-
Jan 20, 2025 | 
risk-academy.ru | Cyber Risks
Ransomware is the top organizational cyber risk this year, the World Economic Forum said in its Global Cybersecurity Outlook for 2025. Nearly half of all respondents to the annual global survey said a ransomware attack concerns them the most. While ransomware ranked as the top cyber risk among CEOs and CISOs, the report found a significant gap in the level of concern between the executive roles.
-
Jan 19, 2025 | 
risk-academy.ru | Cyber Risks
What Role Does Proactive Handling of Cloud Identities Play in Avoiding Breaches? As cybersecurity experts, we are vested in the responsibility of providing guidance and oversight to other professionals in the cybersecurity sphere. A topic that has been gaining traction in recent years is Non-Human Identities (NHIs) and Secrets Security Management. NHIs are machine identities used in cybersecurity, combined with a “Secret” – an encrypted identifier and the permissions granted to them by a server.
-
Jan 19, 2025 | 
risk-academy.ru | Cyber Risks
As the industrial cybersecurity scene prepares to converge next month for S4x25 at the JW Marriott Water St, Tampa, Florida, Industrial Cyber connected with Dale Peterson, founder of the S4xEvent and CEO/catalyst at Digital Bond, to discuss the event agenda, how the cybersecurity challenges facing the industry are evolving and why OT (operational technology) security training is critical.
-
Jan 19, 2025 | 
risk-academy.ru | Cyber Risks
Guest blog courtesy of CYRISMA. Gartner defines cyber risk quantification (CRQ) as “a method for expressing risk exposure from interconnected digital environments to the organization in business terms.” The most straightforward of “business terms” to use in this context is currency. While risk scores and grades help, especially when comparing risk exposure across different time periods and digital environments, risk expressed in monetary terms speaks straight to the business bottom line.
-
Jan 18, 2025 | 
risk-academy.ru | Cyber Risks
Using phishing emails and zero-day exploits, China’s cyber-operations groups targeted Taiwanese organizations — including government agencies, telecommunications firms, and transportation — with significantly higher volumes of attacks in 2024.
-
Jan 18, 2025 | 
risk-academy.ru | Cyber Risks
CFOs for middle-market firms commonly report that cybersecurity risks are a threat. The stakes are even greater for firms operating in environments with high uncertainty. Twice as many of these firms report significant concerns about cybersecurity threats than the average (88% versus 42%). Firms operating with high uncertainty contend with changes outside of their control: fluctuating demand, supply chain disruptions or macroeconomic volatility, to name a few.
-
Jan 18, 2025 | 
risk-academy.ru | Cyber Risks
The White House rolled out a highly anticipated executive order on Thursday to combat a rising level of sophisticated attacks targeting U.S. government agencies, critical infrastructure providers and high-profile individuals by state-linked threat groups and other malign actors. The executive order will give the U.S. more authority to level sanctions against malicious actors that have disrupted hospitals and other critical providers.
-
Jan 17, 2025 | 
risk-academy.ru | Cyber Risks
Cybersecurity is facing a crisis, and it’s time we stopped avoiding it. It doesn’t matter that adversaries are more aggressive and savvy, the way we’re talking about them is a bigger part of the problem, writes John Kindervag, Chief Evangelist at Illumio. We’ve clung onto the concept of “risk management” for too long now, a term couched around calculated probabilities and acceptable losses. It’s a reassuring framing that offers a sense of control. But it fosters complacency.
-
Jan 17, 2025 | 
risk-academy.ru | Cyber Risks
The Federal Communications Commission on Thursday made good on a pledge it made last month to strengthen rules requiring telecom operators to secure their networks from attack or intercept. The declaratory ruling, which took effect immediately, clarifies that telecom operators are legally obligated to secure networks under Section 105 of the Communications Assistance for Law Enforcement Act.
-
Jan 17, 2025 | 
risk-academy.ru | Cyber Risks
The Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity includes guidance on third-party risk management and the need to adopt proven security practices to gain visibility of security threats across network and cloud infrastructure. Here we highlight six key provisions and offer guidance on how federal agencies can prepare. On Jan. 16, the Biden Administration released the Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity.
