Policy & Regulation
-
Head of NSA and US Cyber Command reportedly fired
Gen. Timothy D. Haugh served as the head of two government organizations that play integral roles for U.S. cybersecurity.
By Rob Wright • April 4, 2025 -
Retrieved from Jen Easterly/CISA.
CISA, FBI warn of fast flux technique used to hide malicious servers
Criminal and state-linked hackers use fast-changing DNS records to make it harder for defenders to detect or disrupt malicious activity.
By David Jones • April 4, 2025 -
House members press Commerce Secretary Lutnick on DOGE-related job cuts at NIST
The agency has already slashed dozens of probationary workers, and further cuts could have major consequences for cybersecurity standards and AI development.
By David Jones • April 3, 2025 -
SEC should avoid ‘overly prescriptive’ AI rules, acting chair says
The comments follow actions taken by President Trump that have effectively upended the U.S. approach to AI policy under Biden, according to analysts.
By Alexei Alexis • March 28, 2025 -
FCC investigating China-linked companies over evasion of US national security measures
The agency is cracking down on the use of prohibited technologies following a series of hacks into US telecommunications firms.
By David Jones • March 24, 2025 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA urges fired probationary workers to respond after federal judge grants order
The agency plans to keep workers on paid administrative leave despite ongoing concerns about its ability to address cyber threats.
By David Jones • March 18, 2025 -
FCC launches national security unit to counter state-linked threats to US telecoms
The new council is part of an effort to thwart Salt Typhoon and other cyber espionage groups.
By David Jones • March 13, 2025 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
Trump nominates Plankey to lead CISA
Sean Plankey previously held key roles at the Department of Energy and National Security Council during the first Trump administration.
By David Jones • March 11, 2025 -
Former NSA cyber director warns drastic job cuts threaten national security
Rob Joyce told lawmakers mass layoffs of federal workers will hurt the ability of the U.S. to combat malicious cyber activity from China and other adversaries.
By David Jones • March 10, 2025 -
Critical infrastructure at state, local levels at heightened risk of cyberattacks
State and local governments need additional resources, shared intelligence and coordination, an MS-ISAC report showed.
By David Jones • Feb. 28, 2025 -
CISA taps Karen Evans as executive assistant director for cybersecurity
The veteran official’s appointment could reassure the cyber community that a steady hand will help lead the agency.
By David Jones • Feb. 27, 2025 -
SEC revamps cyber and crypto enforcement unit under Trump administration
The reconfigured unit signals a more hands-off approach on digital currencies, but legal experts do not expect major changes in cyber risk disclosure.
By David Jones • Feb. 21, 2025 -
US authorities warn Ghost ransomware leverages older CVEs
The China-linked threat group has targeted critical infrastructure providers in more than 70 countries.
By David Jones • Feb. 20, 2025 -
DeepSeek surge hits companies, posing security risks
The Trump administration is scrutinizing the AI app, Italy and Taiwan have banned it, and companies have blocked it.
By Alexei Alexis • Feb. 5, 2025 -
Deloitte pays $5M in connection with breach of Rhode Island benefits site
The company agreed to cover expenses related to recovery from the December cyberattack.
By David Jones • Feb. 5, 2025 -
The cybersecurity outlook for 2025
Threat actors are exploiting known weak points and enterprises’ dependency across the tech stack. It’s making cybersecurity professionals’ jobs harder than ever before.
By Cybersecurity Dive Staff • Feb. 3, 2025 -
BeyondTrust says 17 customers impacted by December cyberattack spree
State-linked hackers were linked to a series of attacks that led to the theft of unclassified data from the Treasury Department.
By David Jones • Jan. 24, 2025 -
Trump rescinds Biden executive order in AI regulatory overhaul
The directive, issued in October 2023, added guardrails for AI developers and bolstered guidance for businesses looking to adopt the technology.
By Lindsey Wilkinson • Jan. 23, 2025 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by spainter_vfx via Getty Images
DHS disbands existing advisory board memberships, raising questions about CSRB
The Cyber Safety Review Board was investigating the hacks of U.S. telecom firms attributed to the Salt Typhoon threat group.
By David Jones • Jan. 22, 2025 -
FCC enacts rule requiring telecom operators to secure networks
The agency’s declaratory ruling took effect Thursday, but the future outlook of that effort and a separate proposed rule remain uncertain under the incoming administration.
By Matt Kapko • Jan. 17, 2025 -
CISA clocked Salt Typhoon in federal networks before telecom intrusions
Outgoing CISA Director Jen Easterly didn’t say what agencies were impacted by Salt Typhoon or when, but noted it provided greater visibility into the active campaign.
By Matt Kapko • Jan. 16, 2025 -
Biden administration rolls out wide-reaching cybersecurity executive order
Released in the administration's final days, the highly-anticipated order follows a series of sophisticated attacks against federal agencies and critical infrastructure providers.
By David Jones • Jan. 16, 2025 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA pins modest security gains to performance goals program
The federal agency said the number of critical infrastructure organizations enrolled in its vulnerability scanning program nearly doubled since 2022.
By Matt Kapko • Jan. 14, 2025 -
CISA director reiterates prior calls for C-suites, boards to take cyber risk ownership
Jen Easterly said companies need to consider cybersecurity threats as core risks that need to be fully incorporated into corporate business strategy.
By David Jones • Jan. 10, 2025 -
4 cybersecurity trends to watch in 2025
Critical industries are up against never before seen challenges to remain secure and operational, while regulatory pressures have completely upended the role of the CISO in corporate America.
By David Jones , Matt Kapko • Jan. 9, 2025