Why Higher Ed CIOs Must Rethink Cybersecurity

Jennifer Lawinski • January 21, 2026

Several Ivy League universities - including Harvard and Princeton - experienced hacks in 2025 through unpatched enterprise software and sophisticated social engineering campaigns, showing that even the nation's wealthiest universities are vulnerable.

Cloud Security

Penetration Testing Startup Novee Exits Stealth With $51.5M

Latest

Cybersecurity Spending

CISA Is 'Trying to Get Back on Its Mission' After Trump Cuts

Chris Riotta • January 21, 2026

After a year of internal upheaval and budget strain, CISA's acting director told Congress the agency is now stabilized and will launch targeted 2026 initiatives, even as lawmakers weigh steep funding cuts that could limit its cyber defense capabilities across federal networks.

Cybersecurity Spending

Congress Proposes Steep Cuts to CISA

Chris Riotta • January 21, 2026

Congress is proposing cuts of nearly $270 million from the Cybersecurity and Infrastructure Security Agency's budget for fiscal year 2026, reducing funding for threat hunting and vulnerability management as officials warn foreign adversaries are escalating cyber operations targeting U.S. systems.

HIPAA/HITECH

EHR Vendor Veradigm to Pay $10.5M to Settle Hack Lawsuit

Marianne Kolbasuk McGee • January 21, 2026

Electronic health records vendor Veradigm agreed to pay $10.5 million to settle consolidated class action litigation involving a December 2024 hacking incident discovered in mid-2025 that affected more than a dozen healthcare provider clients and about 2.5 million of their patients.

Governance & Risk Management

Attacks Target Freshly Patched, Critical Fortinet Flaws

Mathew J. Schwartz • January 21, 2026

Critical vulnerabilities in edge devices are continuing to be discovered by security researchers and rapidly targeted by attackers. Lately, this includes a critical vulnerability in Fortinet's FortiSIEM appliances, which Chinese and other hackers began targeting just two days post-patch.

Artificial Intelligence & Machine Learning

Coder Builds Malware in Week With AI Help

Rashmi Ramesh • January 21, 2026

A single developer built a Linux malware framework in less than a week using artificial intelligence, said security researchers. Check Point researchers say this is a case of AI-generated malware reaching operational maturity at a pace that challenges assumptions about development timelines.

General Data Protection Regulation (GDPR)

Breach Notifications in Europe Rise, While Fines Hold Steady

Mathew J. Schwartz • January 21, 2026

The volume of data breach notifications being issued to Europeans increased by one-fifth over the past year, while the total fines being imposed by data protection authorities held steady, adding up to 1.2 billion euros for the second year in a row, led by Ireland, says a global law firm.

Recruitment & Reskilling Strategy

Missing on Ramp: Why Cyber Careers Are Losing Entry Points

Brandy Harris • January 21, 2026

In cybersecurity hiring, many organizations have quietly removed entry-level jobs from the workforce altogether. While it may meet immediate corporate goals to hire more experienced practitioners, these extremely limited on ramps for cybersecurity jobs risk cutting off the talent pipeline.

HIPAA/HITECH

Minnesota Agency Notifies 304,000 of Vendor Breach

Marianne Kolbasuk McGee • January 20, 2026

The Minnesota Department of Human Services is notifying nearly 304,000 people of data breach involving someone at a healthcare provider who inappropriately accessed information from an IT system managed by a vendor. State officials are monitoring the incident for potential fraud.

Government

Germany and Israel Pledge Cybersecurity Alliance

David Meyer • January 20, 2026

Germany wants to drastically step up defenses against cyberattacks from foes such as Russia, China, Iran and North Korea, and it's looking to key ally Israel for lessons and cooperation.

Artificial Intelligence & Machine Learning

The Smarter Enterprise: A CIO's Blueprint for 2030

Jennifer Lawinski • January 20, 2026

The thriving enterprise of 2030 will be AI-first, not just AI-enabled, said IBM's latest Institute for Business Value. The company surveyed more than 2,000 C-suite executives in the second half of 2025. The results paint a picture of the future of digital transformation dominated by AI technology.

Artificial Intelligence & Machine Learning

Face-Swapping Tools Pose Elevated 'Know Your Customer' Risks

Mathew J. Schwartz • January 20, 2026

Financial firms' fraud and risk teams must bolster know-your-customer checks in the face of increasingly effective and affordable deepfake technology and services that can generate synthetic identities, convincing face-swaps and defeat "live" biometric checks to bypass defenses, warn researchers.

Standards, Regulations & Compliance

Europe Readies Law to Eject Chinese Equipment From Telecoms

David Meyer • January 20, 2026

Countries across the EU could be forced to kick Chinese telecom manufacturers such as Huawei and ZTE out of their critical infrastructure supply chains, under a far-reaching proposal published by the European Commission on Tuesday.