Palo Alto Networks reports strong fiscal Q1 as security needs outpace economic fears

The security firm also agreed to buy Cider Security, boosting its software supply chain security business.

By David Jones • Nov. 21, 2022

SMB cyber budgets under pressure amid slowing economy

The potential budget cuts during a period marked by market volatility could increase organizational risk.

By Matt Kapko • Nov. 17, 2022

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Critical infrastructure providers ask CISA to place guardrails on reporting requirements

Top companies and industry groups fear incident reporting mandates would overwhelm CISA with noise. 

By David Jones • Nov. 16, 2022

Confidential computing critical for cloud security, Google and Intel say

Confidential computing aims to isolate and encrypt data in use. The technology is young, but it could deliver significant gains for cloud security.

By Matt Kapko • Nov. 15, 2022

K-12 schools lack resources, funding to combat ransomware threat

One-fifth of schools spend less than 1% of their IT budgets on security, a MS-ISAC report shows.

By David Jones • Nov. 14, 2022

5 security musts for industrial control systems

OT involves a collection of dedicated systems and physics, and that creates distinct security requirements, said Robert M. Lee, CEO and co-founder at Dragos.

By Matt Kapko • Nov. 10, 2022

Mondelē​​z settlement in NotPetya case renews concerns about cyber insurance coverage

The legal dispute between the snack giant and insurer Zurich American, which lasted four years, raises further questions about how insurers cover acts of cyber war.

By David Jones • Nov. 8, 2022

Face it, password policies and managers are not protecting users

Passwords haven’t worked as a solid security strategy in a long time. The policies are there, so why are passwords security’s weak spot?

By Sue Poremba • Nov. 7, 2022

How to implement an effective system to address third-party risk

Current processes for assessing and managing third-party cybersecurity risks are cumbersome and ineffective. CISOs must adopt new principles to address business exposure.

By Sam Olyaei • Nov. 7, 2022

CISA demystifies phishing-resistant MFA

The “gold standard” safeguard isn’t a one-size-fits-all or all-or-nothing endeavor. For most organizations, a phased approach works best.

By Matt Kapko • Nov. 4, 2022

NIST seeks water industry feedback on boosting cyber resilience

The Biden administration is turning its security attention to the water and wastewater treatment industry, which has become vulnerable to cyberattacks as facilities grow more digital.

By David Jones • Nov. 4, 2022

Industrial providers ramp up cyber risk posture as OT threats evolve

The majority of industrial organizations have increased OT security budgets and conducted security audits but aging technology and staffing woes persist, a new report found. 

By David Jones • Oct. 31, 2022

‘Point solutions just need to die’: The end of the one-trick security tool

The deconstruction of security products has foisted many avoidable challenges upon organizations and the industry at large.

By Matt Kapko • Oct. 31, 2022

Microsoft security business surges as cloud segment hit by slumping economy

Higher energy costs and the macro economic slowdown is impacting the company’s cloud segment, while it continues to grow its enterprise security business.

By David Jones • Oct. 26, 2022

Help wanted for 3.4M jobs: Cyber workforce shortage is an acute, worldwide problem

Research from (ICS)2 shows an ongoing skills gap in the information security space is under greater pressure than before.

By David Jones • Oct. 24, 2022

4 security predictions from Google’s cyber leaders

The hopeful forecasts aren’t exclusive to Google’s cybersecurity experts. Many believe the industry is poised to deliver on its mission with greater efficiency and effect.

By Matt Kapko • Oct. 21, 2022

4 ways Target dynamically tracks the most alarming threats

The retailer’s threat analysts identify stakeholders and map adversaries’ intents and capabilities. The company notes it’s also important to not treat all threats equally.

By Matt Kapko • Oct. 20, 2022

Uber ex-CSO verdict raises thorny issues of cyber governance and transparency

The former chief security officer of the ride-sharing firm is seen by many as a scapegoat for an unsupervised and unaccountable corporate culture.

By David Jones • Oct. 19, 2022

Cybersecurity spending on pace to surpass $260B by 2026

Gartner pinned annual double-digit growth on three transitionary megatrends: remote work, zero trust network access, and the cloud.

By Matt Kapko • Oct. 18, 2022

Mandiant CEO pledges to automate threat intel under Google

Google’s chops in artificial intelligence, cloud computing and analytics play a central role in Mandiant’s emboldened vision.

By Matt Kapko • Oct. 17, 2022

As cybersecurity threats rage, colleges invest in risk prevention and pay higher insurance premiums

Cyber insurance policy renewal price increases are typically between 40% and 60%, with some increases hitting the triple digits, S&P said.

By Rick Seltzer • Oct. 14, 2022

4 tips to protect IT employees from phishing attacks

No one is perfect, and that includes your IT professionals. Here's what security experts say could help mitigate human error.

By Lindsey Wilkinson • Oct. 14, 2022

Signs of stability emerge in turbulent cyber insurance market

Rates continue to soar, but Marsh research shows the pace of increases is slowing. 

By Naomi Eide • Oct. 13, 2022

Microsoft’s CISO on why cloud matters for security response

Cloud can give companies insight into current and future threats as the landscape grows more complex, said Bret Arsenault.

By Roberto Torres • Oct. 12, 2022

Mandiant propels Google Cloud’s security prospects

With Mandiant officially under his wing, Google Cloud CISO Phil Venables expects the incident responders to help Google become a proactive force.

By Matt Kapko • Oct. 11, 2022