Cyber insurance keeps growing, as threats spur competition

Concerns remain about aggregation risk as highlighted by the July outage of Microsoft Windows devices, according to a report from Moody’s Ratings.

By David Jones • Sept. 9, 2024

Key cyber insurance stakeholders urge government to help close $900B in uncovered risk

Marsh McLennan and Zurich Insurance Group issued a white paper urging a public-private partnership to help tackle a growing coverage gap. The White House is working on a plan. 

By David Jones • Sept. 6, 2024

Explore the Trendline➔

Risk Management

Now, public companies have to detail their cybersecurity risk management in annual filings, raising awareness on what many cyber experts already knew — security issues are business issues. 

By Cybersecurity Dive staff

White House launches cybersecurity hiring sprint to help fill 500,000 job openings

National Cyber Director Harry Coker Jr. unveiled the program as part of an effort to fill a continued gap in cyber, technology and AI positions.

By David Jones • Sept. 5, 2024

Infosec spending to hit 3-year growth peak, reach $212B next year: Gartner

The continuation of annual double-digit growth rates, 15% next year, comes as organizations consolidate spending and reassess EPP and EDR needs.

By Matt Kapko • Sept. 5, 2024

Microsoft is training developers on the intricacies of threat intelligence

Cybercrime wonk Sherrod DeGrippo is taking Microsoft’s software developers and engineers on a journey into her world, the depths of threat intelligence.

By Matt Kapko • Sept. 4, 2024

CISA launches cyber incident reporting portal to streamline breach disclosure

The secure portal is designed to encourage faster and more robust information sharing about malicious attacks and critical vulnerabilities.

By David Jones • Aug. 30, 2024

CrowdStrike takes a revenue hit as global IT outage reckoning lingers

Sales are taking longer to close and the cybersecurity vendor is offering discounts to stem potential customer losses.

By Matt Kapko • Aug. 29, 2024

SentinelOne fields inquiries from new customers following global IT outage linked to CrowdStrike

Companies looking to diversify their risk from disruption are approaching SentinelOne, a week after similar customer movement was reported by Palo Alto Networks. 

By David Jones • Aug. 28, 2024

CISA officials credit Microsoft security log expansion for improved threat visibility

CISA officials say they plan to hold Microsoft accountable to ensure the company lives up to its commitments.

By David Jones • Aug. 27, 2024

Marketing data security threats are rising: Where CMOs see gaps

While marketers prioritize working with data security teams, effective communication remains a struggle, according to research from the CMO Council and KPMG. 

By Peter Adams • Aug. 23, 2024

US, Australian authorities lead international push to adopt event logging

State-linked and criminal threat groups are using living-off-the-land techniques to hide their hacking activities behind regular security tools.

By David Jones • Aug. 22, 2024

After a wave of attacks, Snowflake insists security burden rests with customers

The cloud-based data warehouse vendor remains “slightly muted” about the attacks on its customers because it wasn’t breached, CEO Sridhar Ramaswamy said.

By Matt Kapko • Aug. 22, 2024

Insurance coverage drives cyber risk reduction for companies, researchers say

Companies with cyber coverage are better able to detect and respond to attacks, according to a Forrester report.

By David Jones • Aug. 21, 2024

3 tips to building a robust AI security strategy

Organizations can reap bigger benefits from AI with guardrails that combine human oversight, strong underlying security architecture and technical controls.

By Anton Chuvakin • Aug. 21, 2024

Palo Alto Networks CEO touts leads from CrowdStrike fallout

In the wake of the massive IT outage, some CrowdStrike customers have entered talks with Palo Alto Networks in search of a new provider.

By David Jones • Aug. 20, 2024

3 CIO lessons for maximizing cybersecurity investments

Securing resources has gotten easier, said Feroz Merchhiya, City of Santa Monica CIO. But that hasn't diminished tech leaders' role in showing the value.

By Lindsey Wilkinson • Aug. 19, 2024

Companies aren’t as resilient against cyber risks as they think

Most companies fall short on business continuity as malicious threat activity continues to rise, a Cohesity study found.

By David Jones • Aug. 19, 2024

Microsoft mandates MFA for all Azure users

The company said it will require the identity and access control for all Azure sign-ins starting in October.

By Matt Kapko • Aug. 19, 2024

The biggest blockers to AI adoption, according to CISOs (and how to remove them)

74% of CISOs agree that the benefits of AI outweigh the risks. So what’s holding them back? Discover how to remove the biggest blockers to AI innovation.

By Eoin Hinchy, CEO and co-founder, Tines • Aug. 19, 2024

It’s time to stop thinking of threat groups as supervillains, experts say

“These villains do not have superpowers. We should not treat them like they do,” CISA Director Jen Easterly said in a keynote at Black Hat.

By Matt Kapko • Aug. 15, 2024

White House details $11M plan to help secure open source

National Cyber Director Harry Coker Jr., speaking at Def Con in Las Vegas, says federal assistance must be bolstered by more ownership among the community.

By David Jones • Aug. 14, 2024

M&A activity can amplify ransomware insurance losses, research finds

The financial severity of claims related to ransomware attacks increased more than 400% from 2022 to 2023, the study found.

By Alexei Alexis • Aug. 14, 2024

CISA director: Cybersecurity is ‘not an impossible problem’

In Jen Easterly's view, the solution to the industry's pains lies in secure by design. “We got ourselves into this, we have to get ourselves out,” she said during a media briefing at Black Hat.

By Matt Kapko • Aug. 13, 2024

Misguided lessons from CrowdStrike outage could be disastrous

Some leaders think moving slowly is safer in light of global outages, but this approach is wrong when addressing cyber vulnerabilities and will lead to bigger problems.

By Deepak Kumar • Aug. 13, 2024

Microsoft Deputy CISO recounts responding to the CrowdStrike outage

The industry’s collective response to the massive outage underscored for Ann Johnson its ability to come together and put competitive interests aside.

By Matt Kapko • Aug. 12, 2024