Senators push CISA director nominee on election security, agency focus

Sean Plankey said he would double down on CISA’s core mission and “allow the operators to operate.”

By Eric Geller • July 24, 2025

Trump AI plan calls for cybersecurity assessments, threat info-sharing

It remains unclear how federal agencies depleted by layoffs will be able to implement the strategy’s ambitious vision, which includes an ISAC dedicated to AI.

By Eric Geller • July 23, 2025

Explore the Trendline➔

Risk Management

An esclation of cyber risks facing businesses and government has made cyber resilience a major priority. 

By Cybersecurity Dive staff

Lapsed CISA contract impedes national lab’s threat-hunting operations

The CyberSentry program remains operational, according to CISA, with analysts outside the lab continuing to review sensor data.

By Eric Geller • July 23, 2025

Dwindling federal cyber support for critical infrastructure raises alarms

A plan to transfer cybersecurity and resilience responsibilities to states could have major unintended consequences.

By Eric Geller • July 22, 2025

State Department cyber diplomacy firings and changes threaten US defenses

Departures and restructuring will make it harder for the agency to pursue global policies that strengthen U.S. critical infrastructure, experts said.

By Eric Geller • July 17, 2025

AI-powered attacks rise as CISOs prioritize AI security risks

Security executives are concerned about flaws in AI agents but also eager to see them replace humans in some roles, according to a new report.

By Eric Geller • July 17, 2025

Catastrophic cyber event could cause widespread disruptions to global infrastructure, study suggests

The study by Munich Re and CyberCube also warned that the internet of things and large language models present near-term risks.  

By David Jones • July 15, 2025

Risk management, legacy tech pose major threats to healthcare firms, report finds

Companies have improved their recovery processes and user controls but still lag in risk preparedness, according to the report.

By Eric Geller • July 15, 2025

Scattered Spider poses serious risk to several hundred major companies

A new report shows that a select group of large companies uses technologies that the hacker group often targets.

By David Jones • July 8, 2025

Security coalition urges Congress to renew 2015 CISA law

A group of top cybersecurity and technology firms said the law provided critical protections for sharing essential vulnerability information.

By Eric Geller • July 8, 2025

FBI cyber guidance to lawmakers falls short, US senator says

Sen. Ron Wyden wants FBI briefings to cover four often-overlooked cybersecurity practices.

By Eric Geller • July 2, 2025

US authorities unmask North Korean IT worker schemes and their American accomplices

Federal officials said businesses should carefully verify the identities of remote employees to avoid falling prey to similar scams.

By Eric Geller • June 30, 2025

US government warns of new Iran-linked cyber threats on critical infrastructure

Companies should disconnect operational technology from the internet and enforce strong protections for user accounts, a joint alert from CISA, the FBI, NSA and DoD said.

By Eric Geller • June 30, 2025

Most building management systems exposed to cyber vulnerabilities, experts warn

A study of over 467,000 building management systems across 500 organizations found that 2% of all devices essential to business operations had the highest level of risk exposure. 

By Joe Burns • June 27, 2025

Microsoft to make Windows more resilient following 2024 IT outage

The company has been working with security partners to make sure future software updates don’t lead to operational disruptions for customers.

By David Jones • Updated June 26, 2025

AI security issues dominate corporate worries, spending

Two reports illustrate how business leaders are thinking about and budgeting for generative AI.

By Eric Geller • June 26, 2025

Judge approves AT&T’s $177M data breach settlement

The settlement, which has received preliminary clearance, now awaits a December hearing for final approval.

By Alexei Alexis • June 25, 2025

‘Suspended animation’: US government upheaval has frayed partnerships with critical infrastructure

Recent federal cuts, reorganizations and other disruptions have alarmed industry leaders, who say the government is a less reliable partner even as cyber threats increase.

By Eric Geller • June 25, 2025

Federal officials, critical infrastructure leaders remain on guard for Iran-linked hacks

Amid an uneasy truce, security teams in the U.S. said they have not seen any credible or specific threats.

By David Jones • June 24, 2025

Cyber insurance premiums drop for first time, report finds

Despite a decline in both premiums and prices, the market continues to be profitable.

By Eric Geller • June 24, 2025

Businesses average 21 AI projects in production

Enterprises plan to expand their portfolios by the end of the year, according to a Rackspace Technology survey.

By Lindsey Wilkinson • June 23, 2025

DHS warns of heightened cyber threat as US enters Iran conflict

Federal officials are warning that pro-Iran hacktivists or state-linked actors may target poorly secured U.S. networks.

By David Jones • June 23, 2025

AWS CISO stumps for security as an AI enabler

AI’s rapid development underscores the need for secure foundations, Amy Herzog said Tuesday during the company’s annual cybersecurity conference.

By Roberto Torres • June 20, 2025

FTC reminds car dealers to protect customer data

The commission described how recently updated federal regulations affect dealerships — and their vendors.

By Eric Geller • Updated June 17, 2025

SEC scraps proposed cybersecurity rules for investment advisers, market participants

The commission offered no rationale for removing rules that would have imposed security requirements on financial services providers.

By Eric Geller • Updated June 16, 2025