Cyber Gangs Extorting Companies by Threatening to Report Compliance Violations

Ransomware gangs extort victims by citing compliance violations

Ransomware attacks remain among the most common attack methods. As recent analyses show, cyber gangs are increasingly threatening their victims with reporting violations of regulations such as the GDPR to supervisory authorities.

Researchers at the security provider Akamai have observed an increasing trend in this tactic over the past two years. As an example, the security vendor points to ransomware group Anubis. Its members reportedly focus primarily on industries with high compliance risks, such as healthcare. The notorious Ransomhub gang also allegedly employs this method, explicitly encouraging its partners to threaten hacked companies with regulatory penalties.

Rudd defends qualifications to lead NSA, Cyber Command at confirmation hearing

President Donald Trump’s pick to lead U.S. Cyber Command and the National Security Agency told senators Thursday that his experience working with cyber intelligence in the Indo-Pacific qualifies him to serve in the dual-hatted role, though he notably stopped short of directly endorsing policy proposals for more aggressive cyber responses to China and other foreign adversaries.

Lt. Gen. Josh Rudd’s relative lack of direct experience in military cybersecurity and signals intelligence was raised multiple times when he testified before the Senate Armed Services Committee on Thursday. As the number two leader of U.S. Indo-Pacific Command, Rudd has spent his career largely in special operations and joint command roles. Some former officials and China analysts view Rudd’s Indo-Pacific background as relevant to U.S. cyber operations involving Beijing.

AI moves to the core of cyber defense as attacks grow more complex

New research shows that AI is no longer a supporting tool in cyberspace security but a foundational technology shaping how digital infrastructure is protected.

The editorial study Artificial Intelligence in Cyberspace Security, published in the journal Electronics, outlines how AI-driven approaches are redefining cybersecurity while also introducing new vulnerabilities that demand careful governance. The authors provide a detailed picture of how AI is being deployed to counter modern cyber threats and where future research must focus.

Why traditional cybersecurity defenses are falling behind Signature-based malware detection, static rule sets, and manually engineered features were designed for an earlier era of computing. Today’s threat landscape is shaped by high-dimensional data, encrypted traffic, cloud-native architectures, and rapidly mutating attack vectors.

Attackers now exploit artificial intelligence to automate reconnaissance, generate evasive malware variants, and craft adversarial inputs that bypass detection systems. This evolution places defenders at a structural disadvantage if they rely on tools that cannot learn, adapt, and generalize. According to the study, the mismatch between threat complexity and defensive capability is widening, particularly as organizations adopt hybrid cloud, edge computing, and Internet of Things deployments.

AI offers a way to close that gap….

CEOs, security executives are divided on cyber risks of AI, survey finds

A survey released Friday by corporate insurer Axis Capital shows there’s a growing divide across the C-suite on how executives view the risks, rewards and impact of cutting-edge AI technology.

On one hand, artificial intelligence is rapidly improving cybersecurity defense technologies, but AI is also equipping cybercriminals with sophisticated tools and creating new risks.

“When you think about AI, it is not merely a cyber challenge. This technology presents unique burdens, liabilities, challenges and opportunities to CEOs and boards alike,” Axis CEO Vincent Tizzio told CNBC in an exclusive interview.

CISOs Rise in Rank as Cyber Risk Reaches the Boardroom

CISOs are continuing to see their positions within organizations rise. With increasing cybersecurity complexities and cyber threats, CISOs are now expected to not only play their long-held traditional technical roles, but also be digital risk strategists for their companies.

The shift has reached the point where more CISOs hold executive-level titles than those at the vice president or director levels, a first-time development outlined in a report released this week by cybersecurity consultancy IANS Research and Artico Search, an executive recruitment firm.

According to the 2026 State of the CISO Benchmark Report, in 2025, 47% of CISOs in larger enterprises carried executive-level titles, a 14-point jump from 33% in 2023. The growth is even greater in publicly traded companies, where there was a 21-point swing. In midsize and small organizations – those with less than $1 billion in revenue – the shift to executive-level titles was steadier, with a third of CISOs still holding director-level titles.

Cyber insurance could triple by 2030: Gallagher Re

The global cyber insurance market was estimated at about $16.9 billion in gross written premium for 2025 and “could reasonably scale” to between $30 billion and $50 billion by 2030, according to a report Tuesday by Gallagher Re.

The 2026 market size is forecast at $19.6 billion, according to Gallagher Re, the reinsurance business of broker Arthur J. Gallagher & Co.

North America is expected to continue to dominate the market, with a 60% to 70% share of premium, while Asia Pacific is expected to see the highest growth rates because of its “rapid digitization.”