Risk mitigation budgets swell as enterprise AI adoption grows

Governing AI comes at a cost, with most organizations increasing oversight investments in the next financial year, according to OneTrust data.

By Lindsey Wilkinson • Oct. 9, 2025

Cyber risk a growing priority among insurance and asset management firms

A report by Moody’s shows an emphasis on board-level oversight and spending in order to boost cyber resilience.

By David Jones • Oct. 9, 2025

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Public disclosures of AI risk surge among S&P 500 companies

A report by The Conference Board shows companies are flagging concerns about cyber and reputational risk as they increase deployment.

By David Jones • Oct. 7, 2025

Businesses fear AI exposes them to more attacks

More than half of companies have already faced AI-powered phishing attacks, a new survey finds.

By Eric Geller • Oct. 7, 2025

UNFI reports solid results as it recovers from cyberattack

The grocery retailer and wholesaler has raised its sales expectations to reflect strong performance in recent months, CEO Sandy Douglas said during an earnings call.

By Sam Silverstein • Oct. 2, 2025

Landmark US cyber-information-sharing program expires, bringing uncertainty

Without legal protections, companies might stop reporting information about cybersecurity threats.

By Eric Geller • Oct. 1, 2025

Federal cuts force many state and local governments out of cyber collaboration group

The Multi-State Information Sharing and Analysis Center lost U.S. government funding at midnight, jeopardizing the cybersecurity of thousands of cash-strapped counties, cities and towns.

By Eric Geller • Oct. 1, 2025

CMMC is coming, but most contractors still have a long road to full compliance

A new survey illustrates the defense industrial base’s fragmented security posture.

By Eric Geller • Oct. 1, 2025

Jaguar Land Rover to resume some manufacturing within days

The U.K. will support a $2 billion loan guarantee to help restore the automaker’s supply chain after a cyberattack disrupted production.

By David Jones • Sept. 29, 2025

Cyber insurance could greatly reduce losses from diversification, mitigation measures

A report by CyberCube shows the global market is heavily concentrated in the U.S. and would benefit from expanding into new segments and improving cyber hygiene.

By David Jones • Sept. 25, 2025

CISA urges dependency checks following Shai-Hulud compromise

Security teams are urged to review their software environments after a major supply chain attack on the NPM ecosystem.

By David Jones • Sept. 24, 2025

Many ‘material’ cybersecurity breaches go unreported: VikingCloud

The research also found that cyberattacks have escalated both in frequency and severity in the past year, with AI serving as a primary driver behind the surge.

By Alexei Alexis • Sept. 23, 2025

Jaguar Land Rover to extend production pause into October following cyberattack

Meanwhile, Stellantis said hackers gained access to some customer information in a third-party data breach.

By David Jones • Sept. 23, 2025

AI-powered vulnerability detection will make things worse, not better, former US cyber official warns

Patching won’t be able to keep up with discovery, said Rob Joyce, who once led the National Security Agency's elite hacking team.

By Eric Geller • Sept. 22, 2025

Preemptive security predicted to constitute about half of IT security spending by 2030

The increasing use of AI will drive a demand for technology that can anticipate and neutralize threats, Gartner said in a new report.

By David Jones • Sept. 19, 2025

NIST explains how post-quantum cryptography push overlaps with existing security guidance

The agency published a document linking its recommendations for PQC migration to the advice in its landmark security publications.

By Eric Geller • Sept. 19, 2025

Evolving AI attacks, rapid model adoption worry cyber defenders

IT defenders think many of their security tools aren’t ready for AI-powered cyberattacks, according to a new report.

By Eric Geller • Sept. 19, 2025

Microsoft disrupts global phishing campaign that led to widespread credential theft

Officials say the operation led to ransomware and BEC attacks on U.S. hospitals and healthcare organizations.

By David Jones • Sept. 17, 2025

Context is key in a world of identity-based attacks and alert fatigue

A new report highlights why businesses struggle to separate true cyber threats from false positives.

By Eric Geller • Sept. 16, 2025

Schools are getting better at navigating ransomware attacks, Sophos finds

In 2025, 67% of global lower education providers said they stopped an attack before their stolen data was encrypted, the cybersecurity company reported.

By Anna Merod • Sept. 16, 2025

CISA audit sparks debate about cybersecurity pay incentives

Some Cybersecurity and Infrastructure Security Agency employees believe a recent inspector general’s report partially missed the mark.

By Eric Geller • Sept. 15, 2025

FBI warns about 2 campaigns targeting Salesforce instances

The threat groups, identified as UNC6040 and UNC6395, have used different tactics to gain access to data.

By David Jones • Sept. 15, 2025

CISA pledges robust support for funding, further development of CVE program

A key official from the agency said the vulnerability management program will continue with additional participation and enhancements.

By David Jones • Sept. 12, 2025

Researchers warn VoidProxy phishing platform can bypass MFA

The service has been targeting Microsoft and Google accounts for months, opening the door to possible BEC attacks and data exfiltration.

By David Jones • Sept. 12, 2025

UK cyber leader calls for shift in focus toward continuity of critical services

Richard Horne, CEO of the National Cyber Security Centre, said the U.S. remains a key ally in the global fight against sophisticated adversaries.

By David Jones • Sept. 11, 2025