CISA audit sparks debate about cybersecurity pay incentives

Some Cybersecurity and Infrastructure Security Agency employees believe a recent inspector general’s report partially missed the mark.

By Eric Geller • Sept. 15, 2025

UK cyber leader calls for shift in focus toward continuity of critical services

Richard Horne, CEO of the National Cyber Security Centre, said the U.S. remains a key ally in the global fight against sophisticated adversaries.

By David Jones • Sept. 11, 2025

Explore the Trendline➔

CISO Strategy

Corporate stakeholders want to better understand the risk calculus of their technology stacks, answering the lingering question: Are we a target? 

By Cybersecurity Dive staff

How the retail sector teams up to defend against cybercrime

The cyberthreat intel-sharing and collaboration group RH-ISAC is helping companies confront cyberattacks. But the challenge is delivering timely intelligence in a dynamic threat environment.

By Eric Geller • Sept. 11, 2025

Mitsubishi Electric agrees to buy Nozomi Networks in deal valued at about $1B

The agreement is part of a larger strategy for Mitsubishi to develop one-stop security capabilities in the OT space.

By David Jones • Sept. 9, 2025

How AI and politics hampered the secure open-source software movement

Tech giants pledged millions to secure open-source code. Then AI came along.

By Eric Geller • Sept. 9, 2025

Swiss Re warns of rate deterioration in cyber insurance

Competition among insurers has forced them to offer concessions on premiums, limits and controls.

By David Jones • Sept. 5, 2025

How the newest ISAC aims to help food and agriculture firms thwart cyberattacks

Food industry executives used to shrug off ransomware and cyber-espionage risks. A threat intel group is helping to change that, but its reach remains unclear.

By Eric Geller • Sept. 4, 2025

How Tampa General Hospital worked to quantify cyber risk

The medical center’s CIO and CISO teamed up to translate security decisions into dollars and cents.

By Matt Ashare • Sept. 3, 2025

FCC investigation could derail its own IoT security certification program

Internet of Things device makers are eager to participate, but the commission’s concerns about its lead administrator have halted progress of the U.S. Cyber Trust Mark program.

By Eric Geller • Sept. 2, 2025

Federal, state officials investigating ransomware attack targeting Nevada

The Sunday attack disrupted key services across the state and led to the theft of some data.

By David Jones • Updated Aug. 29, 2025

Safety-critical industries wary about using AI for cybersecurity

Finance, tech and professional services are among the sectors with the widest adoption of AI-based security tools, according to a new report.

By Eric Geller • Aug. 27, 2025

CISOs grow more concerned about risk of material cyberattack

A report by Proofpoint shows growing anxiety among security leaders about their companies’ cyber readiness.

By David Jones • Aug. 26, 2025

Execs worry about unknown identity-security weaknesses

Credential theft attacks prove that companies need to do better, but business leaders cited many reasons for slow progress.

By Eric Geller • Aug. 26, 2025

IT, business leaders clash over cloud, data security

Executives plan to increase IT spend despite disappointing returns on tech investments, according to Unisys.

By Matt Ashare • Aug. 25, 2025

Cyber, AI drive software spending to double-digit growth through 2029

Cloud security and identity and access management tool purchases insulated the market from tariff-induced economic shocks, according to Forrester.

By Matt Ashare • Aug. 21, 2025

Palo Alto Networks shares surge after company releases strong annual forecast

The cybersecurity firm said its “platformization” strategy is beginning to pay dividends as more large customers consolidate their spending on its offerings.

By David Jones • Aug. 19, 2025

Execs use responsible AI to drive growth, prevent risks

Business leaders want to prevent further fallout as nearly all have experienced at least one problematic incident tied to AI, according to an Infosys survey.

By Lindsey Wilkinson • Aug. 19, 2025

Businesses focus on AI, cloud, despite cyber defense oversights

Recent surveys found enterprises are enthusiastically adopting AI, even as they neglect basic cybersecurity measures.

By Eric Geller • Aug. 19, 2025

Developers knowingly push vulnerable code, despite growing breach risk

Only three in 10 respondents said their application security programs were highly mature.

By Eric Geller • Aug. 15, 2025

Water sector expands partnership with volunteer hackers

As threats to critical infrastructure grow and government funding stagnates, operators are turning to civic-minded volunteers from the cybersecurity industry.

By Eric Geller • Aug. 14, 2025

White House urged to revamp cyber regulations

A leading trade group said the Trump administration should rein in a major pending cybersecurity rule as well as embrace AI-based cyber defenses.

By Eric Geller • Aug. 14, 2025

US agencies, international allies issue guidance on OT asset inventorying

The guidance includes specific examples for three critical infrastructure sectors that held workshops with CISA.

By Eric Geller • Aug. 13, 2025

Financial impact from severe OT events could top $300B

A report from industrial cybersecurity firm Dragos highlights growing risks of business interruption and supply-chain disruptions.

By David Jones • Aug. 12, 2025

Cyber experts ponder a non-government future for the CVE program

Organizations supporting the security vulnerability program said it needed changes to improve stability and rebuild trust.

By Eric Geller • Aug. 11, 2025

CISA officials say agency is moving ahead despite workforce purge

Two senior officials defended the agency’s progress amid concerns about the effects of mass layoffs and budget cuts.

By Eric Geller • Aug. 8, 2025