Security news aggregator

Latest coverage for Strategy

Cybersecurity strategy guides how organizations prioritize risks, protect critical systems, and prepare for incidents, recovery, and resilience.

907 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Security strategy is the long-term direction an organization uses to manage information-security risk and support its business objectives. It sets priorities for protecting systems and data, assigns decision-making authority, defines acceptable risk, and guides investment in controls, skills, architecture, and suppliers. A sound strategy turns risk assessments and threat intelligence into measurable security outcomes rather than a disconnected list of tools.

For practitioners, strategy determines which assets and attack paths receive priority in vulnerability management, how privacy and regulatory obligations shape data handling, and what capabilities must exist for detection, containment, recovery, and testing. It should account for dependencies such as cloud services, software providers, identities, and legacy systems, while establishing review points as technology, threats, and business operations change. Effective governance links these choices to owners, budgets, metrics, and documented exceptions.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 907

Military forces are under increasing pressure to field autonomous capabilities faster than ever before. Across the U.S., UK, and NATO, new investment, evolving defense strategies, and accelerated acquisition pathways are transforming how capability is delivered, rewarding programs that can move from concept to operational deployment at commercial speed

Also: Oracle Suit Points to AI Revenue Forecasting Risk; the AI Sovereignty PushIn this week's panel, four editors discussed the growing role of artificial intelligence in U.S. federal government cybersecurity, Oracle's investor lawsuit over its projected cloud sales to frontier AI lab OpenAI and what AI sovereignty means for enterprises.

Bank Info Security 1 week, 1 day ago

European Patience With Cybersecurity Laggards Snaps

European Commission Sues 4 Countries for Not Implementing NIS2The European Commission is cracking down on Spain, France and other countries for failing to implement or abide by cybersecurity legislation. NIS2 forces the EU's member states to publish national cybersecurity strategies and boost the protection of critical infrastructure across sectors.

Delayed Rollout Highlights Enterprise Risk as Frontier AI Becomes Strategic InfrastructureOpenAI’s GPT-5.6 is slated for public release Thursday after federal testing and a limited preview. The rollout underscores how frontier artificial intelligence access is becoming a governance, cybersecurity and operational risk issue for enterprises.

Bank of Ireland's Francis Gorman Shares Strategies for Successful Quantum MigrationMost organizations give the migration to quantum-safe cryptography to the CISO. But that puts a cross-business change in the wrong hands. Accountability belongs with senior leaders who can influence the whole enterprise, says Francis Gorman, head of Bank of Ireland's security center of excellence.

Threat Actor Silently Forwarded Sensitive Emails Matching Strategic TopicsGoogle says Chinese espionage group UNC6508 compromised REDCap environments at North American research institutions, deployed custom malware, stole credentials and covertly forwarded strategically relevant emails through abused compliance rules to support long-term intelligence collection.

Krebs on Security 1 month, 1 week ago

Who Runs the Ransomware Group ‘The Gentlemen?’

A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group.

University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, generate tailored attack strategies for each target it encounters, and replicate itself, all without human intervention and without touching a commercial AI service

Bank Info Security 1 month, 1 week ago

AI Exploit Risks Pushing Healthcare Security Shift

MultiCare Health CISO Jason Elrod on Need for Faster Cyber ResilienceEmerging AI tools can identify and exploit software vulnerabilities within minutes, forcing healthcare organizations to rethink cyber strategies. Jason Elrod, CISO of MultiCare Health System, explains why exploitability management, microsegmentation and AI-driven resilience matter more than ever.

Bank Info Security 1 month, 1 week ago

ISMG Editors: Wrapping Up Infosecurity Europe 2026

Conference Highlights AI Maturity, Agentic Risks and Human Factors in CybersecurityISMG editors reflect on key themes from Infosecurity Europe 2026, including AI's role from buzzword to business strategy, the risks of agentic systems in critical infrastructure and why human-to-human trust is emerging as a defining factor in cybersecurity.

Bank Info Security 1 month, 2 weeks ago

TCS and Mistral AI Sign Strategic Partnership

TCS to Build and Deploy Custom AI Models Using Mistral ForgeTata Consultancy Services struck a strategic partnership with Mistral AI, making it the first global systems integrator to deliver Mistral Forge to enterprise clients, the Indian and French companies announced this week. The deal hands TCS access to Paris-based Mistral's frontier models.

Loading more headlines...