AI risks pack a punch, but governance provides a buffer

Enterprises strengthen governance and focus on responsible practices as more than 3 in 5 suffer AI risk-related losses of more than $1 million, EY data shows. 

By Lindsey Wilkinson • Oct. 29, 2025

UN member states sign cybercrime agreement despite industry, activist opposition

Critics say the new convention is ripe for abuse by authoritarian countries.

By Eric Geller • Oct. 27, 2025

Explore the Trendline➔

CISO Strategy

Corporate stakeholders want to better understand the risk calculus of their technology stacks, answering the lingering question: Are we a target? 

By Cybersecurity Dive staff

Climbing costs, skills loss and other AI warnings for CIOs

Amid seismic change for IT leaders, enterprises need to curate survival kits to mitigate reliability and cost challenges, Gartner analysts said. 

By Lindsey Wilkinson • Oct. 23, 2025

Burned-out security leaders view AI as double-edged sword

As companies face cybersecurity skills gaps and broader attack surfaces, they’re warily turning to AI-powered automation.

By Eric Geller • Oct. 23, 2025

CISA’s international, industry and academic partnerships slashed

The latest round of sweeping layoffs could hamper the business community’s collaboration with the beleaguered cyber agency.

By Eric Geller • Oct. 22, 2025

Gartner: How to prepare for and respond to today’s evolving threat landscape

With the emergence of AI, security operations teams must navigate a fast-moving generation of cyber threats.

By Jeremy D'Hoinne, Distinguished Research VP, Gartner • Oct. 21, 2025

Top cybersecurity conferences to attend in 2026

Security experts will come together to hear about the latest risk management strategies, novel hacking techniques, cyber governance and the technologies enterprises need to defend their networks.

By Eric Geller , David Jones • Oct. 20, 2025

Why security awareness training doesn’t work — and how to fix it

Companies have built their security strategies around phishing simulations and educational webinars, tactics that research shows are ineffective.

By Eric Geller • Oct. 20, 2025

Fortune 500 companies designate specialist roles to bolster security operations teams

Four in 10 companies have created deputy CISO roles as regulatory concerns require greater board engagement.

By David Jones • Oct. 17, 2025

CISA’s latest cuts reignite concerns among Democratic lawmakers

A congressman on a key subcommittee suggests that shrinking CISA leaves Americans exposed to mounting cyber threats.

By Eric Geller • Oct. 15, 2025

Fortune 100 firms accelerate disclosures linked to AI, cybersecurity risk

Companies are concerned about deepfakes and unauthorized AI tools, and board committees are increasing their oversight responsibilities.

By David Jones • Oct. 15, 2025

Layoffs, reassignments further deplete CISA

Some CISA staffers have been pushed out, while others are being told to move across the country for jobs outside their skill sets.

By Eric Geller • Oct. 14, 2025

Risk mitigation budgets swell as enterprise AI adoption grows

Governing AI comes at a cost, with most organizations increasing oversight investments in the next financial year, according to OneTrust data.

By Lindsey Wilkinson • Oct. 9, 2025

Businesses fear AI exposes them to more attacks

More than half of companies have already faced AI-powered phishing attacks, a new survey finds.

By Eric Geller • Oct. 7, 2025

Landmark US cyber-information-sharing program expires, bringing uncertainty

Without legal protections, companies might stop reporting information about cybersecurity threats.

By Eric Geller • Oct. 1, 2025

Federal cuts force many state and local governments out of cyber collaboration group

The Multi-State Information Sharing and Analysis Center lost U.S. government funding at midnight, jeopardizing the cybersecurity of thousands of cash-strapped counties, cities and towns.

By Eric Geller • Oct. 1, 2025

CISA to furlough 65% of staff if government shuts down this week

Employees are worried about threatened mass firings and the cybersecurity ripple effects of a funding lapse.

By Eric Geller • Sept. 29, 2025

NIST explains how post-quantum cryptography push overlaps with existing security guidance

The agency published a document linking its recommendations for PQC migration to the advice in its landmark security publications.

By Eric Geller • Sept. 19, 2025

House spending bill would reauthorize key cybersecurity programs

The two programs, which encourage information sharing and fund local improvements, are seen as critical for national cyber resilience.

By Eric Geller • Sept. 17, 2025

CISA audit sparks debate about cybersecurity pay incentives

Some Cybersecurity and Infrastructure Security Agency employees believe a recent inspector general’s report partially missed the mark.

By Eric Geller • Sept. 15, 2025

UK cyber leader calls for shift in focus toward continuity of critical services

Richard Horne, CEO of the National Cyber Security Centre, said the U.S. remains a key ally in the global fight against sophisticated adversaries.

By David Jones • Sept. 11, 2025

How the retail sector teams up to defend against cybercrime

The cyberthreat intel-sharing and collaboration group RH-ISAC is helping companies confront cyberattacks. But the challenge is delivering timely intelligence in a dynamic threat environment.

By Eric Geller • Sept. 11, 2025

Mitsubishi Electric agrees to buy Nozomi Networks in deal valued at about $1B

The agreement is part of a larger strategy for Mitsubishi to develop one-stop security capabilities in the OT space.

By David Jones • Sept. 9, 2025

How AI and politics hampered the secure open-source software movement

Tech giants pledged millions to secure open-source code. Then AI came along.

By Eric Geller • Sept. 9, 2025

Swiss Re warns of rate deterioration in cyber insurance

Competition among insurers has forced them to offer concessions on premiums, limits and controls.

By David Jones • Sept. 5, 2025