Western governments disrupt trifecta of cybercrime tools

Authorities seized more than 1,000 servers and 20 domains in the operation.

By Eric Geller • Nov. 14, 2025

Government funding bill temporarily revives cybersecurity information-sharing law

The spending legislation passed by Congress will reauthorize the CISA 2015 program through the end of January.

By Eric Geller • Nov. 13, 2025

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Companies want more from their threat intelligence platforms

Customers expect faster, more accurate and more relevant data, Recorded Future found in a new report.

By Eric Geller • Nov. 12, 2025

Shadow AI is widespread — and executives use it the most

Employees in fields like health care and finance trust AI more than they trust their colleagues, according to a new report.

By Eric Geller • Nov. 12, 2025

AI agents worsen IT’s capacity crunch: S&P Global

An infrastructure overhaul to support agentic systems is underway, bringing with it a new set of capacity demands and security considerations. 

By Lindsey Wilkinson • Nov. 10, 2025

Conduent warns of further financial fallout from cyberattack

The company has incurred millions in expenses related to data breach notifications stemming from an attack earlier this year. 

By David Jones • Nov. 9, 2025

In financial sector, vendors lag behind customers on cybersecurity

Financial firms should be performing regular oversight of their vendors to avoid supply chain compromises, according to a new report.

By Eric Geller • Nov. 6, 2025

SonicWall says state-linked actor behind attacks against cloud backup service

CEO announces security and governance reforms inside the company, including the adoption of secure-by-design practices.

By David Jones • Nov. 6, 2025

Identity-based attacks need more attention in cloud security strategies

Companies should lock down user accounts and scan for compromised credentials, according to a new report.

By Eric Geller • Nov. 4, 2025

Security leaders say AI can help with governance, threat detection, SOC automation

Executives and technical leaders differ on AI priorities, according to a report from Amazon.

By Eric Geller • Nov. 3, 2025

CISA, NSA unveil best-practices guide to address ongoing Exchange Server risks

The guide follows CISA’s warnings in August about a high-severity vulnerability in Microsoft Exchange.

By David Jones • Oct. 30, 2025

FCC will vote to scrap telecom cybersecurity requirements

The commission’s Republican chair, who voted against the rules in January, calls them ineffective and illegal.

By Eric Geller • Updated Oct. 31, 2025

AI risks pack a punch, but governance provides a buffer

Enterprises strengthen governance and focus on responsible practices as more than 3 in 5 suffer AI risk-related losses of more than $1 million, EY data shows. 

By Lindsey Wilkinson • Oct. 29, 2025

Financial services tech leaders tackle agentic AI governance

Operating in a risk-averse industry, IT decision-makers are helping their businesses adapt to emerging threats without derailing momentum.

By Lindsey Wilkinson • Oct. 24, 2025

Climbing costs, skills loss and other AI warnings for CIOs

Amid seismic change for IT leaders, enterprises need to curate survival kits to mitigate reliability and cost challenges, Gartner analysts said. 

By Lindsey Wilkinson • Oct. 23, 2025

Burned-out security leaders view AI as double-edged sword

As companies face cybersecurity skills gaps and broader attack surfaces, they’re warily turning to AI-powered automation.

By Eric Geller • Oct. 23, 2025

CISA’s international, industry and academic partnerships slashed

The latest round of sweeping layoffs could hamper the business community’s collaboration with the beleaguered cyber agency.

By Eric Geller • Oct. 22, 2025

Jaguar Land Rover attack cost British economy $2.5 billion

The Cyber Monitoring Centre warned that losses could rise further if the company's production isn't back to pre-incident levels by January.

By David Jones • Oct. 22, 2025

Social engineering gains ground as preferred method of initial access

Senior executives and high-net-worth individuals are increasingly at risk as hackers use deepfakes, voice cloning and other tactics for targeted attacks. 

By David Jones • Updated Oct. 21, 2025

Why security awareness training doesn’t work — and how to fix it

Companies have built their security strategies around phishing simulations and educational webinars, tactics that research shows are ineffective.

By Eric Geller • Oct. 20, 2025

Federated security: Building resilient operating models in complex organizations

Balance oversight and autonomy in complex organizations by building an aligned, scalable federated model for cybersecurity.

By Henry Bell • Oct. 20, 2025

Fortune 500 companies designate specialist roles to bolster security operations teams

Four in 10 companies have created deputy CISO roles as regulatory concerns require greater board engagement.

By David Jones • Oct. 17, 2025

Auto sector faces historic cyber threats to business continuity

A catastrophic cyberattack at Jaguar Land Rover is forcing governments and industrial leaders to address urgent demands for business resilience and accountability.

By David Jones • Oct. 16, 2025

Fortune 100 firms accelerate disclosures linked to AI, cybersecurity risk

Companies are concerned about deepfakes and unauthorized AI tools, and board committees are increasing their oversight responsibilities.

By David Jones • Oct. 15, 2025

Layoffs, reassignments further deplete CISA

Some CISA staffers have been pushed out, while others are being told to move across the country for jobs outside their skill sets.

By Eric Geller • Oct. 14, 2025