Policy & Regulation


  • DHS logo
    Image attribution tooltip
    Alex Wong via Getty Images
    Image attribution tooltip

    CISA gets a deputy director as it braces for major layoffs

    Madhu Gottumukkala, a state CIO, lacks the homeland security experience of his two predecessors.

    By April 25, 2025
  • Leaders of the G7 nations gathered at the Leaders Summit in Italy in June 2024.  A group of top CISOs sent a letter to the G7 in April 2025 asking for harmonization of global cyber regulations.
    Image attribution tooltip
    Antonio Masiello via Getty Images
    Image attribution tooltip

    CISOs band together to urge world governments to harmonize cyber rules

    Policymakers have moved slowly to reduce regulatory overlap, but the new industry plea could help change that.

    By April 24, 2025
  • Sen. Marco Rubio sits at a senate conference.
    Image attribution tooltip
    Drew Angerer via Getty Images
    Image attribution tooltip

    State Department reorganization could imperil cyber diplomacy

    Congress told the U.S. State Department how to approach global cyber challenges, but the administration’s plan would upend that strategy.

    By April 23, 2025
  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    CISA’s Secure by Design initiative in limbo after key leaders resign

    Companies have been urging CISA to scale back its software security pressure campaign. Two new resignations from the agency could accelerate that shift.

    By April 22, 2025
  • Capitol building, DC
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    Bill extends cyber threat info-sharing between public, private sector

    The Cybersecurity Information Sharing Act of 2015, set to expire in September, “moved the needle.”

    By Elizabeth Montalbano, Contributing Reporter • April 16, 2025
  • Smiling businesswoman in headphones taking notes, working with laptop and talking smartphone, blue glowing information protection icons. Padlock, cloud and digital interface. Cyber security concept - stock photo
    Image attribution tooltip
    iStock via Getty Images
    Image attribution tooltip

    Mitre CVE program regains funding as renewal deal reached

    The information security industry feared a lapse would lead to industrywide exposures of software vulnerabilities.

    By April 16, 2025
  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    CISA launches new wave of job cuts

    Critics warn that drastic downsizing of the DHS unit will threaten the nation’s ability to counter cyber adversaries.

    By April 16, 2025
  • A family stands at a Delta Air Lines ticketing counter trying to rebook a flight after a CrowdStrike software update caused thousands of cancelations.
    Image attribution tooltip
    Jessica McGowan / Stringer via Getty Images
    Image attribution tooltip

    Aviation sector faces heightened cyber risks due to vulnerable software, aging tech

    A report calls on federal authorities to conduct comprehensive risk assessments and take steps to modernize the air traffic control system.

    By April 14, 2025
  • Sen. Ron Wyden, D-Ore.
    Image attribution tooltip
    Drew Angerer/Getty Images via Getty Images
    Image attribution tooltip

    Plankey nomination at CISA placed on hold after Wyden pushes for telecom report

    The Oregon senator is demanding CISA release a report on security practices in the industry, citing concerns about the Salt Typhoon hacking campaign. 

    By April 10, 2025
  • The exterior of the U.S. Capitol on Jan. 3, 2024.
    Image attribution tooltip
    Colin Campbell/Cybersecurity Dive
    Image attribution tooltip

    Trump administration under scrutiny as it puts major round of CISA cuts on the table

    Congressional members plan to raise questions Tuesday as hundreds of critical jobs could be slashed in the coming weeks.

    By April 7, 2025
  • photo of Lt. General Timothy Haugh
    Image attribution tooltip
    Alex Wong via Getty Images
    Image attribution tooltip

    Head of NSA and US Cyber Command reportedly fired

    Gen. Timothy D. Haugh served as the head of two government organizations that play integral roles for U.S. cybersecurity.

    By April 4, 2025
  • A man and a woman shake hands in front of a desk that has flags from the U.S. and Ukraine. The people are in front of a blue background with CISA logos.
    Image attribution tooltip
    Retrieved from Jen Easterly/CISA.
    Image attribution tooltip

    CISA, FBI warn of fast flux technique used to hide malicious servers

    Criminal and state-linked hackers use fast-changing DNS records to make it harder for defenders to detect or disrupt malicious activity.

    By April 4, 2025
  • Commerce Secretary Lutnick on the White House lawn after speaking to the press.
    Image attribution tooltip
    Andrew Harnik via Getty Images
    Image attribution tooltip

    House members press Commerce Secretary Lutnick on DOGE-related job cuts at NIST

    The agency has already slashed dozens of probationary workers, and further cuts could have major consequences for cybersecurity standards and AI development. 

    By April 3, 2025
  • Mark Uyeda during May 2022 Senate hearing
    Image attribution tooltip
    Tasos Katopodis via Getty Images
    Image attribution tooltip

    SEC should avoid ‘overly prescriptive’ AI rules, acting chair says

    The comments follow actions taken by President Trump that have effectively upended the U.S. approach to AI policy under Biden, according to analysts.

    By Alexei Alexis • March 28, 2025
  • FCC Brendan Carr
    Image attribution tooltip
    Kevin Dietsch via Getty Images
    Image attribution tooltip

    FCC investigating China-linked companies over evasion of US national security measures

    The agency is cracking down on the use of prohibited technologies following a series of hacks into US telecommunications firms.

    By March 24, 2025
  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    CISA urges fired probationary workers to respond after federal judge grants order

    The agency plans to keep workers on paid administrative leave despite ongoing concerns about its ability to address cyber threats.

    By March 18, 2025
  • Federal Communications Commission Commissioner Brendan Carr
    Image attribution tooltip
    Kevin Dietsch / Getty Images via Getty Images
    Image attribution tooltip

    FCC launches national security unit to counter state-linked threats to US telecoms

    The new council is part of an effort to thwart Salt Typhoon and other cyber espionage groups.

    By March 13, 2025
  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
    Image attribution tooltip

    Trump nominates Plankey to lead CISA

    Sean Plankey previously held key roles at the Department of Energy and National Security Council during the first Trump administration.

    By March 11, 2025
  • Capitol building, DC
    Image attribution tooltip
    Getty Images via Getty Images
    Image attribution tooltip

    Former NSA cyber director warns drastic job cuts threaten national security

    Rob Joyce told lawmakers mass layoffs of federal workers will hurt the ability of the U.S. to combat malicious cyber activity from China and other adversaries.

    By March 10, 2025
  • Rhode Island Chief Digital Officer Brian Tardiff and Gov. Dan McKee speak at a Dec. 30 press briefing on the cyberattack against the RIBridges social services database. The officials held a Jan. 10 briefing to notify thousands of recipients that breach notification letters were being mailed out.
    Image attribution tooltip
    Courtesy of Rhode Island
    Image attribution tooltip

    Critical infrastructure at state, local levels at heightened risk of cyberattacks

    State and local governments need additional resources, shared intelligence and coordination, an MS-ISAC report showed.

    By Feb. 28, 2025
  • Karen Evans was named executive assistant director for cybersecurity, CISA.
    Image attribution tooltip
    Permission granted by CISA
    Image attribution tooltip

    CISA taps Karen Evans as executive assistant director for cybersecurity

    The veteran official’s appointment could reassure the cyber community that a steady hand will help lead the agency.

    By Feb. 27, 2025
  • SEC regulation securities laws
    Image attribution tooltip
    Hapabapa via Getty Images
    Image attribution tooltip

    SEC revamps cyber and crypto enforcement unit under Trump administration

    The reconfigured unit signals a more hands-off approach on digital currencies, but legal experts do not expect major changes in cyber risk disclosure.

    By Feb. 21, 2025
  • Rendered image depicting global networks.
    Image attribution tooltip
    DKosig via Getty Images
    Image attribution tooltip

    US authorities warn Ghost ransomware leverages older CVEs

    The China-linked threat group has targeted critical infrastructure providers in more than 70 countries.

    By Feb. 20, 2025
  • DeepSeek logo in front of China's flag.
    Image attribution tooltip
    Anthony Kwan/Getty Images via Getty Images
    Image attribution tooltip

    DeepSeek surge hits companies, posing security risks

    The Trump administration is scrutinizing the AI app, Italy and Taiwan have banned it, and companies have blocked it.

    By Alexei Alexis • Feb. 5, 2025
  • Rhode Island Chief Digital Officer Brian Tardiff and Gov. Dan McKee speak at a Dec. 30 press briefing on the cyberattack against the RIBridges social services database. The officials held a Jan. 10 briefing to notify thousands of recipients that breach notification letters were being mailed out.
    Image attribution tooltip
    Courtesy of Rhode Island
    Image attribution tooltip

    Deloitte pays $5M in connection with breach of Rhode Island benefits site

    The company agreed to cover expenses related to recovery from the December cyberattack.

    By Feb. 5, 2025