Fortune 500 companies designate specialist roles to bolster security operations teams

Four in 10 companies have created deputy CISO roles as regulatory concerns require greater board engagement.

By David Jones • Oct. 17, 2025

Auto sector faces historic cyber threats to business continuity

A catastrophic cyberattack at Jaguar Land Rover is forcing governments and industrial leaders to address urgent demands for business resilience and accountability.

By David Jones • Oct. 16, 2025

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Fortune 100 firms accelerate disclosures linked to AI, cybersecurity risk

Companies are concerned about deepfakes and unauthorized AI tools, and board committees are increasing their oversight responsibilities.

By David Jones • Oct. 15, 2025

Layoffs, reassignments further deplete CISA

Some CISA staffers have been pushed out, while others are being told to move across the country for jobs outside their skill sets.

By Eric Geller • Oct. 14, 2025

Risk mitigation budgets swell as enterprise AI adoption grows

Governing AI comes at a cost, with most organizations increasing oversight investments in the next financial year, according to OneTrust data.

By Lindsey Wilkinson • Oct. 9, 2025

Cyber risk a growing priority among insurance and asset management firms

A report by Moody’s shows an emphasis on board-level oversight and spending in order to boost cyber resilience.

By David Jones • Oct. 9, 2025

Public disclosures of AI risk surge among S&P 500 companies

A report by The Conference Board shows companies are flagging concerns about cyber and reputational risk as they increase deployment.

By David Jones • Oct. 7, 2025

Businesses fear AI exposes them to more attacks

More than half of companies have already faced AI-powered phishing attacks, a new survey finds.

By Eric Geller • Oct. 7, 2025

UNFI reports solid results as it recovers from cyberattack

The grocery retailer and wholesaler has raised its sales expectations to reflect strong performance in recent months, CEO Sandy Douglas said during an earnings call.

By Sam Silverstein • Oct. 2, 2025

Landmark US cyber-information-sharing program expires, bringing uncertainty

Without legal protections, companies might stop reporting information about cybersecurity threats.

By Eric Geller • Oct. 1, 2025

Federal cuts force many state and local governments out of cyber collaboration group

The Multi-State Information Sharing and Analysis Center lost U.S. government funding at midnight, jeopardizing the cybersecurity of thousands of cash-strapped counties, cities and towns.

By Eric Geller • Oct. 1, 2025

CMMC is coming, but most contractors still have a long road to full compliance

A new survey illustrates the defense industrial base’s fragmented security posture.

By Eric Geller • Oct. 1, 2025

Jaguar Land Rover to resume some manufacturing within days

The U.K. will support a $2 billion loan guarantee to help restore the automaker’s supply chain after a cyberattack disrupted production.

By David Jones • Sept. 29, 2025

Cyber insurance could greatly reduce losses from diversification, mitigation measures

A report by CyberCube shows the global market is heavily concentrated in the U.S. and would benefit from expanding into new segments and improving cyber hygiene.

By David Jones • Sept. 25, 2025

CISA urges dependency checks following Shai-Hulud compromise

Security teams are urged to review their software environments after a major supply chain attack on the NPM ecosystem.

By David Jones • Sept. 24, 2025

Many ‘material’ cybersecurity breaches go unreported: VikingCloud

The research also found that cyberattacks have escalated both in frequency and severity in the past year, with AI serving as a primary driver behind the surge.

By Alexei Alexis • Sept. 23, 2025

Jaguar Land Rover to extend production pause into October following cyberattack

Meanwhile, Stellantis said hackers gained access to some customer information in a third-party data breach.

By David Jones • Sept. 23, 2025

AI-powered vulnerability detection will make things worse, not better, former US cyber official warns

Patching won’t be able to keep up with discovery, said Rob Joyce, who once led the National Security Agency's elite hacking team.

By Eric Geller • Sept. 22, 2025

Preemptive security predicted to constitute about half of IT security spending by 2030

The increasing use of AI will drive a demand for technology that can anticipate and neutralize threats, Gartner said in a new report.

By David Jones • Sept. 19, 2025

NIST explains how post-quantum cryptography push overlaps with existing security guidance

The agency published a document linking its recommendations for PQC migration to the advice in its landmark security publications.

By Eric Geller • Sept. 19, 2025

Evolving AI attacks, rapid model adoption worry cyber defenders

IT defenders think many of their security tools aren’t ready for AI-powered cyberattacks, according to a new report.

By Eric Geller • Sept. 19, 2025

Microsoft disrupts global phishing campaign that led to widespread credential theft

Officials say the operation led to ransomware and BEC attacks on U.S. hospitals and healthcare organizations.

By David Jones • Sept. 17, 2025

Context is key in a world of identity-based attacks and alert fatigue

A new report highlights why businesses struggle to separate true cyber threats from false positives.

By Eric Geller • Sept. 16, 2025

Schools are getting better at navigating ransomware attacks, Sophos finds

In 2025, 67% of global lower education providers said they stopped an attack before their stolen data was encrypted, the cybersecurity company reported.

By Anna Merod • Sept. 16, 2025

CISA audit sparks debate about cybersecurity pay incentives

Some Cybersecurity and Infrastructure Security Agency employees believe a recent inspector general’s report partially missed the mark.

By Eric Geller • Sept. 15, 2025