Risk & Security

How to secure distributed organizations, protect sensitive information and comply with regulation

Risk & Security

Federal Funding to Boost State and Local Cybersecurity

With $1 billion in infrastructure spending, the nation’s patchwork of state and local governments is about to get a major security boost.

Risk & Security

Should Ransomware Payments Be Illegal?

Megan Brown, a former counsel to the U.S. attorney general, parses the complex ethical, logistical, and regulatory aspects.

Risk & Security

Fed’s Cybersecurity Directive Spotlights Aging Networks

U.S. cybersecurity officials have directed all federal agencies to patch hundreds of known vulnerabilities. That’s just a start. Here’s what else they need to do.

Risk & Security

EDR Products (Alone) Will Not Secure Federal Agencies

National cybersecurity should not be left to a set-it-and-forget-it tool.

Risk & Security

Ex-Defense Chief on Cybersecurity: ‘We Are Our Own Worst Enemy’

Ash Carter speaks out about what the U.S. could—and should—do to protect itself from nation-state cyberattacks by Russia, China, Belarus, and others.

Risk & Security

Biden Administration Orders Agencies to Patch Hundreds of Cyber Flaws

Federal agencies must act fast to fix nearly 300 active cybersecurity vulnerabilities. Here’s how.

Risk & Security

What a Cyber Assault on Our Power Grid Will Look Like

Ahead of a simulated attack on the North American energy grid, utilities should review their cyberdefenses and ensure their networks have maximum protection year-round.

Risk & Security

U.S. Defense Contractors Harden Their Cyber Battle Plans

To combat cyberwarfare and to manage industry protocols, suppliers look to cybersecurity best practices.

Risk & Security

Companies Scramble to Find CISOs Amid Rise in Hacking Threats

Chief information security officers are in big demand, commanding top salaries and a direct line to the CEO. Here’s what employers and candidates need to know.

Risk & Security

EDR Is Not a Silver Bullet Against Cyber Threats

Endpoint detection and response (EDR) platforms have given many organizations a false sense of security. Here’s where EDRs fall short and how you can improve your cyber readiness.