Why product testing companies are finally upping scrutiny on security

Third parties are working to improve product security, one review at a time.

By Alex Hickey • Aug. 9, 2018

To make systems safer, put more bugs in them

New York University security researchers found chaff bugs can be designed as "non-exploitable" when conditions are constrained and controlled.

By Samantha Schwartz • Aug. 8, 2018

Explore the Trendline➔

IT Security

Security strategies benefit from nimbleness as companies respond to high-profile vulnerabilities and support internal talent gaps.

By CIO Dive staff

Can industry overcome political differences to work with Trump admin on cybersecurity?

Vice President Mike Pence and DHS Secretary Kirstjen Nielsen renewed calls for public-private cybersecurity partnerships through government institutions. 

By Alex Hickey • Aug. 7, 2018

Breaches set to taper off in 2018, but deep rooted vulnerabilities remain

What impact are the 300,000 open security jobs having on the number of data breaches occurring at companies? 

By Samantha Schwartz • Aug. 7, 2018

Can Symantec get past its legacy brand image?

The company has to battle perceptions of being a legacy brand out of place in the modern market, so fixing its brand may be more of a sales and marketing issue than a technology one.

By Alex Hickey • Aug. 6, 2018

Private sector pay and opportunity pose big threat to federal talent retention

Federal agencies can effectively choose to ignore policies because they are outdated or don't make sense for the current framework.

By Samantha Schwartz • Aug. 3, 2018

With $2.35B Duo Security purchase, Cisco stakes claim on end-to-end network access

It's a new security era for Cisco, which is traditionally rooted in networking technology.

By Naomi Eide • Aug. 3, 2018

Cyberattacks targeting the software supply chain nearly double

As more data are managed on the cloud, supply chain managers must understand the vulnerabilities of both emerging and legacy technology.

By Gary Wollenhaupt • Aug. 2, 2018

HP, Bugcrowd to pay researchers to get printers out of a jam

Through the bug bounty program, the companies want their invite-only security researchers to hone in on vulnerabilities on the firmware level.

By Samantha Schwartz • Aug. 2, 2018

DHS walks back utility cyber warnings as Southern CEO says no grid emergency

Hackers cannot cause widespread power outages at this time, DHS said, tempering statements the agency made last week warning that cyber criminals could "throw switches" on the grid.

By Gavin Bade • Aug. 1, 2018

US retailers lead world in data breaches

Despite big spending by U.S. retailers, data breaches continue to grow, according to a study, with half reporting a breach in the last year.

By Dan Alaimo • July 31, 2018

Real risks of using file transfer protocol

The newest technology for B2B data exchange is managed file transfer protocol, an industry best secure communications framework.

By Chandra Shekhar • July 30, 2018

Houston runs 3-day cyberattack stress test

The Jack Voltaic 2.0 Cyber Research Project will simulate a concurrent cyberattack and a natural disaster, testing how the incidents affect responses, collaboration and communications.

By Jason Plautz • July 27, 2018

Malicious actors seeking exploits in SAP and Oracle ERP applications on the rise, US warns

Over the last three years, public exploitations of SAP and Oracle ERP apps have increased by 100%, according to new research.

By Samantha Schwartz • July 26, 2018

How vulnerable is the grid to cyberattacks, really?

Experts say a recent DHS briefing that warned hackers could cause widespread blackouts may have overstated the threat.

By Gavin Bade • July 25, 2018

How does Google prevent phishing attacks on its 85K employees? It gives workers a key

Changing credentials and introducing physical access — whether through a key or GPS location — is part of an emerging shift in identity and access management.

By Naomi Eide • July 24, 2018

Security: The job sucks

But with the right steps, this job doesn't have to suck. Keep the lines of communication open, find signals and anomalies that matter and advocate for security experts everywhere.

By Rich Reybok • July 23, 2018

America's in a cyberwar and 'I am not convinced we're winning,' former House intel chair says

There's a machine learning arms race taking place between system defenders and hackers, and the advantage boils down to who has the most training data.

By Alex Hickey • July 23, 2018

Call the exterminator: Awards for bug bounties up 33%

Unlike hackers, technology can only do so much, and most security scanners cannot find a flaw it doesn't already know exists.

By Samantha Schwartz • July 12, 2018

Group behind Ticketmaster breach hit 800 companies in global credit card skimming campaign

Magecart transitioned from hacking websites directly to hacking components from suppliers.

By Samantha Schwartz • July 11, 2018

Making cybersecurity work, one state at a time, starting with Virginia

State officials need to ensure that businesses know what supply chains, and thereby threat networks, they are a part of.

By Alex Hickey • July 11, 2018

With tech IPOs returning 61%, Tenable throws its name in the ring

In another strong performance by an enterprise tech company in the market, Tenable began publicly trading Thursday and closed the day up 31.5%. 

By Alex Hickey • Updated July 27, 2018

It is unrealistic for website developers to manage the volume of malware created daily

On average, organizations face about 50 cyberattacks a day, an increase of 14% from Q4 2017, according to a SiteLock report.

By Samantha Schwartz • June 28, 2018

Hackers 'dumb down' DDoS attacks, spurring rise in the last year

Attackers are learning to adapt to mitigations on the fly and that makes dealing with attacks more difficult. 

By Samantha Schwartz • June 27, 2018

Beyond a morbid nod, cyberattack anniversaries are good for their lessons

Five takeaways from cybersecurity experts a year after NotPetya.

By Samantha Schwartz • June 27, 2018