SolarWinds

DOJ will sue federal contractors that hide cyberattacks and breaches

The U.S. Department of Justice has said it will launch civil legal action against federal contractors if they fail to report cyberattacks or data breaches. The Civil Cyber-Fraud Initiative, introduced

Stairwell secures $20M Series A to help organizations outsmart attackers

Back when Stairwell emerged from stealth in 2020, the startup was shrouded in secrecy. Now with $20 million in Series A funding, its founder and CEO Mike Wiacek — who previously served as chief secu

The stars are aligning for federal IT open source software adoption

While the government has made a number of moves in a more open direction in recent years, the story of open source in federal IT has often seemed more about potential than reality.

To prevent cyberattacks, the government should limit the scope of a software bill of materials

There is no reason to disdain the concept of SBOM outright. Indeed, it’s heartening to see the federal government take cybersecurity so seriously.

Checkmarx acquires open-source supply chain security startup Dustico

Checkmarx, an Israeli provider of static application security testing (AST), has acquired open-source supply chain security startup Dustico for an undisclosed sum.  Founded in 2020, Dustico provides

Passwordstate customers complain of silence and secrecy after cyberattack

It has been over three months since Click Studios, the Australian software house behind the enterprise password manager Passwordstate, warned its customers to “commence resetting all passwords.&

Cybereason raises $275M at Series F, adds Steven Mnuchin to board

Cybereason, a U.S.-Israeli late-stage cybersecurity startup that provides extended detection and response (XDR) services, has secured $275 million in Series F funding.  The investment was led by Libe

Microsoft confirms it’s buying cybersecurity startup RiskIQ

Microsoft has confirmed it’s buying RiskIQ, a San Francisco-based cybersecurity company that provides threat intelligence and cloud-based software as a service for organizations. Terms of the de

Zero trust unicorn Illumio closes $225M Series F led by Thoma Bravo

Illumio, a self-styled zero trust unicorn, has closed a $225 million Series F funding round at a $2.75 billion valuation.  The round was led by Thoma Bravo, which recently bought cybersecurity vendor

Biden’s executive order on cybersecurity should include behavior transparency

The cyber executive order, alongside sanctions on Russia, are strong indications the Biden administration intends to take a far more proactive approach to cybersecurity. But it's not quite enough.

CISA launches platform to let hackers report security bugs to US federal agencies

The Cybersecurity and Infrastructure Security Agency has launched a vulnerability disclosure program allowing ethical hackers to report security flaws to federal agencies. The platform, launched with

AI cybersecurity provider SentinelOne files for $100M IPO

SentinelOne, a late-stage security startup that helps organizations secure their data using AI and machine learning, has filed for an IPO on the New York Stock Exchange (NYSE). In an S-1 filing on Thu

FireEye to sell products unit to Symphony-led group for $1.2B

Cybersecurity giant FireEye has agreed to sell its products business to a consortium led by private equity firm Symphony Technology Group for $1.2 billion. The all-cash deal will split FireEye, the ma

Cybersecurity startup Panaseer raises $26.5M Series B led by AllegisCyber Capital

Panaseer, which takes a data science approach to cybersecurity, has raised $26.5 million in a Series B funding led by AllegisCyber Capital. Existing investors, including Evolution Equity Partners, Not

Enterprise security attackers are one password away from your worst day

IT organizations must shift their enterprise security strategy to detect credential-based attacks before they become a problem.

Biden’s cybersecurity dream team takes shape

President Biden has named two former National Security Agency veterans to senior government cybersecurity positions, including the first national cyber director. The appointments, announced Monday, la

Bring CISOs into the C-suite to bake cybersecurity into company culture

Cyber strategy and company strategy are inextricably linked. Consequently, chief information security officers (CISOs) in the C-Suite will be just as common and influential as CFOs in maximizing share

The ‘Frankencloud’ model is our biggest security risk

The SolarWinds attack was successful because it took advantage of a vast, intermixed supply chain of technology vendors. The lesson? Complexity is the enemy of security.

Why ‘blaming the intern’ won’t save startups from cybersecurity liability

Whether a company is liable for cyber incidents based on the actions of employees or contractors will depend on the circumstances of what happened.

Microsoft says China-backed hackers are exploiting Exchange zero-days

Microsoft is warning customers that a new China state-sponsored threat actor is exploiting four previously undisclosed security flaws in Exchange Server, an enterprise email product built by the softw
Load More