Merck still reeling from Nyetya cyberattack, also expects Q4 impacts

Were it not for the June cyberattack, Merck & Co. would have had quarterly growth.

By Naomi Eide • Oct. 31, 2017

'Darknet' and quantum communications could enhance grid cybersecurity, scientists tell Senate

The Department of Energy is working to develop a private grid communication system called "darknet" to automatically detect, isolate and defend against cyber intrusions.

By Gavin Bade • Oct. 30, 2017

Explore the Trendline➔

IT Security

Security strategies benefit from nimbleness as companies respond to high-profile vulnerabilities and support internal talent gaps.

By CIO Dive staff

Prepare for 'Y2Q' as quantum computing looms, Rep. Hurd says

"Y2Q," or "years to quantum," is the next frontier federal cyber specialists should explore to avoid complete security disruption. 

By Samantha Schwartz • Oct. 30, 2017

Down the Bad Rabbit hole: New ransomware exploits EternalRomance

The ransomware has many similarities to the Nyetya attack, including traces of wiper code and DiskCryptor, which is used to lock a targeted hard drive.

By Samantha Schwartz • Oct. 27, 2017

How the private sector can adopt the government's unified security practices

The government's centralized approach to examining overall IT infrastructure is something private businesses should adopt to mitigate the impact of cyberattacks.

By Samantha Schwartz • Oct. 27, 2017

How the cybersecurity industry can close the growing skills gap

Adding women to the tech workforce could lessen the gap in cybersecurity talent, but this requires bottom-up changes to how young women perceive and enter tech.

By Naomi Eide • Oct. 26, 2017

Security, breaches and threats, oh my! 5 takeaways from CyberTalks 2017

Data security sounds like an easy end, but tech leaders acknowledge front and backend factors at play in today's dangerous cybersecurity environment.

By Alex Hickey • Oct. 24, 2017

Kaspersky CEO defends security products, claims innocence

The Russian security firm claimed that the recent allegations seem to be rooted in damaging the security software provider's reputation without the opportunity of due process.

By Samantha Schwartz • Oct. 24, 2017

Fear the Reaper: Successor to Mirai botnet emerges, no DDoS activity — yet

The Reaper builds on some of Mirai's source code but doesn't rely on default passwords. Hackers have yet to use the botnet in a malicious way, but time will certainly tell how they plan to use it.

By Naomi Eide • Oct. 23, 2017

One year after the Dyn DDoS attack broke the internet, what's changed?

In response to the attack, security experts were quick to extol the virtues of redundancy measures — a best practice that experts have recommended for nearly two decades. But a year later, not much has changed.

By Naomi Eide • Oct. 20, 2017

Facebook CSO: Social network has not 'caught up' with its security responsibilities

With 2 billion monthly active users, the social media company carries the burden of protecting troves of personal consumer data.

By Samantha Schwartz • Oct. 20, 2017

Azure CTO: Cloud encryption of data 'in use' coming soon

Under coming security updates, customer data will be encrypted at rest and in use, the latter of which was not possible before and may ease fears of companies yet to migrate.

By Alex Hickey • Oct. 19, 2017

The time for quantum computing investment 'is now,' experts say

In the security sphere, a complete rollout of quantum encryption and post-quantum cryptography requires a retrospective update of old systems.

By Alex Hickey • Oct. 18, 2017

The KRACK in the Wi-Fi: Vendors scramble to patch after critical flaw discovered

Almost 150 vendors were affected by the flaw, which impacts nearly every device that can connect to the internet.  

By Naomi Eide • Oct. 17, 2017

The 'winning' blockchain platform is not yet in the market, Gartner says

Right now there are about 100 blockchain platforms being built, but none are compatible and 90% have yet to be released.

By Naomi Eide • Oct. 16, 2017

Another day, another hack: Cyberattackers strike Equifax's website

Independent assessments of a fraudulent Adobe Flash update suggests a third-party ad network Equifax used could be to blame.

By Samantha Schwartz • Oct. 13, 2017

5 of the largest data breaches in recent history — and 4 more you forgot

As the country mulls the impact of an increasing number of breaches, here is a look at some particularly bad incidents people might have forgotten about and companies may not have learned a lesson from.

By Alex Hickey • Oct. 12, 2017

Computer scientists among 2017 MacArthur 'Genius Grant' winners

Two computer scientists earned a lifetime of bragging rights after winning the MacArthur "Genius Grant."

By Samantha Schwartz • Oct. 12, 2017

Rethinking security for cloud workloads

For the first time in the digital age, cloud software and SaaS enable the company that develops the software to also be the company that hosts the software for the consumption of its customers.

By Manish Gupta • Oct. 12, 2017

Deloitte reportedly suffered hack during email migration to Office 365

The consulting firm has implemented stricter authentication after a single-password portal was exploited, impacting up to 350 organizations, including the U.S. Department of Defense and FIFA. 

By Samantha Schwartz • Oct. 11, 2017

FDIC had more than 50 data breaches in 2 years

The OIG found problems in the department's response to several suspected breaches jeopardizing PII including social security numbers, driver's license numbers and home addresses.

By Samantha Schwartz • Oct. 9, 2017

From Sears to Golden State Foods, companies turning to IoT

Individual vendors have yet to establish dominance in the market, and IBM is trying to claim its own stake among other pushes in the cloud, blockchain and Big Data spheres.

By Alex Hickey • Oct. 6, 2017

US cyber espionage secrets reportedly hacked through Kaspersky software

It is believed Russian actors accessed sensitive material through Kaspersky Labs' software on an NSA contractor's home computer, which would be the first known case of Kaspersky espionage.

By Samantha Schwartz • Oct. 6, 2017

As companies struggle to discern the scope of cyberattacks, attention shifts to better detection

Yahoo disclosed an additional two billion compromised user accounts Tuesday, highlighting just how long it took for the company to understand the full scope of the 2013 data breach. 

By Naomi Eide • Oct. 5, 2017

SEC ignored warnings from forensic tech unit 2 months before breach

It is clear the SEC's breach is no longer a matter of ignorance as concerns of "serious deficiencies" in equipment were made known in a memo to Congress.

By Samantha Schwartz • Oct. 5, 2017