Traditional security operations: CTI feeds piped into a SIEM, alerts routing into a ticket queue, and analysts triaging the resulting flood is running out of road. A new operational model is emerging in its place, and it doesn’t look much like what most security teams currently have in place.
Federal agencies and tech providers are accelerating AI security programs but organizations responsible for water systems, emergency services, and local government operations are struggling to keep pace. (Article includes an infographic to help security teams understand the operational challenges.)
New survey results show that medical device procurement standards are tightening and budgets are growing, yet organizations are not keeping pace with threat actors as their attacks become more frequent. And the security gap between legacy and newly deployed devices isn’t closing.
With NIST's National Vulnerability Database now triaging only a fraction of incoming CVEs, security teams must diversify beyond NVD while rethinking patch SLAs and risk scoring.
There's an all-too-common frustration that shows up in enterprise security survey results when the gap between a security team’s intentions and its execution leaves an opening for attackers to succeed.
Executives think their teams are fixing critical vulnerabilities. Their security practitioners disagree by 42 percentage points.
An analysis of the National Vulnerability Database's shift to risk-based triage and what it actually means for the people patching systems (first of a two-part analysis)
A new Dbt Labs survey of 363 data practitioners finds 72% are sprinting into AI-assisted coding while fewer than one in four invest in the pipeline controls that keep those outputs secure — and the practitioners closest to the data are more worried about it than their bosses.
IRGC-affiliated actors used legitimate engineering software to compromise American water, energy, and government systems. A new report ties the hacktivist ecosystem to Iranian intelligence, enabling them to communicate directly with Iranian intelligence.
Agentic AI will increasingly cut out humans in many management and operational decisions. These systems are designed to plan, decide, and act — continuously — without a human in every loop. Here's what that means for OT security.
Iran's proxies hacked the FBI director who vowed to hunt them down.
The tens of thousands of at-risk water utilities across this country are still out there — now slightly more aware of how exposed they are, which isn’t exactly progress.
Critical infrastructure organizations reported thousands of incidents in the covered period, and year-over-year data shows a roughly 180% increase in the exploitation of vulnerabilities as an initial access path, concentrated heavily on edge devices and remote access infrastructure.
The Office of the Director of National Intelligence’s 2026 Annual Threat Assessment (ATA) highlights escalating risks to the U.S. from China, Russia, Iran, North Korea, and aggressive ransomware actors, emphasizing pre-positioning in key systems for potential disruption during crises.
The Purdue Model has long been the GuideStar for securing factories, power plants, and water systems: layer your sensors at the bottom, controllers above, and tie it all to enterprise IT at the top with firewalls segmenting between. Simple. Effective. Or so the industry told itself.
Many medical devices have expected lifespans measured in decades, and the majority of connected medical devices currently in use wouldn't meet the FDA's latest cybersecurity standards if submitted for approval. Adversaries have noticed.
