Federal pivot on software security oversight could complicate vendor strategies

Software companies cheered the elimination of a government-wide attestation mandate. What comes next could be messy.

By Eric Geller • Jan. 28, 2026

Corporate workers lean on shadow AI to enhance speed

A report shows senior corporate executives are willing to allow unsanctioned AI use, which could place company data at risk.

By David Jones • Updated Jan. 28, 2026

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

AI tools break quickly, underscoring need for governance

In a new report, the security firm Zscaler said it identified severe vulnerabilities in every enterprise tool it tested — sometimes on its first prompt.

By Eric Geller • Jan. 28, 2026

Federal agencies abruptly pull out of RSAC after organizer hires Easterly

The decision fits a pattern of government withdrawal from the cybersecurity community under the Trump administration.

By Eric Geller • Jan. 26, 2026

NIST is rethinking its role in analyzing software vulnerabilities

As the agency’s vulnerability database buckles under a flood of submissions, it’s planning to shift some responsibilities to other parties.

By Eric Geller • Jan. 23, 2026

5 cybersecurity trends to watch in 2026

Corporations across the globe are facing a dynamic risk environment, as AI adoption surges with few guardrails, business resilience takes center stage and the insurance industry raises major concerns about the U.S. cyber market.

By David Jones • Jan. 23, 2026

Acting CISA chief defends workforce cuts, declares agency ‘back on mission’

Lawmakers in both parties expressed concerns about CISA losing roughly a thousand employees.

By Eric Geller • Jan. 21, 2026

CFOs, CISOs clash over cybersecurity spending as threats mount: Expel

Four in 10 finance leaders said quantified risk reduction would make it easier to justify a cybersecurity spending hike.

By Alexei Alexis • Jan. 21, 2026

UK authorities warn of pro-Russia groups targeting critical infrastructure, local government

The alert comes just over a month after a joint advisory from CISA, the FBI and Western allies citing hacktivist activity against OT providers. 

By David Jones • Jan. 20, 2026

CEOs and CISOs differ on AI’s security value and risks

A new report also found that American executives are more bullish on AI's potential than their British counterparts.

By Eric Geller • Jan. 20, 2026

US and allies collaborate on operational technology security guidance

A new report stresses the importance of logging, network segmentation and strong authentication, among other practices.

By Eric Geller • Jan. 16, 2026

DHS prepares replacement for critical infrastructure collaboration framework

It remains unclear if the new system will include liability protections that companies say are necessary.

By Eric Geller • Jan. 15, 2026

AI surges among top business risk concerns, while cybersecurity holds firm

A report from Allianz Commercial shows the rapid embrace of AI is posing new challenges for enterprise leaders.

By David Jones • Jan. 14, 2026

Trump resubmits Sean Plankey for CISA director

It’s unclear when the Senate will act on Plankey’s nomination, which stalled last year after multiple senators blocked it.

By Eric Geller • Jan. 14, 2026

Majority of hedge funds boosted cybersecurity spending in 2025

About half of firms suffered a breach, and a large percentage cited third-party risks.

By David Jones • Jan. 13, 2026

Healthcare breaches double as shadow AI, vendor risks proliferate

A new report paints a picture of a sector with limited confidence in its defensive capabilities.

By Eric Geller • Jan. 13, 2026

Executives worry most about cyber-enabled fraud, geopolitics and AI

The World Economic Forum’s wide-ranging new report also found strong global support for cyber regulation.

By Eric Geller • Jan. 12, 2026

How to stop insider-driven data loss in browser sessions

Midmarket teams turn to secure browsers capable of providing deep visibility and enforcing granular user controls during user browsing sessions, the goal being to prevent intentional or unintentional leaks without adding friction to the user experience.

Jan. 12, 2026

CISA’s 7 biggest challenges in 2026

From infrastructure protection to improving morale, the cybersecurity agency has a lot on its plate — and it still lacks a leader.

By Eric Geller • Jan. 9, 2026

Moody’s forecasts growing AI threats, regulatory friction for 2026

The U.S. and the EU continue to pursue starkly different regulatory agendas, the research firm noted.

By Eric Geller • Jan. 8, 2026

How CIOs can brace for AI-fueled cyberthreats

Executives are carefully tracking the rise in AI use for cyberthreats, bolstering basic preparedness tactics and increasing cyber spend in response.

By Jen A. Miller • Jan. 8, 2026

NIST asks public for help securing AI agents

The agency is interested in case studies showing how best to protect agents from hackers.

By Eric Geller • Jan. 7, 2026

Jaguar Land Rover reports fiscal Q3 sales slump following cyberattack

The hack forced the automaker to halt production for weeks and caused disruptions across the supply chain.

By David Jones • Jan. 6, 2026

Risky shadow AI use remains widespread

A new report offers fresh evidence for why enterprises should prioritize AI governance policies.

By Eric Geller • Jan. 6, 2026

FCC IoT labeling program loses lead company after China probe

It’s unclear if the FCC will seek to continue the program, which originated during the previous administration.

By Eric Geller • Updated Jan. 6, 2026