Policy & Regulation
-
CISA gets a deputy director as it braces for major layoffs
Madhu Gottumukkala, a state CIO, lacks the homeland security experience of his two predecessors.
By Eric Geller • April 25, 2025 -
CISOs band together to urge world governments to harmonize cyber rules
Policymakers have moved slowly to reduce regulatory overlap, but the new industry plea could help change that.
By Eric Geller • April 24, 2025 -
State Department reorganization could imperil cyber diplomacy
Congress told the U.S. State Department how to approach global cyber challenges, but the administration’s plan would upend that strategy.
By Eric Geller • April 23, 2025 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA’s Secure by Design initiative in limbo after key leaders resign
Companies have been urging CISA to scale back its software security pressure campaign. Two new resignations from the agency could accelerate that shift.
By Eric Geller • April 22, 2025 -
Bill extends cyber threat info-sharing between public, private sector
The Cybersecurity Information Sharing Act of 2015, set to expire in September, “moved the needle.”
By Elizabeth Montalbano, Contributing Reporter • April 16, 2025 -
Mitre CVE program regains funding as renewal deal reached
The information security industry feared a lapse would lead to industrywide exposures of software vulnerabilities.
By David Jones • April 16, 2025 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA launches new wave of job cuts
Critics warn that drastic downsizing of the DHS unit will threaten the nation’s ability to counter cyber adversaries.
By David Jones • April 16, 2025 -
Aviation sector faces heightened cyber risks due to vulnerable software, aging tech
A report calls on federal authorities to conduct comprehensive risk assessments and take steps to modernize the air traffic control system.
By David Jones • April 14, 2025 -
Plankey nomination at CISA placed on hold after Wyden pushes for telecom report
The Oregon senator is demanding CISA release a report on security practices in the industry, citing concerns about the Salt Typhoon hacking campaign.
By David Jones • April 10, 2025 -
Trump administration under scrutiny as it puts major round of CISA cuts on the table
Congressional members plan to raise questions Tuesday as hundreds of critical jobs could be slashed in the coming weeks.
By David Jones • April 7, 2025 -
Head of NSA and US Cyber Command reportedly fired
Gen. Timothy D. Haugh served as the head of two government organizations that play integral roles for U.S. cybersecurity.
By Rob Wright • April 4, 2025 -
Retrieved from Jen Easterly/CISA.
CISA, FBI warn of fast flux technique used to hide malicious servers
Criminal and state-linked hackers use fast-changing DNS records to make it harder for defenders to detect or disrupt malicious activity.
By David Jones • April 4, 2025 -
House members press Commerce Secretary Lutnick on DOGE-related job cuts at NIST
The agency has already slashed dozens of probationary workers, and further cuts could have major consequences for cybersecurity standards and AI development.
By David Jones • April 3, 2025 -
SEC should avoid ‘overly prescriptive’ AI rules, acting chair says
The comments follow actions taken by President Trump that have effectively upended the U.S. approach to AI policy under Biden, according to analysts.
By Alexei Alexis • March 28, 2025 -
FCC investigating China-linked companies over evasion of US national security measures
The agency is cracking down on the use of prohibited technologies following a series of hacks into US telecommunications firms.
By David Jones • March 24, 2025 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA urges fired probationary workers to respond after federal judge grants order
The agency plans to keep workers on paid administrative leave despite ongoing concerns about its ability to address cyber threats.
By David Jones • March 18, 2025 -
FCC launches national security unit to counter state-linked threats to US telecoms
The new council is part of an effort to thwart Salt Typhoon and other cyber espionage groups.
By David Jones • March 13, 2025 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
Trump nominates Plankey to lead CISA
Sean Plankey previously held key roles at the Department of Energy and National Security Council during the first Trump administration.
By David Jones • March 11, 2025 -
Former NSA cyber director warns drastic job cuts threaten national security
Rob Joyce told lawmakers mass layoffs of federal workers will hurt the ability of the U.S. to combat malicious cyber activity from China and other adversaries.
By David Jones • March 10, 2025 -
Critical infrastructure at state, local levels at heightened risk of cyberattacks
State and local governments need additional resources, shared intelligence and coordination, an MS-ISAC report showed.
By David Jones • Feb. 28, 2025 -
CISA taps Karen Evans as executive assistant director for cybersecurity
The veteran official’s appointment could reassure the cyber community that a steady hand will help lead the agency.
By David Jones • Feb. 27, 2025 -
SEC revamps cyber and crypto enforcement unit under Trump administration
The reconfigured unit signals a more hands-off approach on digital currencies, but legal experts do not expect major changes in cyber risk disclosure.
By David Jones • Feb. 21, 2025 -
US authorities warn Ghost ransomware leverages older CVEs
The China-linked threat group has targeted critical infrastructure providers in more than 70 countries.
By David Jones • Feb. 20, 2025 -
DeepSeek surge hits companies, posing security risks
The Trump administration is scrutinizing the AI app, Italy and Taiwan have banned it, and companies have blocked it.
By Alexei Alexis • Feb. 5, 2025 -
Deloitte pays $5M in connection with breach of Rhode Island benefits site
The company agreed to cover expenses related to recovery from the December cyberattack.
By David Jones • Feb. 5, 2025