Is this email difficult to read? View it in a web browser. ›
The Wall Street Journal ProThe Wall Street Journal Pro

CybersecurityCybersecurity

Sponsored by Zscaler logo.

AI Is Forcing a Rethink in Cybersecurity

By Kim S. Nash
 

Hello. Anthropic’s new Project Glasswing and a February selloff of cyber stocks raise questions about whether some parts of the cybersecurity industry will survive. 

Bug hunting, identity and access management and other areas are ripe for disruption, WSJ Pro's James Rundle reports. Read our full story.

Also today: Pro-Iran hackers are undaunted by the precarious cease-fire and may even escalate their targeting of U.S. businesses and critical infrastructure.

Scroll down for details, and more news.
 

‏‏‎ ‎
CONTENT FROM: ZSCALER
Enterprise AI Use Rose 83% YoY: Can Security Keep Pace?

Enterprise AI is becoming always-on infrastructure, moving sensitive data at a speed that’s reshaping productivity and risk. Get the latest insights on balancing rapid adoption with AI security, the top threats to watch and what teams can do next in the ThreatLabz 2026 AI Security Report.

Read the report

 

Newsletter Extra: No Cease-Fire for Iran Hackers

A temporary cease-fire between the U.S. and Iran hasn’t curbed threats by Iran-linked hackers targeting water systems, power plants and other critical infrastructure in the U.S. and abroad.

“Cyber is the ultimate forever war,” said Marcus Fowler, chief executive of Darktrace Federal, a cybersecurity firm that works with the U.S. Defense Department, among other organizations. “It continues regardless of pauses in kinetic activity or shifts in geopolitical headlines,” Fowler said.

Businesses and infrastructure providers should expect Iran’s cyberwarfare tactics “to continue in the near term,” said Alex Orleans, head of threat intelligence at cybersecurity firm Sublime Security, and a veteran intelligence analyst specializing in Iranian cyber activity. That is especially so if discrepancies emerge over the terms of the cease-fire, she said.

On Telegram, an encrypted messaging app, the pro-Iran hacking group Handala said its operations remain active, posting that “the cyberwar did not begin with the military conflict and will not end with any military cease-fire,” according to threat intelligence firm Flashpoint.

Cyber company SonicWall said since the cease-fire was declared it continues to detect the type of online activity that federal officials have linked to Iran-affiliated hackers.

—Angus Loten

Read the full story at Dow Jones Risk Journal (gift link).
 

More Cyber News

PHOTO: CHRIS HELGREN/REUTERS

Hackers broke into corporate tech systems at Bitcoin Depot last month, stealing more than $3.6 million in cryptocurrency, the bitcoin ATM operator said Wednesday in a regulatory filing. The incident wasn't material to operations, but is likely material to the company's reputation and "legal, regulatory and response costs," Bitcoin Depot said.

Russian denial: State-sponsored hackers in Russia haven't teamed up with pro-Iran hackers, Maria ‌Zakharova, Russian ​Foreign Ministry spokeswoman, said. Cyber officials in Ukraine recently made the accusation. (Reuters)

Security improvements have led to less-frequent cyber insurance claims, according to Chubb. Large U.S. companies with more than $1 billion in annual revenue filed an average of 10 cyber claims per 100 policies last year, the insurance giant said. That's down from more than 15 in 2024. Chubb analyzed customer claims from 2020 through 2025. 

  • The severity of the claims, however, doubled. The average large-company claim last year was $4.4 million, up from $2.2 million in 2024.

“Trying to determine whether a cyberattack qualifies as an ‘act of war’ during a cease-fire is the kind of gray area that made the old [cyber insurance policy] language unworkable. The newer exclusions don’t require an act of war at all. They cover state-backed cyber operations regardless of whether there’s an active conflict. So any attack attributable to Iran would likely fall under the state-backed actor exclusion, whether there’s a cease-fire in place or not.”
— Dustin Carlson, president of SRA 831(b) Admin, a business self-insurance risk management firm
 

About Us

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten and James Rundle. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.
 
Share this email with a friend.
Forward ›
Forwarded this email by a friend?
Sign Up Here ›
 
Desktop, tablet and mobile. Desktop, tablet and mobile.
Access WSJ‌.com and our mobile apps. Subscribe
Apple app store icon. Google app store icon.
Unsubscribe   |    Newsletters & Alerts   |    Contact Us   |    Privacy Notice   |    Cookie Notice
Dow Jones & Company, Inc. 4300 U.S. Ro‌ute 1 No‌rth Monm‌outh Junc‌tion, N‌J 088‌52
You are currently subscribed as [email address suppressed]. For further assistance, please contact Customer Service at pro‌newsletter@dowjones.com or 1-87‌7-975-6246.
Copyright 2026 Dow Jones & Company, Inc.   |   All Rights Reserved.
Unsubscribe