DataBreachToday.com

DistributedApps.ai's Ken Huang on Agentic AI Risks and Threat Modeling
As AI agents gain autonomy and access dynamic tools, organizations must adopt new threat modeling approaches like mixture threat modeling, a new method that accounts for AI's unpredictability, said Ken Huang, chief AI officer at DistributedApps.ai.

Blackpoint Cyber's Manoj Srivastava on Orchestration, Context and Unified Cybersecurity
The traditional notion of a fixed security perimeter has become obsolete, and the threat surface has expanded significantly due to remote work, cloud adoption, IoT devices and third-party vendor integrations, said Manoj Srivastava, chief technology and product officer at Blackpoint Cyber.

Administration's Budget Proposals Would Slash Cyber Defense Agency Spending by 16%
President Donald Trump proposed a series of budget cuts Friday that would in part reduce the Cybersecurity and Infrastructure Security Agency's spending for fiscal year 2026 by nearly $500 million - a 16% reduction the administration said was aimed at realigning the agency with its core mission.

Hacker Who Feigned Russian Hacktivist Persona Faces Up to a Decade in Prison
A California man whose theft of a terabyte of company data from Disney led the media and entertainment conglomerate to eschew Slack pleaded guilty in Los Angeles federal court to two felony charges. Santa Clarita resident Ryan Mitchell Kramer, 25, gained access to a Disney employee's computer.

Fastly CEO Todd Nightingale Makes the Case for Security Without Compromise
Power, speed and security don’t have to be mutually exclusive for organizations aiming to integrate innovative new solutions into their systems and networks. Fastly’s Todd Nightingale outlines how a unified, simplified approach can help organizations fight complex threats - without compromise.

Irish DPC Imposes a Fine for GDPR Violations
TikTok must pay 530 million euros to the Irish data regulator for non-compliance with European privacy law. The nearly $600 million fine stems from TikTok's storage of European user data on servers in China and failure to disclose data transfers to China from July 2020 through November 2022.

Ellis of YL Ventures on How Modern CISOs Must Lead, Not Master Every Discipline
There were never many 'do everything' CISOs. Today there are even fewer. But with a specialist area, strong overview and ability to channel expertise, CISOs can align with business goals, embrace the business enabler role, demonstrate quick wins, and ensure their organization makes better risk decisions.

4 Breaches Appear to Potentially Affect Hundreds of Thousands Across Several States
Catholic hospital chain Ascension Health is notifying hundreds of thousands of individuals across several states of at least four hacking incidents in recent months involving third-parties. Ascension reported one of the breaches this week, another in mid-April and the others in March and February.

CISA Staff Told to Prepare for Cuts and Crowded Work Locations Amid Growing Turmoil
Top officials at the nation's cyber defense agency want to give President Donald Trump's pick to lead the agency time to assess major restructuring plans - a move that is reportedly delaying the timeline for reductions in force while causing growing concerns for job stability among staffers.

Retailer Continues to Recover From Ransomware Incident
British retailer Marks & Spencer was reportedly targeted by financial crime group Scattered Spider, who deployed ransomware on the company's VMware ESXi server. The retailer continues to recover from a cyber incident that disrupted operations in its online and offline stores.

Palo Alto Networks' Nikesh Arora: Browser Security Will Surpass EDR in Importance
As enterprises rush to deploy AI across operations, Palo Alto Networks is securing models and agents through its platform approach and recent acquisitions. CEO Nikesh Arora predicts browser security will outpaceEDR as a foundational requirement.

Zscaler's Jay Chaudhry on Visibility and Policy Enforcement to Secure AI Usage
Organizations face significant risks when employees use public AI tools without governance, but security platforms can provide visibility, policy controls and data protection to safeguard sensitive information from unauthorized exposure, said Jay Chaudhry, founder, chairman and CEO, Zscaler.

Sightline Security's Kelley Misata on Why Myths Hinder Real Security Progress
Nonprofit organizations are often labeled as low-risk when it comes to cybersecurity, but that perspective misses the diversity and importance of these organizations, said Kelley Misata, founder and CEO, Sightline Security, and president, the Open Information Security Foundation.

Quick Recovery Plans Needed As Nation-State Groups Target Critical Infrastructure
Nation state threats have been outpacing defense for decades, adapting and evolving much faster. Now they're also changing motivations, from information gathering and seeking economic advantage to apparently pre-positioning to cause disruption in a future hybrid war, said Rubrik's Travis Rosiek.

Also, Nike Sued Over Shutdown of NFT Subsidiary
This week, KiloEX compensation after Oracle exploit, Nike sued over NFT shutdown, SEC dropped probe into PayPal PYUSD, Long Island man sentenced for crypto fraud, Americans lost billions to crypto scams, Loopscale exploiter agreed to return stolen funds and bank regulators softened stance on crypto.

Panel Explores AI Innovation, Geopolitical Tensions and Cybersecurity Leadership
ISMG editors share insights from Day 3 of RSAC Conference 2025, unpacking nagging AI security challenges, evolving CISO roles, operational technology protection and the impact of geopolitical tensions on global cybersecurity collaboration.

Practical Tips for Surviving Conference Networking
Conferences are a prime opportunity to meet new people, exchange ideas and build relationships but for those of us who are introverts, the prospect of networking in large crowds can be overwhelming and exhausting.