Is this email difficult to read? View it in a web browser. ›
The Wall Street Journal ProThe Wall Street Journal Pro

CybersecurityCybersecurity

Sponsored by Zscaler logo.

How Amazon Finds Its Cybersecurity Weak Spots

By Kim S. Nash
 

Hello. Many generally accepted cybersecurity benchmarks don’t mean much to Amazon.com. 

Amazon is so big, it had to come up with its own methods to understand its cyber risk, said Stephen Schmidt, chief security officer.

I talked with Schmidt recently about his approach to cyber metrics. Hint: Don't show him dashboards of formulas or performance averages. He wants a full range of real data, including outliers. Read the full story.

Also today: 

  • India wants cybersecurity app pre-installed on smartphones
  • CrowdStrike, Okta raise earnings forecasts 
  • U.S. Senate proposes more cuts to cyber programs
  • Security problems with Baxter International breathing device 
  • And more

 
 

‏‏‎ ‎
CONTENT FROM: ZSCALER
Is Your Cybersecurity Ready for AI?

AI is a risk multiplier, exploiting weaknesses in legacy systems like firewalls and VPNs at machine speed. Zscaler CEO Mr. Chaudhry and WSJ’s Ms. Mirchandani emphasize the urgency to act—Zero Trust + AI is essential to protect data, AI models and agents. Don’t let outdated architectures leave you vulnerable—embrace Zero Trust + AI now to stay resilient against evolving threats.

Watch the 3-minute video

 

More Cyber News

PHOTO: KENT NISHIMURA/REUTERS

A Senate appropriations bill would cut 7% of funding for the Office of the National Cyber Director, a key position that advises the White House on cyber issues. The bill would also cut funding for federal tech modernization projects to $5 million, from $75 million. Overall, the approach pushes cyber responsibilities to individual agencies, rather than shared across the federal government. (Gov Info Security)

Medical device recall: The Food and Drug Administration called for a permanent recall of Baxter International's Life2000 Ventilation System, citing a "cybersecurity issue." An unauthorized person could change the device's settings and access its data, causing "serious injury or death," the FDA said.

  • Baxter found the problems through internal testing and in April notified patients that they should discuss alternatives with their healthcare providers. (Healthcare Info Security)

India's government is demanding that Apple, Samsung and other manufacturers pre-install what officials call a safety app on all new smartphones within 90 days. The Sanchar Saathi app lets users disable lost smartphones and provides features for stopping scams. Privacy advocates have raised concerns that the app will allow the government to spy on residents. (Reuters)
 
Alt text.

The AI Cold War 

An escalating AI race between China and the U.S. is likely to be as consequential to world politics as the Cold War. Some worry the race to innovate will lead to loosening safety regulations.
Listen Now
 

“As after the 2008 financial crisis, regulators may need to designate 'systemically important manufacturers' and impose stricter resilience standards.”
— S. Alex Yang, professor of management science and operations at the London Business School, analyzing the aftermath of a cyberattack at Jaguar Land Rover that showed the fragility of the U.K.'s auto supply chain
 

Cyber Business
  • CrowdStrike Holdings raised its earnings forecast for fiscal 2026 to $3.70 to $3.72 per share, up from $3.60. CEO George Kurtz said fear of AI-powered cyberattacks is helping spur sales. "Now, just as anyone can use AI to vibe code and become a software engineer, anyone can now also vibe hack," he said. (Bloomberg)
  • Identity-management company Okta said its full-year earnings will beat Wall Street estimates, forecasting $3.43 and $3.44 per share, up from $3.33 to $3.38. (Reuters)
  • Threat-hunting startup Zafran Security raised $60 million in a Series C round led by Menlo Ventures. Zafran, based in New York, uses AI agents to identify tech inventory, assess the impact of patches and fix vulnerabilities automatically. The company has raised $130 million since its founding in 2022. (SecurityWeek)
 

About Us

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten and James Rundle. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.
 
Share this email with a friend.
Forward ›
Forwarded this email by a friend?
Sign Up Here ›
 
Desktop, tablet and mobile. Desktop, tablet and mobile.
Access WSJ‌.com and our mobile apps. Subscribe
Apple app store icon. Google app store icon.
Unsubscribe   |    Newsletters & Alerts   |    Contact Us   |    Privacy Notice   |    Cookie Notice
Dow Jones & Company, Inc. 4300 U.S. Ro‌ute 1 No‌rth Monm‌outh Junc‌tion, N‌J 088‌52
You are currently subscribed as [email address suppressed]. For further assistance, please contact Customer Service at pro‌newsletter@dowjones.com or 1-87‌7-975-6246.
Copyright 2025 Dow Jones & Company, Inc.   |   All Rights Reserved.
Unsubscribe