惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threatpost
aimingoo的专栏
aimingoo的专栏
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
Tailwind CSS Blog
J
Java Code Geeks
博客园_首页
Google Online Security Blog
Google Online Security Blog
Hugging Face - Blog
Hugging Face - Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
I
Intezer
P
Palo Alto Networks Blog
V
Vulnerabilities – Threatpost
雷峰网
雷峰网
O
OpenAI News
SecWiki News
SecWiki News
小众软件
小众软件
酷 壳 – CoolShell
酷 壳 – CoolShell
美团技术团队
N
News | PayPal Newsroom
Project Zero
Project Zero
Forbes - Security
Forbes - Security
IT之家
IT之家
A
Arctic Wolf
WordPress大学
WordPress大学
Jina AI
Jina AI
T
Tor Project blog
博客园 - 三生石上(FineUI控件)
S
Secure Thoughts
Google DeepMind News
Google DeepMind News
Attack and Defense Labs
Attack and Defense Labs
博客园 - 聂微东
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
P
Privacy International News Feed
Cloudbric
Cloudbric
G
GRAHAM CLULEY
博客园 - 叶小钗
H
Hacker News: Front Page
腾讯CDC
量子位
Help Net Security
Help Net Security
人人都是产品经理
人人都是产品经理
C
Cyber Attacks, Cyber Crime and Cyber Security
月光博客
月光博客
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
宝玉的分享
宝玉的分享
爱范儿
爱范儿
L
Lohrmann on Cybersecurity
Hacker News - Newest:
Hacker News - Newest: "LLM"
Recorded Future
Recorded Future
C
CERT Recently Published Vulnerability Notes

Cybersecurity Dive - Latest News

Dozens of Red Hat npm packages targeted in supply chain attack Turning tension into collaboration: How CIOs and CISOs can lead together Anthropic shares Mythos with 150 more organizations, including critical infrastructure operators Without strong governance, companies put credit ratings at risk in AI era CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation How Canva scaled to 260+M users while elevating security and productivity Top 4 data security best practices for the AI-enabled enterprise CISA urges security teams to check for software development compromises How CISOs can manage sovereign-cloud security risks IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities Enterprise data is creeping its way into shadow AI tools Coordinated operation takes down Glassworm botnet Leading AI models are more vulnerable to malicious prompts than vendors claim Iranian government, not hacktivist group, breached LA Metro system, security firm says FBI warns about PhaaS platform used to access Microsoft 365 environments Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages New York regulator calls for additional cyber mitigation amid heightened threat environment CISA asks cybersecurity community to alert it to vulnerability exploitation Grafana Labs links GitHub environment breach to TanStack npm supply chain attack 7-Eleven hit by data breach Microsoft disrupts cybercrime operation that hid behind legitimate software Compromised coding tool helped hackers breach thousands of GitHub repositories Telecom sector launches its own private ISAC Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN Grafana Labs says hacker gained access to codebase through leaked token How a government contest launched a revolution in AI-based bug hunting Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller MSPs need AI to fight AI-fueled cyberthreats: Guardz More money is going to physical security, but it’s often CISOs that oversee it: EY Frontier AI models reap rapid discovery of security vulnerabilities West Pharmaceutical starts restoring operations after ransomware attack Foxconn confirms cyberattack affecting some North American facilities OpenAI launches Daybreak to combat cyber threats Canvas owner reaches ‘agreement’ with threat actors after data breach Guardrail Technologies launches Traffic Light for Code & AI™; first security technology to verify & secure AI code and the people creating it Identity takes center stage as a leading factor in enterprise cyberattacks AI and an absent government: Takeaways from RSAC 2026 Second Canvas data breach causes major disruptions for schools, colleges AI used to develop working zero-day exploit, researchers warn New cybersecurity industry alliance aims to lead US critical infrastructure protection Identity is the new perimeter as rapid NHI proliferation threatens visibility and control Instructure confirms cybersecurity incident Anthropic’s Claude used in attempted compromise of Mexican water utility Businesses hide vast majority of ransomware attacks, report finds Palo Alto Networks warns state-linked cluster behind zero-day exploitation Businesses eager but unprepared for AI to transform their security strategies Iran-sponsored threat group behind false flag social engineering campaign NIST will test three major tech firms’ frontier AI models for cybersecurity risks Trellix investigating breach of source code repository CISA urges critical infrastructure firms to ‘fortify’ before it’s too late Critical vulnerability in cPanel leads to widespread exploitation New MOVEit vulnerabilities prompt urgent patch warning How OpenClaw’s agent skills become an attack surface White House questions tech industry on defensive AI use, cybersecurity resilience As email phishing evolves, malicious attachments decline and QR codes surge US and allies urge ‘careful adoption’ of AI agents PwC partners with Google Cloud to take on the managed security market US agencies promote zero-trust practices for operational technology networks CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog State CISOs losing confidence in ability to manage cyber risks ‘Fundamental tension’ undermines manufacturers’ cybersecurity North Korea-linked actor targets Web3 execs in social-engineering campaign US, UK authorities warn that Firestarter backdoor malware survives patching Major critical infrastructure supplier reports cyberattack When security becomes the attack surface: Why endpoint protection must evolve Hasbro expects March cyberattack to impact second-quarter revenue AI-written software creates hassles for wary security teams Iran-nexus threat groups refine attacks against critical infrastructure China disguises cyberattacks with ‘covert network’ botnets, US and allies warn Trump’s CISA director pick withdraws after tumultuous nomination Phishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco says Microsoft SharePoint vulnerability widely exposed across multiple countries CISA urges security teams to view environments following axios compromise Big banks seek to ease security worries as AI push accelerates CISA confirms exploitation of 3 more Cisco networking device vulnerabilities Stellantis teams with Microsoft to strengthen digital capabilities Vulnerability exploitation surges often precede disclosure, offering possible early warnings Vercel systems targeted after third-party tool compromised Beyond IT: Cybersecurity is a strategic business risk TP-Link routers face exploitation attempt linked to high-severity flaw US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms CIOs fret over rising security concerns amid AI adoption CISA cancels prestigious summer internships, citing government shutdown NIST limits vulnerability analysis as CVE backlog swells Medium-severity flaw in Microsoft SharePoint exploited FCC exempts Netgear from foreign router ban FCC signals continued commitment to Cyber Trust Mark program Brute-force cyberattacks originating in Middle East surge in Q1 CISOs see gaps in their incident response playbooks US, Indonesia shut down ‘sophisticated’ phishing kit Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign Stryker warns of earnings fallout from March cyberattack NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure Iran-linked hackers target water, energy in US, FBI and CISA warn React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data Olympic Games, FIFA World Cup offer huge platforms, rich cyberattack surface Threat cluster launches extortion campaign using social engineering CISA’s vulnerability scans, field support on chopping block in Trump budget
Infrastructure downtime has a $50k-per-hour price tag. It’s time to turn hours into minutes.
Tines · 2026-06-22 · via Cybersecurity Dive - Latest News

Network security teams have spent the last decade trying to solve detection. More tools, more AI, more coverage across cloud, on-premises and hybrid environments. And to a certain extent, it's worked - machine-learning tools and anomaly scoring have 'compressed identification times to minutes,' as a 2026 Computer Weekly report put it.

But faster detection doesn't always translate into faster response. The same analysis identified 'organisational latency - the delay between alert and authorisation' as still 'measured in hours or days.'

And that gap has a price tag. Infrastructure downtime still costs a minimum of $50,000 per hour, with 34% of organizations putting that figure at $100,000 or more, according to Business Wire.

Threats are moving at machine speed, but unfortunately for many teams, response isn't.

Three things standing in the way

1. Two teams, one problem - and no shared process

Network and security teams share the same infrastructure, the same threats and the same consequences when something goes wrong. But in most organizations, they don't share much else - different platforms, different workflows. The teams tasked with protecting the same systems often can't see what each other is doing.

When an incident occurs, that separation becomes expensive. Context has to be gathered manually across systems. Handoffs between teams introduce delays. Changes require approvals that move through disconnected tools. Every step of coordination that happens manually is a step that extends the window between detection and resolution.

The teams on the hook for fixing this aren't operating with spare capacity. On the contrary, 81%  of security professionals say their workloads have increased over the past year, per the Voice of Security 2026 report by Tines. Manual coordination across disconnected systems doesn't just introduce delays - it compounds them.

2. Alert volume that manual processes can't match

The scale of what teams must respond to has outpaced the processes built to handle it. Network security teams can face upwards of 1,000 incidents a day, each requiring manual research across multiple systems before any decision can be made.

And yet security teams still spend 44% of their time on manual or repetitive tasks that could be automated, according to the Voice of Security 2026 report by Tines and network professionals spend nearly 40% of their week on firewall management and provisioning alone, per IT Pro.

The investment has gone into detecting threats faster. The operational infrastructure to act on them at the same speed hasn't followed.

3. Automation that doesn't scale

Most organizations have some automation in place. The problem is the kind of automation they have. Custom scripts written by individual engineers handle specific tasks, but they don't coordinate across teams, they don't enforce governance and they don't survive the engineers who built them. When that person leaves, the automation either breaks or becomes a liability no one knows how to maintain.

This is one of the most common and underreported ways network security operations break down. Automation built around individuals rather than shared, orchestrated workflows creates single points of failure that quietly undermine response capability, often until an incident exposes them.

According to Gartner, 67% of enterprise network activity is still manual. For most organizations, the automation gap isn't theoretical. It's embedded in daily operations.

What turning hours into minutes looks like

The organizations closing the gap between detection and response share a common approach. They've moved from isolated automation - scripts, runbooks, tool-native triggers - to shared, orchestrated workflows that connect network and security functions end to end.

When an alert fires, context is gathered automatically. Severity is assessed. The right team is notified. Changes are validated, implemented and logged, without manual handoffs creating delays or gaps.

The goal here isn't autonomous security operations. It's operational infrastructure that moves at machine speed - governed, auditable and built for teams to work from together.

Ready to close the gap? Download Tines' Ultimate Guide to Network Operations for a five-step roadmap and join Sif Baksh and the team at Netskope on July 15 for a live webinar exploring what proactive response looks like in practice.