CISA will shutter some missions to prioritize others

The agency has lost roughly one-third of its workforce since January 2025.

By Eric Geller • Updated 10 hours ago

CISA seeks infrastructure sector consultation on incident reporting rule

The agency is particularly interested in feedback on several aspects of the long-awaited regulation.

By Eric Geller • Feb. 12, 2026

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

The Future of DAST in an AI-First World: Why Runtime Security Testing Remains Critical

Runtime validation is where the gap is widening—and where this shift creates the biggest leap forward.

By Joni Klippert, CEO of StackHawk • Feb. 12, 2026

Microsoft prepares to refresh Secure Boot’s digital certificate

Some customers, including in critical infrastructure sectors, will need to manually review their devices’ readiness for the update.

By Eric Geller • Feb. 10, 2026

Polish power grid hack offers lessons for critical infrastructure operators, CISA says

The agency listed several steps businesses could take to prevent similar cyberattacks.

By Eric Geller • Feb. 10, 2026

FTC data highlights online threats to consumers and businesses

The commission listed several steps companies can take to fend off attacks.

By Eric Geller • Feb. 9, 2026

New research: 3 big challenges facing security teams (and how to overcome them)

New research from Tines shows AI adoption is high, but manual workloads and burnout persist.

By Jennifer Cox, Director of Solutions Engineering, Tines • Feb. 9, 2026

CISA orders feds to disconnect unsupported network edge devices

The government is worried about hackers accessing systems through insecure and poorly monitored routers, firewalls and similar equipment at the network perimeter.

By Eric Geller • Feb. 5, 2026

AI-ISAC inches forward under Trump administration

The U.S. government is exploring different options for how the information-sharing organization should work, an official said.

By Eric Geller • Feb. 3, 2026

National cyber director solicits industry help in fixing regulations, threat information-sharing

President Donald Trump’s chief cybersecurity adviser said a forthcoming national strategy will kick off ambitious projects.

By Eric Geller • Feb. 3, 2026

National cybersecurity strategies depend on public-private trust, report warns

An influential cybersecurity think tank urged governments to consult extensively with a wide variety of business stakeholders before making ambitious plans.

By Eric Geller • Feb. 3, 2026

FCC urges telecoms to boost cybersecurity amid growing ransomware threat

The commission said it was aware of ransomware disruptions at a growing number of small and medium-sized telecoms.

By Eric Geller • Feb. 2, 2026

Cybersecurity 2026: AI, CISA, manufacturing sector all in the hot seat

A look at the most important trends and issues in cyber this year.

By Cybersecurity Dive Staff • Jan. 30, 2026

How Granite complied with new federal cyber regs before a critical deadline

To reach Cybersecurity Maturity Model Certification Level 2, CTO Malcolm Jack learned implementation was as much about people as it was the technology.

By Matthew Thibault • Jan. 30, 2026

Manufacturers fortify cyber defenses in response to dramatic surge in attacks

IT/OT convergence and other trends are making the manufacturing industry’s networks more vulnerable and more frequently targeted, but sector leaders are working to improve their cyber posture.

By Eric Geller , David Jones • Jan. 29, 2026

Federal pivot on software security oversight could complicate vendor strategies

Software companies cheered the elimination of a government-wide attestation mandate. What comes next could be messy.

By Eric Geller • Jan. 28, 2026

Corporate workers lean on shadow AI to enhance speed

A report shows senior corporate executives are willing to allow unsanctioned AI use, which could place company data at risk.

By David Jones • Updated Jan. 28, 2026

AI tools break quickly, underscoring need for governance

In a new report, the security firm Zscaler said it identified severe vulnerabilities in every enterprise tool it tested — sometimes on its first prompt.

By Eric Geller • Jan. 28, 2026

Federal agencies abruptly pull out of RSAC after organizer hires Easterly

The decision fits a pattern of government withdrawal from the cybersecurity community under the Trump administration.

By Eric Geller • Jan. 26, 2026

NIST is rethinking its role in analyzing software vulnerabilities

As the agency’s vulnerability database buckles under a flood of submissions, it’s planning to shift some responsibilities to other parties.

By Eric Geller • Jan. 23, 2026

5 cybersecurity trends to watch in 2026

Corporations across the globe are facing a dynamic risk environment, as AI adoption surges with few guardrails, business resilience takes center stage and the insurance industry raises major concerns about the U.S. cyber market.

By David Jones • Jan. 23, 2026

Acting CISA chief defends workforce cuts, declares agency ‘back on mission’

Lawmakers in both parties expressed concerns about CISA losing roughly a thousand employees.

By Eric Geller • Jan. 21, 2026

CFOs, CISOs clash over cybersecurity spending as threats mount: Expel

Four in 10 finance leaders said quantified risk reduction would make it easier to justify a cybersecurity spending hike.

By Alexei Alexis • Jan. 21, 2026

UK authorities warn of pro-Russia groups targeting critical infrastructure, local government

The alert comes just over a month after a joint advisory from CISA, the FBI and Western allies citing hacktivist activity against OT providers. 

By David Jones • Jan. 20, 2026

CEOs and CISOs differ on AI’s security value and risks

A new report also found that American executives are more bullish on AI's potential than their British counterparts.

By Eric Geller • Jan. 20, 2026