyberspace Solarium Commission leaders praised U.S. cybersecurity improvements, they said more work is needed to secure critical infrastructure.

By David Jones • Sept. 20, 2023

FBI director urges private sector to work with the agency on cyber threats

Christopher Wray told attendees at Mandiant’s mWISE 2023 private sector assistance contributed to the success of several recent operations.

By David Jones • Sept. 19, 2023

SEC cyber disclosure rules: What’s the role of the CIO?

CIOs are on the front lines of managing the IT estate, making them a critical part of rapid incident response. 

By Roberto Torres • Sept. 19, 2023

Security has an underlying defect: passwords and authentication

Cyberattacks are fueled by the shortcomings of business authentication controls. Bad things happen when access falls apart and credentials land in the wrong hands.

By Matt Kapko • Sept. 18, 2023

White House, federal cyber leaders pledge renewed support for open source security

CISA released a roadmap for open source software security as industry officials convened to map out additional steps to protect federal agencies and the larger ecosystem.

By David Jones • Sept. 13, 2023

IronNet considers bankruptcy after it furloughs most workers

The furloughs will effectively end most of the cybersecurity firm’s operations unless it can find additional sources of liquidity.

By David Jones • Sept. 12, 2023

CISA director: Critical infrastructure cyber incident reporting rules almost ready

The Cybersecurity and Infrastructure Security Agency is in the final stages of work on the reporting requirements included in a March 2022 law.

By David Jones • Sept. 8, 2023

Cybersecurity investments boost profitability, resilience: White House

Expenditures on resilience will help companies reduce downtime, Acting National Cyber Director Kemba Walden said at the Billington Cybersecurity Summit.

By David Jones • Sept. 6, 2023

Top 5 behaviors of successful CISOs: Gartner

Successful CISOs are at least 1.5 times more likely to engage with emerging technologies and colleagues beyond traditional business functions, a survey shows.

By Matt Kapko • Sept. 5, 2023

SEC cyber disclosure rules put CISO liability under the spotlight

Security executives find themselves in the eye of the needle as governance and incident response come into focus.

By David Jones • Sept. 5, 2023

Malwarebytes, within a week, acquires a company and reportedly cuts staff

The layoffs underscore significant alterations afoot in the security sector, as the industry’s largest vendors claim share from smaller rivals.

By Matt Kapko • Aug. 31, 2023

CrowdStrike soars on security tool consolidation demand

CEO George Kurtz said the company will consider potential acquisition targets as M&A discussions heat up across the industry.

By David Jones • Aug. 31, 2023

Mandiant blends Google Cloud, AI to automate threat hunting

Google Cloud is bringing Mandiant’s threat hunting intelligence to customers’ Chronicle environments and infusing Duet AI across its security portfolio.

By Matt Kapko • Aug. 29, 2023

Cyber insurance providers increase scrutiny on enterprise risk, report finds

Policyholders face higher costs and additional exclusions, even as the market stabilizes, a study on behalf of Delinia found.

By David Jones • Aug. 29, 2023

Software industry urged to assume risk on open source security

The Open Source Security Foundation called on commercial and non-commercial organizations that use open source software components to adopt better security practices.

By David Jones • Aug. 25, 2023

Generative AI tips and warnings from 5 providers

Understanding model limitations and keeping humans in the loop is critical to productive adoption of AI, according to several software leaders.

By Lindsey Wilkinson • Aug. 25, 2023

Government investigation puts spotlight on password insecurity

A team working for the Department of Interior’s inspector general successfully cracked 1 in 5 active user passwords, a ratio that highlights traps in cybersecurity standards, Mike Kosask from LastPass writes.

By Michael Kosak • Aug. 24, 2023

For security to benefit from AI, companies need to shore up their data

CISOs need to address the structure, management and curation of data as they pursue benefits from generative AI, according to an IDC report.

By Matt Kapko • Aug. 24, 2023

Ransomware attack dwell times fall, pressuring companies to quickly respond

The median dwell time for ransomware attacks hit a new low of five days in the first half of the year, according to Sophos.

By Matt Kapko • Aug. 23, 2023

SentinelOne pursues potential sale amid slow growth, report says

The cybersecurity firm recently announced job cuts and is competing in a turbulent market in recent months.

By David Jones • Aug. 22, 2023

Zoom’s AI terms overhaul sets stage for broader data use scrutiny

The shift to adopt generative AI has created tension between SaaS vendors' data desires and enterprises' security concerns.

By Lindsey Wilkinson • Aug. 22, 2023

Palo Alto Networks posts strong Q4 amid consolidation, new SEC rules

Despite spooking analysts with an unusual late Friday earnings presentation, investors breathed easy as the company shared a positive outlook in its earnings report. 

By David Jones • Aug. 21, 2023

Cyber authorities have a plan to defend remote monitoring tools

Threat actors can turn one point of attack into many by targeting remote management services that lack security controls.

By Matt Kapko • Aug. 18, 2023