FCC will vote to scrap telecom cybersecurity requirements

The commission’s Republican chair, who voted against the rules in January, calls them ineffective and illegal.

By Eric Geller • Oct. 30, 2025

Canadian authorities warn of hacktivists targeting exposed ICS devices

Hackers have manipulated critical components at water utilities and oil and gas and agricultural sites in recent weeks.

By David Jones • Oct. 30, 2025

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Conduent says data breach originally began with 2024 intrusion

The cyberattack, which affected several state agencies, has also impacted multiple insurance providers.

By David Jones • Oct. 27, 2025

UN member states sign cybercrime agreement despite industry, activist opposition

Critics say the new convention is ripe for abuse by authoritarian countries.

By Eric Geller • Oct. 27, 2025

CISA’s international, industry and academic partnerships slashed

The latest round of sweeping layoffs could hamper the business community’s collaboration with the beleaguered cyber agency.

By Eric Geller • Oct. 22, 2025

Auto sector faces historic cyber threats to business continuity

A catastrophic cyberattack at Jaguar Land Rover is forcing governments and industrial leaders to address urgent demands for business resilience and accountability.

By David Jones • Oct. 16, 2025

CISA’s latest cuts reignite concerns among Democratic lawmakers

A congressman on a key subcommittee suggests that shrinking CISA leaves Americans exposed to mounting cyber threats.

By Eric Geller • Oct. 15, 2025

Public disclosures of AI risk surge among S&P 500 companies

A report by The Conference Board shows companies are flagging concerns about cyber and reputational risk as they increase deployment.

By David Jones • Oct. 7, 2025

Landmark US cyber-information-sharing program expires, bringing uncertainty

Without legal protections, companies might stop reporting information about cybersecurity threats.

By Eric Geller • Oct. 1, 2025

Federal cuts force many state and local governments out of cyber collaboration group

The Multi-State Information Sharing and Analysis Center lost U.S. government funding at midnight, jeopardizing the cybersecurity of thousands of cash-strapped counties, cities and towns.

By Eric Geller • Oct. 1, 2025

CMMC is coming, but most contractors still have a long road to full compliance

A new survey illustrates the defense industrial base’s fragmented security posture.

By Eric Geller • Oct. 1, 2025

Cyber insurance could greatly reduce losses from diversification, mitigation measures

A report by CyberCube shows the global market is heavily concentrated in the U.S. and would benefit from expanding into new segments and improving cyber hygiene.

By David Jones • Sept. 25, 2025

CISA urges dependency checks following Shai-Hulud compromise

Security teams are urged to review their software environments after a major supply chain attack on the NPM ecosystem.

By David Jones • Sept. 24, 2025

How to build a trustworthy AI governance roadmap aligned with ISO 42001

Future-proof AI with a governance roadmap aligned to ISO 42001.

Sept. 22, 2025

NIST explains how post-quantum cryptography push overlaps with existing security guidance

The agency published a document linking its recommendations for PQC migration to the advice in its landmark security publications.

By Eric Geller • Sept. 19, 2025

Microsoft disrupts global phishing campaign that led to widespread credential theft

Officials say the operation led to ransomware and BEC attacks on U.S. hospitals and healthcare organizations.

By David Jones • Sept. 17, 2025

House spending bill would reauthorize key cybersecurity programs

The two programs, which encourage information sharing and fund local improvements, are seen as critical for national cyber resilience.

By Eric Geller • Sept. 17, 2025

FBI warns about 2 campaigns targeting Salesforce instances

The threat groups, identified as UNC6040 and UNC6395, have used different tactics to gain access to data.

By David Jones • Sept. 15, 2025

CISA pledges robust support for funding, further development of CVE program

A key official from the agency said the vulnerability management program will continue with additional participation and enhancements.

By David Jones • Sept. 12, 2025

National cyber director says US must shift risk burden toward adversaries

In his first major address after confirmation, Sean Cairncross said the U.S. needs to take bold, coordinated steps to counter authoritarian rivals.

By David Jones • Sept. 10, 2025

How AI and politics hampered the secure open-source software movement

Tech giants pledged millions to secure open-source code. Then AI came along.

By Eric Geller • Sept. 9, 2025

FCC investigation could derail its own IoT security certification program

Internet of Things device makers are eager to participate, but the commission’s concerns about its lead administrator have halted progress of the U.S. Cyber Trust Mark program.

By Eric Geller • Sept. 2, 2025

Federal, state officials investigating ransomware attack targeting Nevada

The Sunday attack disrupted key services across the state and led to the theft of some data.

By David Jones • Updated Aug. 29, 2025

US charges Oregon man in vast botnet-for-hire operation

Federal prosecutors called Rapper Bot one of the most powerful DDoS botnets in history.

By David Jones • Aug. 21, 2025

NIST seeks input on control overlays for securing AI systems

The federal agency plans to develop guidance to organizations about various AI use cases.

By David Jones • Aug. 18, 2025