Articles about Risk Management

Cybersecurity is a high priority for organizations, yet often they're unsure if they're focusing their effort in the right places, and spending too much or too little on protecting themselves.

Robin Oldham, CEO of Cydea, believes current methods of understanding cyber risk are outdated and misrepresent risk and lead to misunderstandings that only promote fear, uncertainty and doubt. We spoke to him to find out what can be done to change this mindset and approach.

Continue reading →

A new study from cloud-based risk management platform AuditBoard finds 78 percent of organizations are tracking AI as an emerging risk while simultaneously adopting the technology themselves.

The report, based on a survey of over 400 security professionals in the US, finds more than half of enterprises surveyed report using AI to improve efficiency and enhance their digital risk posture.

Continue reading →

Two-thirds of organizations responding to a new survey list cyber risk concerns as the most important drivers for implementing a zero-trust strategy.

A new report from the Entrust Cybersecurity Institute, based on research by the Ponemon Institute, shows the pattern is even more pronounced in the US, with 50 percent of organizations citing cyber breach risk and 29 percent reporting the expanding attack surface for a combined total of 79 percent.

Continue reading →

A new report finds that 85 percent of executives surveyed believe computing innovation is
increasing risk.

The report from LevelBlue also shows 74 percent think the opportunity of computing innovation outweighs the corresponding increase in cybersecurity risk -- making cyber resilience nearly impossible to achieve.

Continue reading →

A new study from Barracuda Networks finds just 43 percent of organizations surveyed have confidence in their ability to address cyber risk, vulnerabilities, and attacks.

The findings also show that many organizations find it hard to implement company-wide security policies such as authentication measures and access controls. 49 percent of the smaller to mid-sized companies surveyed listed this as one of their top two governance challenges.

Continue reading →

Large businesses are finding it significantly more difficult to manage their cybersecurity than their smaller counterparts, according to new research from passwordless authentication company IDEE.

Based on a survey of more than 500 IT and cybersecurity professionals within UK businesses, the data reveals that 74 percent of respondents from large businesses (more than 500 employees) believe it has become far more challenging to defend against cyber attacks since the Covid-induced rise of remote and hybrid working.

Continue reading →

Zero trust is no longer a 'nice to have' for cybersecurity leaders. As organizations embrace hybrid and remote workforces, the volume of cyberattacks and data breaches involving unauthorized access to networks, applications and systems has surged.

In response, cybersecurity leaders are striving to adopt a zero trust approach to security to reduce the risk of data breaches, ransomware and insider threats. However, the success of these efforts are being undermined by a variety of factors.

Continue reading →

The cybersecurity landscape is changing all the time and security teams are constantly searching for anything that can give them an edge in defending their systems.

We spoke to Rajeev Gupta, co-founder and chief product officer at insurance specialist Cowbell Cyber, about cyber risk assessment and how it can help businesses understand their level of risk and improve it to stay ahead of bad actors and threats like phishing attempts.

Continue reading →

A new report shows that as the severity and sophistication of cyberattacks has increased along with the financial consequences, many companies have been prompted to invest in or review their cybersecurity insurance.

The study of over 600 IT security professionals, conducted by the Ponemon Institute for Recast Software, shows 41 percent say their organization has experienced an increase in the number of cybersecurity incidents in 2023, 61 percent say the total cost of these attacks had averaged $21 million, and 75 percent say their cybersecurity exposure would increase or at best stay the same in the coming year.

Continue reading →

One of the biggest issues when dealing with security risks is the time that it takes to address problems when they come to light.

We spoke to Yoran Sirkis, CEO of remediation operations specialist Seemplicity, to discuss why there's an issue and how workflow problems around responding to risks can be improved.

Continue reading →

The healthcare sector is particularly attractive to cybercriminals due to the amount of personal data held and the critical nature of many systems.

We spoke to Shankar Somasundaram, CEO of IoT risk management platform Asimily, to discuss healthcare systems and the challenges involved in securing them.

Continue reading →

Over the last two years, the average organization's cybersecurity program was prepared to preventively defend against, or block, just 57 percent of the cyberattacks it encountered. This means 43 percent of attacks launched are successful and need to be remediated after the fact.

This is among the findings of a new report from Tenable, based on a survey of over 800 IT and cybersecurity leaders carried out by Forrester Consulting.

Continue reading →

Attackers are always looking for routes that will offer them a way into organizations' networks. New research released today by Armis shows the devices that are most likely to pose a threat.

Interestingly the list includes various personal devices as well as business assets, suggesting attackers care more about their potential access to assets rather than the type and reinforcing the need for security teams to account for all physical and virtual assets as part of their security strategy.

Continue reading →

Businesses are struggling to understand their cyber risks, with 66 percent of respondents to a new survey indicating that they have limited visibility and insight into their cyber risk profiles.

The survey, conducted by Censuswide for Critical Start, shows 67 percent of organizations have experienced a breach requiring attention within the last two years despite having traditional threat-based security measures in place.

Continue reading →

There tends to be some confusion about where cyber risk ends and where IT risk starts and the terms are often used interchangeably.

We spoke to Gary Lynam, head of ERM advisory at risk management specialist Protecht, to find out more about understanding and managing the different types of risk that enterprises face.

Continue reading →