Strategy: Page 22
-
greenbutterfly/iStock/Getty Images Plus via Getty Images
What is phishing-resistant multifactor authentication? It’s complicated.
Physical keys with cryptographic protocols can deliver higher levels of assurance, but organizations shouldn’t conflate resistance with infallibility.
By Matt Kapko • Oct. 10, 2022 -
studio-fi via Getty Images
CISOs, corporate boards in wide disagreement on cyber resilience
A study backed by researchers from MIT shows corporate boards are more focused on cyber risk, but are out of alignment with CISOs on key issues.
By David Jones • Oct. 10, 2022 -
Explore the Trendline➔
.shock via Getty Images
TrendlineRisk Management
An esclation of cyber risks facing businesses and government has made cyber resilience a major priority.
By Cybersecurity Dive staff -
Sean M. Haffey via Getty Images
Cybersecurity needs a statewide approach, report finds
Research from Deloitte and state CIOs shows cities often hesitate to work with states on cybersecurity to protect their autonomy, but local government cyber grants could change that.
By Michael Brady • Oct. 10, 2022 -
matejmo via Getty Images
Multifactor authentication is not all it’s cracked up to be
Text message and email-based authentication aren’t just the weakest variants of MFA. Cybersecurity professionals say they are broken.
By Matt Kapko • Oct. 5, 2022 -
greenbutterfly via Getty Images
OpinionWhy user experience is essential to identity protection
Organizations must strike a delicate balance between maximizing end-user protection and minimizing the security-related obstacles.
By Kapil Raina • Oct. 5, 2022 -
baona via Getty Images
Security to take an outsized role in IT spending in 2023
“If you look across all of these categories, security is a line item in all of them,” Spiceworks Ziff Davis’ Peter Tsai said.
By Matt Ashare • Oct. 4, 2022 -
Ridofranz via Getty Images
C-suite, boards are prioritizing cybersecurity, but still expect increased threats
Senior executives around the world are taking risk management more seriously, PwC research found, but many are still concerned about business resilience.
By David Jones • Sept. 30, 2022 -
SeventyFour via Getty Images
Google Cloud research links CI/CD to security prowess
The benefits of automated processes for application development extend beyond organizational performance and have a positive impact on security.
By Matt Kapko • Sept. 29, 2022 -
Peach_iStock via Getty Images
Most organizations had a cloud-related security incident in the past year
Security leaders consider the risk of cloud-based incidents higher than on-premises incidents, yet they expect to move more applications to the cloud.
By David Jones • Sept. 28, 2022 -
gorodenkoff via Getty Images
Cyber paradox: Security looms as obstacle and opportunity in cloud migration
Data protection and compliance solutions are easing cloud adoption even as cyber concerns persist.
By Matt Ashare • Sept. 27, 2022 -
BackyardProduction via Getty Images
How common telecom cyber risks snowball in cloud, open source
Public cloud plays a central role in the modernization of wireless networks. But more open source software, vendors and vulnerabilities could spell trouble.
By Matt Kapko • Sept. 23, 2022 -
NicoElNino via Getty Images
Organizations rapidly shift tactics to secure the software supply chain
Synopsys’ 13th annual BSIMM study shows rapid increases in automation and use of SBOMs among software producers and other organizations.
By David Jones • Sept. 22, 2022 -
Permission granted by Cincinnati Public Schools
The tools and strategies schools need for ransomware defense
CISOs empathize with the unenviable position schools are in as they confront ransomware. The right capabilities could make a big difference.
By Matt Kapko • Sept. 22, 2022 -
gorodenkoff via Getty Images
‘Shift-left’ software strategy challenged by security and compliance
Developer burnout and supply chain concerns mount as companies push to begin software testing early in the development process.
By Matt Ashare • Sept. 22, 2022 -
Drew Angerer via Getty Images
US government rejects ransom payment ban to spur disclosure
Federal authorities strongly discourage organizations from paying ransoms, but Anne Neuberger of the National Security Council explains why it decided against a ban.
By Matt Kapko • Sept. 19, 2022 -
Cat Eye Perspective via Getty Images
Industrial control systems face more cyber risks than IT, expert testifies
Most ICS technology was designed more than 20 years ago and built without cyber resilience, Idaho National Laboratory's Vergle Gipson said.
By David Jones • Sept. 16, 2022 -
da-kuk via Getty Images
Microsoft cloud security exec challenges organizations to ditch outdated practices
Modern systems and modes of attack demand a dynamic and realistic security strategy, Shawn Bice said. The problem can be managed, not solved.
By Matt Kapko • Sept. 16, 2022 -
Maksym Kapliuk via Getty Images
State education leaders prioritize cybersecurity, but lack funding
In a survey by the State Educational Technology Directors Association, 57% of respondents said their state provides a low amount of funding for cybersecurity.
By Anna Merod • Sept. 15, 2022 -
iStock via Getty Images
Security vendor consolidation a priority for majority of organizations worldwide
Gartner research shows a surge in organizations that want to reduce the complexity of their security stacks.
By David Jones • Sept. 14, 2022 -
Courtesy of Billington CyberSecurity Summit
US is shoring up gaps in cyber policy, but critical goals remain unfulfilled
Legislators say the Cyberspace Solarium Commission led to significant national security enhancements, but analysts are calling for urgent momentum on a federal law on data privacy and security.
By David Jones • Sept. 13, 2022 -
Drew Angerer via Getty Images
Google closes $5.4B Mandiant acquisition
The Mandiant buy marks the second most expensive acquisition in Google’s history, underscoring the cloud provider’s commitment to become a standalone security brand.
By Matt Kapko • Sept. 12, 2022 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA announces RFI for critical infrastructure cyber reporting mandate
The agency plans to publish the information request in the Federal Register on Monday and will kick off a national listening tour.
By David Jones • Sept. 9, 2022 -
Permission granted by Billington CyberSecurity
CISA Director: Tech industry should infuse security at product design stage
Agency director Jen Easterly outlined a push for faster incident reporting and closer industry collaboration.
By David Jones • Sept. 7, 2022 -
South_agency via Getty Images
Most organizations remain unprepared for ransomware attacks
Too many organizations are failing to meet cybersecurity demands. Ransomware attacks abound and humans are still the weakest link.
By Matt Kapko • Sept. 6, 2022 -
TheSP4N1SH via Getty Images
Okta CEO pushes for passwordless future in wake of phishing attacks
Customers that rely on passwords and log-in pages are putting their organizations at greater risk of attack, Todd McKinnon told analysts.
By Matt Kapko • Sept. 2, 2022
Previous
