US still prioritizing zero-trust migration to limit hacks’ damage

The zero-trust initiative, which gained steam during the Biden administration, is still underway.

By Eric Geller • Aug. 6, 2025

CISA’s relationship with industry needs work to reestablish trust, experts say

Critics say budget cuts, job losses have hurt the agency’s ability to coordinate with private industry.

By David Jones • Aug. 6, 2025

Senate confirms Trump’s national cyber director nominee

Sean Cairncross, a political veteran without significant cybersecurity experience, could turn the relatively new White House office into a major player in the administration.

By Eric Geller • Aug. 3, 2025

DOJ reaches $9.8 million settlement with Illumina over cyber whistleblower claims

The U.S. alleged the company knowingly sold genetic-sequencing systems with software vulnerabilities to federal agencies.

By David Jones • Updated Aug. 1, 2025

FBI, CISA warn about Scattered Spider’s evolving tactics

International authorities are pursuing the group following the arrests of four suspects in a series of attacks targeting British retailers.

By David Jones • July 29, 2025

Senators push CISA director nominee on election security, agency focus

Sean Plankey said he would double down on CISA’s core mission and “allow the operators to operate.”

By Eric Geller • July 24, 2025

Trump AI plan calls for cybersecurity assessments, threat info-sharing

It remains unclear how federal agencies depleted by layoffs will be able to implement the strategy’s ambitious vision, which includes an ISAC dedicated to AI.

By Eric Geller • July 23, 2025

Lapsed CISA contract impedes national lab’s threat-hunting operations

The CyberSentry program remains operational, according to CISA, with analysts outside the lab continuing to review sensor data.

By Eric Geller • July 23, 2025

Dwindling federal cyber support for critical infrastructure raises alarms

A plan to transfer cybersecurity and resilience responsibilities to states could have major unintended consequences.

By Eric Geller • July 22, 2025

Top US senator calls out supply-chain risk with DoD contractors

The Senate Intelligence Committee chairman questioned the security of Microsoft’s “digital escort” arrangement with its Chinese employees.

By Eric Geller • Updated July 18, 2025

State Department cyber diplomacy firings and changes threaten US defenses

Departures and restructuring will make it harder for the agency to pursue global policies that strengthen U.S. critical infrastructure, experts said.

By Eric Geller • July 17, 2025

UK authorities arrest 4 people in probe of retail cyberattack spree

The arrests mark the first major break in a case linked to the Scattered Spider cybercrime group, although additional work continues with multiple agencies.

By David Jones • Updated July 10, 2025

M&S chairman calls for mandatory disclosure of material cyberattacks

The chairman testified before British lawmakers following a major social-engineering attack on the department-store chain.

By David Jones • July 9, 2025

Suspected contractor for China’s Hafnium group arrested in Italy

U.S. authorities charged the man and a co-conspirator with hacking COVID-19 researchers and kicking off a cyberattack spree targeting Microsoft Exchange servers. 

By David Jones • July 8, 2025

Security coalition urges Congress to renew 2015 CISA law

A group of top cybersecurity and technology firms said the law provided critical protections for sharing essential vulnerability information.

By Eric Geller • July 8, 2025

SEC seeks SolarWinds settlement in reversal for agency under new leadership

The decision by the commission, now under Republican control, could reshape the landscape of corporate accountability for cyber incidents.

By Eric Geller • July 7, 2025

FBI cyber guidance to lawmakers falls short, US senator says

Sen. Ron Wyden wants FBI briefings to cover four often-overlooked cybersecurity practices.

By Eric Geller • July 2, 2025

‘Suspended animation’: US government upheaval has frayed partnerships with critical infrastructure

Recent federal cuts, reorganizations and other disruptions have alarmed industry leaders, who say the government is a less reliable partner even as cyber threats increase.

By Eric Geller • June 25, 2025

Federal officials, critical infrastructure leaders remain on guard for Iran-linked hacks

Amid an uneasy truce, security teams in the U.S. said they have not seen any credible or specific threats.

By David Jones • June 24, 2025

Cyber insurance premiums drop for first time, report finds

Despite a decline in both premiums and prices, the market continues to be profitable.

By Eric Geller • June 24, 2025

DHS warns of heightened cyber threat as US enters Iran conflict

Federal officials are warning that pro-Iran hacktivists or state-linked actors may target poorly secured U.S. networks.

By David Jones • June 23, 2025

FTC reminds car dealers to protect customer data

The commission described how recently updated federal regulations affect dealerships — and their vendors.

By Eric Geller • Updated June 17, 2025

SEC scraps proposed cybersecurity rules for investment advisers, market participants

The commission offered no rationale for removing rules that would have imposed security requirements on financial services providers.

By Eric Geller • Updated June 16, 2025

Software vulnerabilities pile up at government agencies, research finds

A Veracode report reveals that government networks have accumulated years of unresolved security flaws, putting them at serious risk of exploitation.

By David Jones • June 12, 2025

Trump scraps Biden software security, AI, post-quantum encryption efforts in new executive order

The White House accused the Biden administration of trying to “sneak problematic and distracting issues into cybersecurity policy.” 

By Eric Geller • June 6, 2025