Strategy


  • A large sign reading "Black Hat" sits in the carpeted foyer of a convention center
    Image attribution tooltip
    Eric Geller/Cybersecurity Dive
    Image attribution tooltip

    US still prioritizing zero-trust migration to limit hacks’ damage

    The zero-trust initiative, which gained steam during the Biden administration, is still underway.

    By Aug. 6, 2025
  • Bob Ackerman, founder and managing director of AllegisCyber and DataTribe moderates a Black Hat panel Aug. 5, 2025. Marci McCarthy, director of public affairs at CISA; Rob Joyce, Data Tribe venture partner and former cybersecurity director at the NSA and Patrick Opet, CISO at JPMorgan Chase.
    Image attribution tooltip
    Permission granted by Kesserling Communications
    Image attribution tooltip

    CISA’s relationship with industry needs work to reestablish trust, experts say

    Critics say budget cuts, job losses have hurt the agency’s ability to coordinate with private industry.

    By Aug. 6, 2025
  • Empty interior of modern security system control room with workstations with multiple displays and big screens mounted on the wall. Explore the Trendline
    Image attribution tooltip
    .shock via Getty Images
    Image attribution tooltip
    Trendline

    Risk Management

    An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

    By Cybersecurity Dive staff
  • Businessman holds electronic tablet showing profit data, while businesswoman holds hard-copy report.
    Image attribution tooltip
    Chainarong Prasertthai via Getty Images
    Image attribution tooltip

    Cybersecurity budgets tighten as economic anxiety rises

    Uncertain tariff policies and fluctuating inflation and interest rates are leading to stagnant or reduced budgets, according to an IANS Research report.

    By Alexei Alexis • Aug. 5, 2025
  • A sign that says Illumina is on a curb in front of red brick buildings.
    Image attribution tooltip
    Courtesy of Illumina
    Image attribution tooltip

    DOJ reaches $9.8 million settlement with Illumina over cyber whistleblower claims

    The U.S. alleged the company knowingly sold genetic-sequencing systems with software vulnerabilities to federal agencies.

    By Updated Aug. 1, 2025
  • Palo Alto Networks
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive
    Image attribution tooltip

    Palo Alto Networks to buy CyberArk for $25 billion

    The agreement could completely reshape the market for identity security, according to analysts.

    By July 30, 2025
  • An artist's rendering of 3D shapes with AI, signifying a creative display of technology.
    Image attribution tooltip
    BlackJack3D via Getty Images
    Image attribution tooltip

    ‘Shadow AI’ increases cost of data breaches, report finds

    Companies are failing to protect their AI tools from compromise, often leading to more extensive data breaches, according to new data from IBM.

    By July 30, 2025
  • Harrods is one of three UK-based retail companies responding to a spree of attacks beginning in April 2025.
    Image attribution tooltip
    Hollie Adams via Getty Images
    Image attribution tooltip

    FBI, CISA warn about Scattered Spider’s evolving tactics

    International authorities are pursuing the group following the arrests of four suspects in a series of attacks targeting British retailers.

    By July 29, 2025
  • A businessperson with a generative AI brain concept above his hand
    Image attribution tooltip
    chombosan via Getty Images
    Image attribution tooltip

    Research shows LLMs can conduct sophisticated attacks without humans

    The project, launched by Carnegie Mellon in collaboration with Anthropic, simulated the 2017 Equifax data breach.

    By July 28, 2025
  • Senators push CISA director nominee on election security, agency focus

    Sean Plankey said he would double down on CISA’s core mission and “allow the operators to operate.”

    By July 24, 2025
  • The White House in Washington, D.C.
    Image attribution tooltip
    Alex Wong via Getty Images
    Image attribution tooltip

    Trump AI plan calls for cybersecurity assessments, threat info-sharing

    It remains unclear how federal agencies depleted by layoffs will be able to implement the strategy’s ambitious vision, which includes an ISAC dedicated to AI.

    By July 23, 2025
  • A security scanner extracts the code of a computer virus from a string of binary code (1s and 0s).
    Image attribution tooltip
    Hailshadow via Getty Images
    Image attribution tooltip

    Lapsed CISA contract impedes national lab’s threat-hunting operations

    The CyberSentry program remains operational, according to CISA, with analysts outside the lab continuing to review sensor data.

    By July 23, 2025
  • Aerial view of the Jack H. Wilson Water Treatment Plant in Little Rock, Arkansas.
    Image attribution tooltip
    Permission granted by Central Arkansas Water
    Image attribution tooltip
    Deep Dive

    Dwindling federal cyber support for critical infrastructure raises alarms

    A plan to transfer cybersecurity and resilience responsibilities to states could have major unintended consequences.

    By July 22, 2025
  • A sign reading "Department of State" sits outside the U.S. State Department headquarters in Washington, D.C.
    Image attribution tooltip
    Pacheco, Isaac. Retrieved from U.S. Department of State / Flickr.
    Image attribution tooltip

    State Department cyber diplomacy firings and changes threaten US defenses

    Departures and restructuring will make it harder for the agency to pursue global policies that strengthen U.S. critical infrastructure, experts said.

    By July 17, 2025
  • AI Artificial Intelligence technology for data analysis
    Image attribution tooltip
    Khanchit Khirisutchalual via Getty Images
    Image attribution tooltip

    AI-powered attacks rise as CISOs prioritize AI security risks

    Security executives are concerned about flaws in AI agents but also eager to see them replace humans in some roles, according to a new report.

    By July 17, 2025
  • Rendered image depicting global networks.
    Image attribution tooltip
    DKosig via Getty Images
    Image attribution tooltip

    Catastrophic cyber event could cause widespread disruptions to global infrastructure, study suggests

    The study by Munich Re and CyberCube also warned that the internet of things and large language models present near-term risks.  

    By July 15, 2025
  • A medical team takes a patient into the isolation ward in the emergency department of a full-service acute hospital facility.
    Image attribution tooltip
    Lisa Maree Williams via Getty Images
    Image attribution tooltip

    Risk management, legacy tech pose major threats to healthcare firms, report finds

    Companies have improved their recovery processes and user controls but still lag in risk preparedness, according to the report.

    By July 15, 2025
  • A general view of the exterior of the branch of retailer Marks and Spencer at Westfield White City on October 20, 2020 in London, England. Marks & Spencer said customer data was accessed in an April 2025 cyberattack.
    Image attribution tooltip
    Leon Neal via Getty Images
    Image attribution tooltip

    Scattered Spider poses serious risk to several hundred major companies

    A new report shows that a select group of large companies uses technologies that the hacker group often targets.

    By July 8, 2025
  • Longworth Congressional Building
    Image attribution tooltip
    Win McNamee via Getty Images
    Image attribution tooltip

    Security coalition urges Congress to renew 2015 CISA law

    A group of top cybersecurity and technology firms said the law provided critical protections for sharing essential vulnerability information.

    By July 8, 2025
  • Sen Ron Wyden sits behind a wooden podium with a microphone.
    Image attribution tooltip
    Sarah Silbiger / Stringer via Getty Images
    Image attribution tooltip

    FBI cyber guidance to lawmakers falls short, US senator says

    Sen. Ron Wyden wants FBI briefings to cover four often-overlooked cybersecurity practices.

    By July 2, 2025
  • The flag of North Korea flies from a propaganda tower near the Demilitarized Zone with South Korea
    Image attribution tooltip
    Carl Court via Getty Images
    Image attribution tooltip

    US authorities unmask North Korean IT worker schemes and their American accomplices

    Federal officials said businesses should carefully verify the identities of remote employees to avoid falling prey to similar scams.

    By June 30, 2025
  • A man holds an upside-down American flag and an Iranian flag as he marches down a street. Behind him, other people hold signs, one of which says, "No War On Iran."
    Image attribution tooltip
    Apu Gomes via Getty Images
    Image attribution tooltip

    US government warns of new Iran-linked cyber threats on critical infrastructure

    Companies should disconnect operational technology from the internet and enforce strong protections for user accounts, a joint alert from CISA, the FBI, NSA and DoD said.

    By June 30, 2025
  • A technician programs an automation system
    Image attribution tooltip
    RainStar via Getty Images
    Image attribution tooltip

    Most building management systems exposed to cyber vulnerabilities, experts warn

    A study of over 467,000 building management systems across 500 organizations found that 2% of all devices essential to business operations had the highest level of risk exposure. 

    By Joe Burns • June 27, 2025
  • A screen showing a technical error message in an airport hallway
    Image attribution tooltip
    Jack Taylor via Getty Images
    Image attribution tooltip

    Microsoft to make Windows more resilient following 2024 IT outage

    The company has been working with security partners to make sure future software updates don’t lead to operational disruptions for customers.

    By Updated June 26, 2025
  • Brain Artificial Intelligence Chip
    Image attribution tooltip
    BlackJack3D via Getty Images
    Image attribution tooltip

    AI security issues dominate corporate worries, spending

    Two reports illustrate how business leaders are thinking about and budgeting for generative AI.

    By June 26, 2025
  • A pedestrian walks by a sign posted in front of an AT&T store.
    Image attribution tooltip
    Justin Sullivan via Getty Images
    Image attribution tooltip

    Judge approves AT&T’s $177M data breach settlement

    The settlement, which has received preliminary clearance, now awaits a December hearing for final approval.

    By Alexei Alexis • June 25, 2025