In financial sector, vendors lag behind customers on cybersecurity

Financial firms should be performing regular oversight of their vendors to avoid supply chain compromises, according to a new report.

By Eric Geller • Nov. 6, 2025

SonicWall says state-linked actor behind attacks against cloud backup service

CEO announces security and governance reforms inside the company, including the adoption of secure-by-design practices.

By David Jones • Nov. 6, 2025

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Identity-based attacks need more attention in cloud security strategies

Companies should lock down user accounts and scan for compromised credentials, according to a new report.

By Eric Geller • Nov. 4, 2025

Security leaders say AI can help with governance, threat detection, SOC automation

Executives and technical leaders differ on AI priorities, according to a report from Amazon.

By Eric Geller • Nov. 3, 2025

CISA, NSA unveil best-practices guide to address ongoing Exchange Server risks

The guide follows CISA’s warnings in August about a high-severity vulnerability in Microsoft Exchange.

By David Jones • Oct. 30, 2025

FCC will vote to scrap telecom cybersecurity requirements

The commission’s Republican chair, who voted against the rules in January, calls them ineffective and illegal.

By Eric Geller • Updated Oct. 31, 2025

AI risks pack a punch, but governance provides a buffer

Enterprises strengthen governance and focus on responsible practices as more than 3 in 5 suffer AI risk-related losses of more than $1 million, EY data shows. 

By Lindsey Wilkinson • Oct. 29, 2025

Financial services tech leaders tackle agentic AI governance

Operating in a risk-averse industry, IT decision-makers are helping their businesses adapt to emerging threats without derailing momentum.

By Lindsey Wilkinson • Oct. 24, 2025

Climbing costs, skills loss and other AI warnings for CIOs

Amid seismic change for IT leaders, enterprises need to curate survival kits to mitigate reliability and cost challenges, Gartner analysts said. 

By Lindsey Wilkinson • Oct. 23, 2025

Burned-out security leaders view AI as double-edged sword

As companies face cybersecurity skills gaps and broader attack surfaces, they’re warily turning to AI-powered automation.

By Eric Geller • Oct. 23, 2025

CISA’s international, industry and academic partnerships slashed

The latest round of sweeping layoffs could hamper the business community’s collaboration with the beleaguered cyber agency.

By Eric Geller • Oct. 22, 2025

Jaguar Land Rover attack cost British economy $2.5 billion

The Cyber Monitoring Centre warned that losses could rise further if the company's production isn't back to pre-incident levels by January.

By David Jones • Oct. 22, 2025

Social engineering gains ground as preferred method of initial access

Senior executives and high-net-worth individuals are increasingly at risk as hackers use deepfakes, voice cloning and other tactics for targeted attacks. 

By David Jones • Updated Oct. 21, 2025

Why security awareness training doesn’t work — and how to fix it

Companies have built their security strategies around phishing simulations and educational webinars, tactics that research shows are ineffective.

By Eric Geller • Oct. 20, 2025

Federated security: Building resilient operating models in complex organizations

Balance oversight and autonomy in complex organizations by building an aligned, scalable federated model for cybersecurity.

By Henry Bell • Oct. 20, 2025

Fortune 500 companies designate specialist roles to bolster security operations teams

Four in 10 companies have created deputy CISO roles as regulatory concerns require greater board engagement.

By David Jones • Oct. 17, 2025

Auto sector faces historic cyber threats to business continuity

A catastrophic cyberattack at Jaguar Land Rover is forcing governments and industrial leaders to address urgent demands for business resilience and accountability.

By David Jones • Oct. 16, 2025

Fortune 100 firms accelerate disclosures linked to AI, cybersecurity risk

Companies are concerned about deepfakes and unauthorized AI tools, and board committees are increasing their oversight responsibilities.

By David Jones • Oct. 15, 2025

Layoffs, reassignments further deplete CISA

Some CISA staffers have been pushed out, while others are being told to move across the country for jobs outside their skill sets.

By Eric Geller • Oct. 14, 2025

Risk mitigation budgets swell as enterprise AI adoption grows

Governing AI comes at a cost, with most organizations increasing oversight investments in the next financial year, according to OneTrust data.

By Lindsey Wilkinson • Oct. 9, 2025

Cyber risk a growing priority among insurance and asset management firms

A report by Moody’s shows an emphasis on board-level oversight and spending in order to boost cyber resilience.

By David Jones • Oct. 9, 2025

Public disclosures of AI risk surge among S&P 500 companies

A report by The Conference Board shows companies are flagging concerns about cyber and reputational risk as they increase deployment.

By David Jones • Oct. 7, 2025

Businesses fear AI exposes them to more attacks

More than half of companies have already faced AI-powered phishing attacks, a new survey finds.

By Eric Geller • Oct. 7, 2025

UNFI reports solid results as it recovers from cyberattack

The grocery retailer and wholesaler has raised its sales expectations to reflect strong performance in recent months, CEO Sandy Douglas said during an earnings call.

By Sam Silverstein • Oct. 2, 2025

Federal cuts force many state and local governments out of cyber collaboration group

The Multi-State Information Sharing and Analysis Center lost U.S. government funding at midnight, jeopardizing the cybersecurity of thousands of cash-strapped counties, cities and towns.

By Eric Geller • Oct. 1, 2025