Trump’s CISA director pick withdraws after tumultuous nomination

CISA has been without a permanent director for more than a year, imperiling its efforts to establish a strategic direction.  

By Eric Geller • April 22, 2026

CISA urges security teams to view environments following axios compromise

A suspected North Korea-linked actor is behind a supply chain attack on the widely used library.

By David Jones • April 21, 2026

Explore the Trendline➔

The Cybersecurity Skills Gap

From AI to federal budget cuts, the nature of cybersecurity work is changing faster than ever.

By Cybersecurity Dive staff

Big banks seek to ease security worries as AI push accelerates

“AI is our friend, OK?” said Morgan Stanley CEO Ted Pick during the bank’s earnings call as the industry grapples with its disruptive potential. 

By Makenzie Holland • April 21, 2026

Stellantis teams with Microsoft to strengthen digital capabilities

As part of the 5-year agreement, collaborative teams will co-develop more than 100 initiatives relating to AI and cybersecurity.

By Eric Walz • April 20, 2026

Vulnerability exploitation surges often precede disclosure, offering possible early warnings

Organizations can get ahead of major flaws with the right threat intelligence, according to a new report.

By Eric Geller • April 20, 2026

Vercel systems targeted after third-party tool compromised

An employee using a consumer app was breached after granting too many permissions.

By David Jones • April 20, 2026

CIOs fret over rising security concerns amid AI adoption

AI is emerging as a critical tool and a growing threat as CIOs struggle to balance innovation with risk, according to a new report.

By Scarlett Evans • April 16, 2026

CISA cancels prestigious summer internships, citing government shutdown

Experts worry that recent chaos in the scholarship program could undermine vital workforce-development efforts.

By Eric Geller • April 16, 2026

NIST limits vulnerability analysis as CVE backlog swells

The agency will stop adding detailed information to vulnerabilities that don’t meet certain criteria.

By Eric Geller • April 16, 2026

FCC signals continued commitment to Cyber Trust Mark program

The government approved a new lead overseer for its IoT device security labeling initiative.

By Eric Geller • Updated April 14, 2026

CISOs see gaps in their incident response playbooks

A survey by Sygnia reveals that senior-level security leaders fear they are not prepared to respond to the next cyberattack.

By David Jones • April 13, 2026

Stryker warns of earnings fallout from March cyberattack

The medtech company was targeted in a wiper attack linked to an Iran-sponsored threat group.

By David Jones • April 10, 2026

CISA’s vulnerability scans, field support on chopping block in Trump budget

The president is proposing to shrink the agency by nearly 900 positions.

By Eric Geller • April 7, 2026

Olympic Games, FIFA World Cup offer huge platforms, rich cyberattack surface

Global sporting events have become a lucrative target for criminal actors and geopolitical statements.

By David Jones • April 7, 2026

Trump’s FY2027 budget again targets CISA

The White House reiterated accusations about CISA’s counter-misinformation work to justify a major proposed reduction.

By Eric Geller • April 3, 2026

Government agencies see cyber threats as major barrier to tech improvements

Federal leaders also see opportunities to accelerate cyber defense with AI, according to a new report, but most agencies are still only testing AI tools.

By Eric Geller • April 3, 2026

Retail and hospitality CISOs expect budget growth, new AI headaches and opportunities

More than eight in 10 security leaders in the sector say they’ve rolled out an AI governance framework to some degree, a new survey found.

By Eric Geller • April 2, 2026

Cybersecurity risks shape AI adoption, but investment accelerates nonetheless

Companies see cybersecurity as a top investment priority within their AI budgets, according to KPMG.

By Eric Geller • March 31, 2026

Iran actors’ claims raise questions about larger cyber threat to US, allies

Questions are being raised about the veracity and tactics of Iran-linked actors, amid claims that a large trove of Lockheed Martin data is on the market.

By David Jones • Updated March 31, 2026

‘Missed opportunity’: US government’s absence from RSAC Conference leaves stark void

The Trump administration’s decision to not attend the world’s biggest cybersecurity conference sent the wrong message to partners, experts said.

By Eric Geller • March 31, 2026

Identity is the first line of defense, especially in an AI-fueled threat landscape

Two new reports illustrate why companies need to do a better job of scrutinizing what their human employees and AI agents are doing.

By Eric Geller • March 27, 2026

‘Do not shift budgets to AI’: How businesses should and shouldn’t respond to evolving threats

Experts said companies rushing to buy AI services risk letting their existing, still-vital defensive measures deteriorate.

By Eric Geller • March 25, 2026

Congress wants details from White House on cyber strategy, Iran resilience measures

Lawmakers’ aides from both parties say they want to be kept in the loop on implementation.

By Eric Geller • March 25, 2026

The CVE Program, a bedrock of global cyber defense, is teetering on the brink

A funding scare, AI and similar international initiatives are raising existential questions about the program’s future.

By Eric Geller • March 24, 2026

Companies face difficult choices in blaming hackers for an attack

Publicly naming a hacking group can affect everything from retaliation to insurance coverage.

By Eric Geller • March 24, 2026