SEC drops civil fraud case against SolarWinds

Cybersecurity and legal experts considered the case a potential precedent-setter for risk disclosure.

By David Jones • Nov. 20, 2025

FCC eliminates cybersecurity requirements for telecom companies

Commissioners sharply disagreed over whether the rules were appropriate and necessary.

By Eric Geller • Nov. 20, 2025

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

FCC plan to scrap telecom cyber rules draws congressional backlash

A prominent U.S. senator wants the commission to rethink its plans.

By Eric Geller • Nov. 19, 2025

US, allies sanction Russian bulletproof hosting firm

Authorities say the company helped ransomware gangs and supported DDoS attacks.

By Eric Geller • Nov. 19, 2025

Trump’s cyber strategy will emphasize adversary deterrence, industry partnerships

Cyberattacks on the U.S. are “becoming more aggressive every passing day,” the national cyber director says.

By Eric Geller • Nov. 18, 2025

US chips away at North Korean IT worker fraud

Authorities have described Pyongyang’s revenue-generating schemes as threats to U.S. national and economic security.

By Eric Geller • Nov. 17, 2025

Akira engaged in ransomware attacks against critical sectors

The group has stepped up threat activity by abusing edge devices and other tools, reaping hundreds of millions of dollars in illicit gains.

By David Jones • Updated Nov. 14, 2025

Government funding bill temporarily revives cybersecurity information-sharing law

The spending legislation passed by Congress will reauthorize the CISA 2015 program through the end of January.

By Eric Geller • Nov. 13, 2025

Nevada ransomware attack traced back to malware download by employee

The state refused to pay a ransom and recovered 90% of the impacted data.

By David Jones • Nov. 7, 2025

CISA, NSA unveil best-practices guide to address ongoing Exchange Server risks

The guide follows CISA’s warnings in August about a high-severity vulnerability in Microsoft Exchange.

By David Jones • Oct. 30, 2025

FCC will vote to scrap telecom cybersecurity requirements

The commission’s Republican chair, who voted against the rules in January, calls them ineffective and illegal.

By Eric Geller • Updated Oct. 31, 2025

Canadian authorities warn of hacktivists targeting exposed ICS devices

Hackers have manipulated critical components at water utilities, oil and gas facilities, and agricultural sites in recent weeks.

By David Jones • Updated Oct. 31, 2025

Conduent says data breach originally began with 2024 intrusion

The cyberattack, which affected several state agencies, has also impacted multiple insurance providers.

By David Jones • Oct. 27, 2025

UN member states sign cybercrime agreement despite industry, activist opposition

Critics say the new convention is ripe for abuse by authoritarian countries.

By Eric Geller • Oct. 27, 2025

CISA’s international, industry and academic partnerships slashed

The latest round of sweeping layoffs could hamper the business community’s collaboration with the beleaguered cyber agency.

By Eric Geller • Oct. 22, 2025

Auto sector faces historic cyber threats to business continuity

A catastrophic cyberattack at Jaguar Land Rover is forcing governments and industrial leaders to address urgent demands for business resilience and accountability.

By David Jones • Oct. 16, 2025

CISA’s latest cuts reignite concerns among Democratic lawmakers

A congressman on a key subcommittee suggests that shrinking CISA leaves Americans exposed to mounting cyber threats.

By Eric Geller • Oct. 15, 2025

Public disclosures of AI risk surge among S&P 500 companies

A report by The Conference Board shows companies are flagging concerns about cyber and reputational risk as they increase deployment.

By David Jones • Oct. 7, 2025

Federal cuts force many state and local governments out of cyber collaboration group

The Multi-State Information Sharing and Analysis Center lost U.S. government funding at midnight, jeopardizing the cybersecurity of thousands of cash-strapped counties, cities and towns.

By Eric Geller • Oct. 1, 2025

Landmark US cyber-information-sharing program expires, bringing uncertainty

Without legal protections, companies might stop reporting information about cybersecurity threats.

By Eric Geller • Oct. 1, 2025

CMMC is coming, but most contractors still have a long road to full compliance

A new survey illustrates the defense industrial base’s fragmented security posture.

By Eric Geller • Oct. 1, 2025

Cyber insurance could greatly reduce losses from diversification, mitigation measures

A report by CyberCube shows the global market is heavily concentrated in the U.S. and would benefit from expanding into new segments and improving cyber hygiene.

By David Jones • Sept. 25, 2025

CISA urges dependency checks following Shai-Hulud compromise

Security teams are urged to review their software environments after a major supply chain attack on the NPM ecosystem.

By David Jones • Sept. 24, 2025

How to build a trustworthy AI governance roadmap aligned with ISO 42001

Future-proof AI with a governance roadmap aligned to ISO 42001.

Sept. 22, 2025

NIST explains how post-quantum cryptography push overlaps with existing security guidance

The agency published a document linking its recommendations for PQC migration to the advice in its landmark security publications.

By Eric Geller • Sept. 19, 2025