Cybersecurity Brief — May 22, 2026

Federal cybersecurity policy faces competing pressures as state officials traveled to Washington this week requesting increased funding and staffing for programs including the State and Local Cybersecurity Grant Program (SLCGP) and CISA operations. Testimony from cyber leaders in Tennessee, New York, and Florida emphasized escalating threats against state and local governments, which often lack resources to defend critical infrastructure. The push comes as the Trump administration postponed signing a planned executive order on AI and cybersecurity amid concerns the regulatory framework could undermine U.S. competitiveness in artificial intelligence development.

New York's Department of Financial Services issued guidance warning regulated entities about heightened cybersecurity risks associated with frontier AI models, emphasizing that traditional vulnerability management and comprehensive security programs remain the foundation for defending against AI-enabled threats. Separately, Grafana confirmed it was compromised by the Coinbase Cartel ransomware group, with investigation ongoing into the scope and nature of data exfiltration. The incident adds to a growing list of software and service providers targeted by ransomware operators seeking high-value intellectual property and customer data.

Sources: DFS NY · GovTech · Yahoo · WSJ · SharkStriker