Strategy
-
US still prioritizing zero-trust migration to limit hacks’ damage
The zero-trust initiative, which gained steam during the Biden administration, is still underway.
By Eric Geller • Aug. 6, 2025 -
CISA’s relationship with industry needs work to reestablish trust, experts say
Critics say budget cuts, job losses have hurt the agency’s ability to coordinate with private industry.
By David Jones • Aug. 6, 2025 -
Explore the Trendline➔
.shock via Getty ImagesTrendlineRisk Management
An esclation of cyber risks facing businesses and government has made cyber resilience a major priority.
By Cybersecurity Dive staff -
Cybersecurity budgets tighten as economic anxiety rises
Uncertain tariff policies and fluctuating inflation and interest rates are leading to stagnant or reduced budgets, according to an IANS Research report.
By Alexei Alexis • Aug. 5, 2025 -
DOJ reaches $9.8 million settlement with Illumina over cyber whistleblower claims
The U.S. alleged the company knowingly sold genetic-sequencing systems with software vulnerabilities to federal agencies.
By David Jones • Updated Aug. 1, 2025 -
Palo Alto Networks to buy CyberArk for $25 billion
The agreement could completely reshape the market for identity security, according to analysts.
By David Jones • July 30, 2025 -
‘Shadow AI’ increases cost of data breaches, report finds
Companies are failing to protect their AI tools from compromise, often leading to more extensive data breaches, according to new data from IBM.
By Eric Geller • July 30, 2025 -
FBI, CISA warn about Scattered Spider’s evolving tactics
International authorities are pursuing the group following the arrests of four suspects in a series of attacks targeting British retailers.
By David Jones • July 29, 2025 -
Research shows LLMs can conduct sophisticated attacks without humans
The project, launched by Carnegie Mellon in collaboration with Anthropic, simulated the 2017 Equifax data breach.
By David Jones • July 28, 2025 -
Retrieved from Senate Homeland Security Committee.
Senators push CISA director nominee on election security, agency focus
Sean Plankey said he would double down on CISA’s core mission and “allow the operators to operate.”
By Eric Geller • July 24, 2025 -
Trump AI plan calls for cybersecurity assessments, threat info-sharing
It remains unclear how federal agencies depleted by layoffs will be able to implement the strategy’s ambitious vision, which includes an ISAC dedicated to AI.
By Eric Geller • July 23, 2025 -
Lapsed CISA contract impedes national lab’s threat-hunting operations
The CyberSentry program remains operational, according to CISA, with analysts outside the lab continuing to review sensor data.
By Eric Geller • July 23, 2025 -
Deep Dive
Dwindling federal cyber support for critical infrastructure raises alarms
A plan to transfer cybersecurity and resilience responsibilities to states could have major unintended consequences.
By Eric Geller • July 22, 2025 -
Pacheco, Isaac. Retrieved from U.S. Department of State / Flickr.
State Department cyber diplomacy firings and changes threaten US defenses
Departures and restructuring will make it harder for the agency to pursue global policies that strengthen U.S. critical infrastructure, experts said.
By Eric Geller • July 17, 2025 -
AI-powered attacks rise as CISOs prioritize AI security risks
Security executives are concerned about flaws in AI agents but also eager to see them replace humans in some roles, according to a new report.
By Eric Geller • July 17, 2025 -
Catastrophic cyber event could cause widespread disruptions to global infrastructure, study suggests
The study by Munich Re and CyberCube also warned that the internet of things and large language models present near-term risks.
By David Jones • July 15, 2025 -
Risk management, legacy tech pose major threats to healthcare firms, report finds
Companies have improved their recovery processes and user controls but still lag in risk preparedness, according to the report.
By Eric Geller • July 15, 2025 -
Scattered Spider poses serious risk to several hundred major companies
A new report shows that a select group of large companies uses technologies that the hacker group often targets.
By David Jones • July 8, 2025 -
Security coalition urges Congress to renew 2015 CISA law
A group of top cybersecurity and technology firms said the law provided critical protections for sharing essential vulnerability information.
By Eric Geller • July 8, 2025 -
FBI cyber guidance to lawmakers falls short, US senator says
Sen. Ron Wyden wants FBI briefings to cover four often-overlooked cybersecurity practices.
By Eric Geller • July 2, 2025 -
US authorities unmask North Korean IT worker schemes and their American accomplices
Federal officials said businesses should carefully verify the identities of remote employees to avoid falling prey to similar scams.
By Eric Geller • June 30, 2025 -
US government warns of new Iran-linked cyber threats on critical infrastructure
Companies should disconnect operational technology from the internet and enforce strong protections for user accounts, a joint alert from CISA, the FBI, NSA and DoD said.
By Eric Geller • June 30, 2025 -
Most building management systems exposed to cyber vulnerabilities, experts warn
A study of over 467,000 building management systems across 500 organizations found that 2% of all devices essential to business operations had the highest level of risk exposure.
By Joe Burns • June 27, 2025 -
Microsoft to make Windows more resilient following 2024 IT outage
The company has been working with security partners to make sure future software updates don’t lead to operational disruptions for customers.
By David Jones • Updated June 26, 2025 -
AI security issues dominate corporate worries, spending
Two reports illustrate how business leaders are thinking about and budgeting for generative AI.
By Eric Geller • June 26, 2025 -
Judge approves AT&T’s $177M data breach settlement
The settlement, which has received preliminary clearance, now awaits a December hearing for final approval.
By Alexei Alexis • June 25, 2025