惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

V2EX - 技术
V2EX - 技术
T
Troy Hunt's Blog
The Last Watchdog
The Last Watchdog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
S
Secure Thoughts
Hacker News - Newest:
Hacker News - Newest: "LLM"
WordPress大学
WordPress大学
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
博客园 - 司徒正美
TaoSecurity Blog
TaoSecurity Blog
博客园 - Franky
有赞技术团队
有赞技术团队
Google Online Security Blog
Google Online Security Blog
罗磊的独立博客
L
LINUX DO - 最新话题
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
NISL@THU
NISL@THU
小众软件
小众软件
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Recent Commits to openclaw:main
Recent Commits to openclaw:main
K
Kaspersky official blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
W
WeLiveSecurity
SecWiki News
SecWiki News
Google DeepMind News
Google DeepMind News
O
OpenAI News
V
V2EX
AI
AI
博客园_首页
Apple Machine Learning Research
Apple Machine Learning Research
大猫的无限游戏
大猫的无限游戏
美团技术团队
C
Cyber Attacks, Cyber Crime and Cyber Security
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Security Archives - TechRepublic
Security Archives - TechRepublic
博客园 - 三生石上(FineUI控件)
G
GRAHAM CLULEY
月光博客
月光博客
T
Threatpost
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
V
Vulnerabilities – Threatpost
Last Week in AI
Last Week in AI
爱范儿
爱范儿
C
CXSECURITY Database RSS Feed - CXSecurity.com
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Cloudbric
Cloudbric
酷 壳 – CoolShell
酷 壳 – CoolShell
The Hacker News
The Hacker News
N
News | PayPal Newsroom
Know Your Adversary
Know Your Adversary

Cybersecurity Dive - Latest News

Dozens of Red Hat npm packages targeted in supply chain attack Turning tension into collaboration: How CIOs and CISOs can lead together Trump signs EO seeking early government access to powerful AI models Anthropic shares Mythos with 150 more organizations, including critical infrastructure operators Without strong governance, companies put credit ratings at risk in AI era CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation How Canva scaled to 260+M users while elevating security and productivity Top 4 data security best practices for the AI-enabled enterprise CISA urges security teams to check for software development compromises How CISOs can manage sovereign-cloud security risks IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities Enterprise data is creeping its way into shadow AI tools Coordinated operation takes down Glassworm botnet Leading AI models are more vulnerable to malicious prompts than vendors claim Iranian government, not hacktivist group, breached LA Metro system, security firm says FBI warns about PhaaS platform used to access Microsoft 365 environments Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages New York regulator calls for additional cyber mitigation amid heightened threat environment CISA asks cybersecurity community to alert it to vulnerability exploitation Grafana Labs links GitHub environment breach to TanStack npm supply chain attack 7-Eleven hit by data breach Microsoft disrupts cybercrime operation that hid behind legitimate software Compromised coding tool helped hackers breach thousands of GitHub repositories Telecom sector launches its own private ISAC Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN Grafana Labs says hacker gained access to codebase through leaked token How a government contest launched a revolution in AI-based bug hunting Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller MSPs need AI to fight AI-fueled cyberthreats: Guardz More money is going to physical security, but it’s often CISOs that oversee it: EY Frontier AI models reap rapid discovery of security vulnerabilities West Pharmaceutical starts restoring operations after ransomware attack Foxconn confirms cyberattack affecting some North American facilities OpenAI launches Daybreak to combat cyber threats Canvas owner reaches ‘agreement’ with threat actors after data breach Guardrail Technologies launches Traffic Light for Code & AI™; first security technology to verify & secure AI code and the people creating it Identity takes center stage as a leading factor in enterprise cyberattacks AI and an absent government: Takeaways from RSAC 2026 Second Canvas data breach causes major disruptions for schools, colleges AI used to develop working zero-day exploit, researchers warn Identity is the new perimeter as rapid NHI proliferation threatens visibility and control Instructure confirms cybersecurity incident Anthropic’s Claude used in attempted compromise of Mexican water utility Businesses hide vast majority of ransomware attacks, report finds Palo Alto Networks warns state-linked cluster behind zero-day exploitation Businesses eager but unprepared for AI to transform their security strategies Iran-sponsored threat group behind false flag social engineering campaign NIST will test three major tech firms’ frontier AI models for cybersecurity risks Trellix investigating breach of source code repository CISA urges critical infrastructure firms to ‘fortify’ before it’s too late Critical vulnerability in cPanel leads to widespread exploitation New MOVEit vulnerabilities prompt urgent patch warning How OpenClaw’s agent skills become an attack surface White House questions tech industry on defensive AI use, cybersecurity resilience As email phishing evolves, malicious attachments decline and QR codes surge US and allies urge ‘careful adoption’ of AI agents PwC partners with Google Cloud to take on the managed security market US agencies promote zero-trust practices for operational technology networks CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog State CISOs losing confidence in ability to manage cyber risks ‘Fundamental tension’ undermines manufacturers’ cybersecurity North Korea-linked actor targets Web3 execs in social-engineering campaign US, UK authorities warn that Firestarter backdoor malware survives patching Major critical infrastructure supplier reports cyberattack When security becomes the attack surface: Why endpoint protection must evolve Hasbro expects March cyberattack to impact second-quarter revenue AI-written software creates hassles for wary security teams Iran-nexus threat groups refine attacks against critical infrastructure China disguises cyberattacks with ‘covert network’ botnets, US and allies warn Trump’s CISA director pick withdraws after tumultuous nomination Phishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco says Microsoft SharePoint vulnerability widely exposed across multiple countries CISA urges security teams to view environments following axios compromise Big banks seek to ease security worries as AI push accelerates CISA confirms exploitation of 3 more Cisco networking device vulnerabilities Stellantis teams with Microsoft to strengthen digital capabilities Vulnerability exploitation surges often precede disclosure, offering possible early warnings Vercel systems targeted after third-party tool compromised Beyond IT: Cybersecurity is a strategic business risk TP-Link routers face exploitation attempt linked to high-severity flaw US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms CIOs fret over rising security concerns amid AI adoption CISA cancels prestigious summer internships, citing government shutdown NIST limits vulnerability analysis as CVE backlog swells Medium-severity flaw in Microsoft SharePoint exploited FCC exempts Netgear from foreign router ban FCC signals continued commitment to Cyber Trust Mark program Brute-force cyberattacks originating in Middle East surge in Q1 CISOs see gaps in their incident response playbooks US, Indonesia shut down ‘sophisticated’ phishing kit Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign Stryker warns of earnings fallout from March cyberattack NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure Iran-linked hackers target water, energy in US, FBI and CISA warn React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data Olympic Games, FIFA World Cup offer huge platforms, rich cyberattack surface Threat cluster launches extortion campaign using social engineering CISA’s vulnerability scans, field support on chopping block in Trump budget
New cybersecurity industry alliance aims to lead US critical infrastructure protection
Eric Geller · 2026-05-11 · via Cybersecurity Dive - Latest News

As some of the organizations that run essential services in the U.S. lose faith in the federal government’s willingness and ability to help them, a few of the biggest critical infrastructure operators are taking matters into their own hands to improve coordination — and prepare for a major crisis.

In February, a coalition that includes corporate titans JPMorgan Chase, Mastercard, AT&T and Berkshire Hathaway Energy launched the Alliance for Critical Infrastructure (ACI), vowing to take the lead in helping infrastructure sectors work more closely together to understand and mitigate the shared cybersecurity risks they face. Reading between the lines, the message was clear: The critical infrastructure community, increasingly alarmed at the Trump administration’s retreat from decades-long partnerships, is trying to fill the growing void of coordination and leadership.

Government budget cuts and personnel losses have made it much harder for agencies to support and advise infrastructure operators, and the White House has encouraged states to take over historically federal responsibilities for protecting local utilities. Amid those changes, infrastructure firms like the ones that founded the ACI say the private sector must step up.

Ben Flatgard, the ACI’s chairman, noted that the private sector manages the vast majority of U.S. infrastructure. “We can’t outsource that responsibility or the risk management practices that come along with it,” he said in an interview with Cybersecurity Dive. “We need to own the solution for that as well.”

Many experts say that while the government must retain a leadership role in protecting critical infrastructure, it’s a good sign that private companies want to assume more of the burden.

“If the private sector does not step up to self-organize,” said Brian Harrell, a former assistant director for infrastructure security at the Cybersecurity and Infrastructure Security Agency (CISA), “the nation faces a period of unprecedented visibility gaps in its most vital systems.”

‘Changing landscape’ after government cutbacks

The ACI is an evolution of the Tri-Sector Executive Working Group, which united energy, financial services and telecommunications industry leaders and served as a key private sector voice during both the Biden and first Trump administrations. Tri-sector leaders shaped executive-branch policies and legislation, including the influential recommendations of the congressionally chartered Cyberspace Solarium Commission. But despite helping Washington make progress, the companies continually fretted over the fact that infrastructure protection remained heavily siloed.

“We still weren’t getting to the cross-sector component, and we were [just] in our verticals,” Michele Guido, the ACI’s executive director, said in an interview.

Many infrastructure operators, especially the best-resourced ones, have “gotten really good within our silos,” said Flatgard, who leads cybersecurity policy for JPMorgan Chase. But individual corporate efforts won’t be enough to confront a truly wide-ranging crisis, he added. 

The ACI was formed “to start building those bridges between our sectors,” Flatgard said, because “there’s serious dependencies that we have on the others to operate our essential services.”

The second Trump administration’s changes to longstanding public-private partnerships also helped spur the companies to build something new.

Throughout 2025, the Trump administration purged CISA, eliminated a public-private coordination channel known as the Critical Infrastructure Partnership Advisory Council and considered shutting down the Federal Emergency Management Agency. “You just had a changing landscape,” said Guido, the strategic security policy director at the energy giant Southern Company.

Infrastructure operators saw the government stepping back and felt a new sense of urgency to move from a supporting role to a leading one.

To that end, the companies in the tri-sector restructured their group as a nonprofit that could recruit more members. The ACI is now creating working groups, defining pilot projects and reviewing membership applications. In addition to its formal members, the group will collaborate with government agencies, sector coordinating councils (SCCs), information sharing and analysis centers (ISACs) and cybersecurity think tanks.

The ACI won’t be a sprawling organization, however. Its leaders want to carefully choose a selection of infrastructure operators with the resources to contribute to its projects. At the same time, the group wants to consult with a wide range of organizations, including small utilities that may have something to teach the bigger players.

“Some of them may be less sophisticated in cyber,” Flatgard said, “but most of them are really good at responding to crises within their business and within their area of expertise. I think we have a lot to learn from those.”


“Who’s making key decisions on that bad day, from the critical infrastructure perspective? We have continuity of government, but what does continuity of critical infrastructure look like?”

Michele Guido

Executive Director, Alliance for Critical Infrastructure


Four-part strategy

Over the next 18 months, ACI members will dive into activities that support the four pillars of the group’s strategic plan.

The first pillar will focus on analyzing cross-sector dependencies — the organizations that support essential services in multiple sectors. “Within the verticals, you have all these plans, but no plans really come together to understand the cross-sector component,” Guido said. The ACI plans to publish a white paper offering a high-level overview of how each sector operates and how multiple sectors can work together, which will help infrastructure operators better understand each others’ needs.

The strategy’s second pillar will test ways to unite infrastructure sectors in responding to a “polycrisis” — a national-level emergency that simultaneously threatens a wide range of infrastructure, with both physical and digital consequences. “We want to develop an operational national response event protocol,” Guido said. “Who's making key decisions on that bad day, from the critical infrastructure perspective? We have continuity of government, but what does continuity of critical infrastructure look like?”

Success in this area would mean that infrastructure operators could “work through the fog of war” and smoothly take steps to maintain, rebuild and restart vital services, Flatgard said.

As part of this pillar, Guido said, the ACI is working with CISA to expand the agency’s cybersecurity incident-response playbooks to reflect cross-sector cooperation.

The third pillar addresses the private sector’s operational support to the government on countering adversaries’ malicious activities, including through expanded information-sharing. The fourth pillar deals with advising policymakers on legislation and regulation, which the ACI’s leaders said will remain important even as companies do more on their own.

A logo reading "JPMorgan Chase & Co." hangs over a set of doors, along with the street address "383 Madison Avenue."

JPMorgan Chase is a founding member of the ACI.

Michael M. Santiago via Getty Images

‘That’s not how we plan’

The emphasis on cross-sector dependencies — areas of risk that no sector can fully understand or mitigate alone — distinguishes the ACI from other groups. ACI members will focus on evaluating the technologies that invisibly underpin multiple aspects of daily life, from the GPS satellites essential to smartphones, airplanes and tractors, to the undersea cables that connect AI and cloud computing data centers around the world.

The resulting analyses could help businesses across the critical infrastructure community better prepare for major cybersecurity incidents.

Natnael Habtesion, the chief security officer at ACI founding member Lumen Technologies, said the new group’s “recognition that threats to one sector rarely stay contained and can have adjacent impacts” is its unique value.

The ACI is especially focused on collaborative planning for a polycrisis. Guido conjured the image of a natural disaster that affects a region of the U.S. at the same time that it’s hit with a major cyberattack. “That's not how we plan,” she said.

In the tri-sector’s annual exercises over the past few years, infrastructure operators realized that the same strategies they used to prepare for, say, a geographically limited Category 5 hurricane weren’t very useful in a polycrisis. An environment of multiple simultaneous emergencies “stretches our capacity really thin,” Flatgard said.

Taking initiative, with allies and limitations

While the ACI is still in its infancy, it’s already thinking about how to test the ideas its members come up with. That could include regional pilot programs — on topics such as incident response, information sharing and service restoration — involving the most important organizations in a specified area, from water treatment plants to health clinics to military bases.

Partnerships with sector-specific groups will be critical to the ACI’s success. The group has already been talking to ISACs and SCCs to reassure them that it understands their role. “We don’t want this to be duplicative of existing sector functions and apparati,” Flatgard said.

Errol Weiss, the Health-ISAC’s chief security officer, said it was essential for the ACI to integrate with information-sharing groups like his. ISACs “already provide operational threat intelligence and sector‑specific context,” he said. “Duplicating or bypassing that ecosystem would risk confusion for operators.”


“This is a great time for this conversation about the resilience of the technology infrastructure that underpins all of the sectors that the country relies upon.”

Ben Flatgard

Chairman, Alliance for Critical Infrastructure


The ACI’s leaders also want a strong relationship with federal agencies. “We need the government’s help to be successful,” Flatgard said.

CISA recently published guidance to infrastructure operators on maintaining services during a crisis. The agency also plans to assess operators’ resilience through targeted engagements, but CISA’s staffing cuts may limit the scale of that work.

In addition, broader government-industry relationships are currently suffering in the absence of the Critical Infrastructure Partnership Advisory Council (CIPAC) framework, which let government and industry leaders meet privately without antitrust concerns. The Trump administration abruptly eliminated CIPAC with little explanation, and while DHS is developing a replacement, the government isn’t answering infrastructure operators’ questions about it.

“We still have to keep marching forward,” Guido said. The ACI wants a CIPAC replacement, “but I don’t think we can let it deter us at this point.”

The absence of strong federal partnerships will inevitably hamper companies’ work, experts said. 

“Independent industry alliances could theoretically move faster than federal bureaucracy, addressing interconnected risks,” Harrell said, but “without federal oversight, these groups lack the sovereign intelligence feeds and antitrust immunity that once anchored their operations.”

ACI leaders said they recognized those challenges. But as their group gets off the ground, they also said they saw lots of opportunities to play a productive role.

“This is a great time for this conversation about the resilience of the technology infrastructure that underpins all of the sectors that the country relies upon,” Flatgard said. “There’s gonna be some hard truths within our own companies as well in terms of what this means, but that’s why we're forming this group.”