Policy & Regulation

  • Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, testifies on Capitol Hill, October 19, 2017 in Washington, DC.
    Image attribution tooltip
    Drew Angerer/Getty Images via Getty Images

    Don’t count on government, tech vendors to fix security woes, former CISA chief Krebs says

    The state of cybersecurity is bad and it’s going to get worse, Chris Krebs, former CISA director, said at Black Hat. But somehow things might eventually get better.

    By Aug. 10, 2022
  • Cryptocurrency
    Image attribution tooltip
    da-kuk via Getty Images

    Blockchain, privacy advocates push back on Tornado Cash sanctions

    Groups are decrying the Treasury Department's virtual currency mixer sanctions, saying they harm the ability of crypto users to conduct secure and private transactions. 

    By Aug. 10, 2022
  • The White House exterior in the morning light with an American flag flying.
    Image attribution tooltip
    Chip Somodevilla / Staff via Getty Images

    White House to incorporate performance metrics into national cybersecurity strategy

    The Office of the National Cyber Director is working across multiple federal agencies and private sector partners to set priorities and assess effectiveness.

    By Aug. 5, 2022
  • Image attribution tooltip
    Stefan Zaklin via Getty Images

    US must take a lead role in cyber diplomacy, State Dept. nominee says

    Nathaniel Fick told lawmakers the U.S. should promote international cyber norms to protect national security from authoritarian threats. 

    By Aug. 4, 2022
  • A man and a woman shake hands in front of a desk that has flags from the U.S. and Ukraine. The people are in front of a blue background with CISA logos.
    Image attribution tooltip
    Retrieved from Jen Easterly/CISA.

    CISA expands cyber relationship with Ukraine authorities

    The agreement formalizes closer ties between Ukraine and the key U.S. cybersecurity agency after the war with Russia led to increased threat activity. 

    By July 28, 2022
  • A closeup up a car dashboard with a a driver's hand. A phone is on a mount to the right of the steering wheel.
    Image attribution tooltip
    Drew Angerer via Getty Images

    Uber reaches non-prosecution deal with feds after concealing data breach

    The ride-sharing firm had been under investigation by the Federal Trade Commission, when the 2016 data breach occurred, an event undisclosed until new management entered the picture. 

    By July 26, 2022
  • Coins falling into a piggybank.
    Image attribution tooltip
    marchmeena29 via Getty Images

    Breach rule would give credit unions longer reporting window than banks

    The 72-hour timeframe falls in line with the Critical Infrastructure Act that President Joe Biden signed in March, but is twice as long as the reporting window banks have had to comply with since May.

    By Anna Hrushka • July 26, 2022
  • The T-Mobile logo is displayed outside of a T-Mobile store on April 24, 2017 in San Francisco.
    Image attribution tooltip
    Justin Sullivan/Getty Images via Getty Images

    T-Mobile agrees to $500M settlement for 2021 cyberattack

    The wireless carrier suffered a massive data breach in the summer of 2021, the fifth publicly acknowledged incident of its type in three years.

    By July 25, 2022
  • Image attribution tooltip
    Courtesy of Colonial Pipeline Company

    TSA revises cybersecurity requirements for oil and gas pipelines

    The agency released performance-based requirements after extensive industry debate following the May 2021 Colonial Pipeline ransomware attack.

    By July 22, 2022
  • The California state flag waves in the wind.
    Image attribution tooltip
    Stock Photo via Getty Images

    California privacy rules target dark patterns through technology design

    California Privacy Rights Act provisions that will go into effect in January will provide more control to consumers over how companies use their data. 

    By Robert Freedman • July 21, 2022
  • A person standing at a podium speaking before a group of people in a room with an ornate floor.
    Image attribution tooltip
    Retrieved from Jen Easterly/CISA.

    White House takes on cyber workforce gap through 120-day apprenticeship sprint

    A cyber workforce and education summit at the White House Tuesday was designed to address the long-standing shortage of qualified and diverse candidates for security operations teams. 

    By July 20, 2022
  • Image attribution tooltip
    Drew Angerer via Getty Images

    Google deal to buy Mandiant clears key antitrust hurdle

    The Department of Justice cleared the deal last week, but the $5.4 billion agreement remains subject to approval by foreign regulators.

    By July 19, 2022
  • Huawei logo depicted on side of building at company's campus in Dongguan, China.
    Image attribution tooltip
    Kevin Frayer via Getty Images

    US effort to rip and replace hardware made in China is ballooning in cost

    A yearslong push to remove telecom equipment deemed a national security threat continues to vex regulators.

    By July 18, 2022
  • CISA, cybersecurity, agency
    Image attribution tooltip
    Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images

    CISA eyes cross-pond cyber cooperation with London office

    Federal agencies have worked closely with allies to combat malicious cyber activity and illicit use of cryptocurrency.

    By July 18, 2022
  • Secretary of State Antony Blinken speaks alongside President Joe Biden.
    Image attribution tooltip
    Mark Makela/Getty Images via Getty Images

    The US is losing the cyberspace race

    Decades-old policies have failed to stem a growing threat, the Council of Foreign Relations said. What if the U.S. embraced a more limited and realistic strategy?

    By July 15, 2022
  • The U.S. Capitol Building at night with lightning in the background.
    Image attribution tooltip
    Naomi Eide/Cybersecurity Dive

    Log4j is far from over, cyber review board says

    Exploitation of Log4j occurred at lower levels than experts predicted, yet it remains an "endemic vulnerability," the Cyber Safety Review Board said.

    By July 14, 2022
  • A person works next to a 5G logo.
    Image attribution tooltip
    David Ramos/Getty Images via Getty Images

    What to watch with 5G network security

    For wireless network carriers, 5G is a model of what’s next. But it also introduces features and services that dramatically expand the threat surface.

    By July 8, 2022
  • Federal Trade Commission
    Image attribution tooltip
    Carol Highsmith. (2005). "The Apex Building" [Photo]. Retrieved from Wikimedia Commons.

    Lawmakers amplify calls for federal agencies to increase data privacy after Dobbs decision

    Seventy-two Democratic members of Congress want the FTC to use its full power to guard patients from data brokers collecting and selling data that could be used to prosecute pregnancy-related crimes.

    By Rebecca Pifer • July 7, 2022
  • None
    Image attribution tooltip
    Chip Somodevilla via Getty Images

    Cash-strapped Main Street organizations face global cyberthreats

    A House subcommittee hearing in Michigan helped show the persistent risks faced by local schools, government agencies and Main Street businesses.

    By June 29, 2022
  • Carnival, Cruise, Privacy, violatons
    Image attribution tooltip
    Courtesy of Carnival Corp.

    Carnival to pay $5M for cyber violations to NY financial regulator

    The cruise line failed to implement multifactor authentication and took 10 months to report the first of four data incidents.

    By June 27, 2022
  • High voltage towers in the dusk of the evening
    Image attribution tooltip
    yangphoto via Getty Images

    Department of Energy rethinks cyber resilience in strategy to secure the grid

    The agency wants to help the energy sector incorporate more cybersecurity safeguards during the design phase and better withstand attacks. 

    By June 23, 2022
  • An aerial view on a sunny morning of several of San Francisco's most well known architectural landmarks. A backdrop of the skyscrapers and Bay Bridge behind them.
    Image attribution tooltip
    DianeBentleyRaymond via Getty Images

    5 takeaways from the RSA Conference

    The event tried to pick up where it left off 28 months ago. Can defenders keep up with the accelerated pace and scale of the cyber threat?

    By June 13, 2022
  • CISA Director Jen Easterly, RSA Conference 2022
    Image attribution tooltip
    Matt Kapko/Cybersecurity Dive

    America's cyber chiefs have a long to-do list

    The federal government wants to lead by example and communicate the urgency of the moment. First, it needs to get its security affairs in order. 

    By June 9, 2022
  • FBI Director Christopher Ray speaking at the annual Boston Conference on Cyber Security
    Image attribution tooltip

    Lee Pellegrini, Boston College

    Russia, backed by ransomware gangs, actively targeting US, FBI director says

    The FBI is laser focused on preventing a destructive attack, FBI Director Christopher Wray said. The agency previously, helped to disrupt a 2021 Iran-backed attack on Boston Children’s Hospital. 

    By June 2, 2022
  • Image attribution tooltip
    Kevin Dietsch via Getty Images

    Feds remain in the dark as ransomware disclosure lags

    The government's lack of ransomware data makes it more difficult to prevent, mitigate and recover from attacks, said Sen. Gary Peters, D-MI.

    By May 25, 2022