Skip to main content

Tag: cyber risk

27 articles

Cybersecurity workstation with laptop and threat intelligence reports nearby.

Criminal IP Enhances OpenCTI with Contextual Threat Intelligence Integration

Unlock the full potential of your threat intelligence with Criminal IP's integration with OpenCTI, providing rich contextual insights to supercharge investigation, correlation, and decision-making. By adding dual-perspective risk scoring, analysts gain a more nuanced view of IP risks, with separate signals for inbound and outbound threats.

Analyst 207
Empty conference room with laptop and papers on a wooden table, overlooking a blurred cityscape through a window.

Cybersecurity Awareness Outpaces Resilience

Despite having a high awareness of cyber risks, many organizations are struggling to build operational resilience, with gaps in visibility, capability, priorities, and culture hindering their ability to effectively manage threats. The 2026 Bitdefender Cybersecurity Assessment reveals a concerning disconnect between knowing the risks and taking action to mitigate them.

Analyst 207
Security professional stands before rows of computer screens, focused on a blank whiteboard.

Threat Management Fails to Keep Pace with Visibility Gains

Most organizations are drowning in threat intelligence, with an average of 14 distinct feeds, yet struggle to turn that visibility into action, with 61% unable to identify which vulnerabilities are most likely to be exploited. As a result, security teams waste 42% of their time on low-priority risks, highlighting a critical gap between threat awareness and effective management.

Analyst 207
Experts in a meeting room with whiteboards, laptops, and notebooks, collaborating near a window.

Experts Push for Standardized AI Model Inventories to Mitigate Cyber Risk

Experts warn that without standardized AI model inventories, we risk a chaotic "fire, ready, aim" approach, where multiple incompatible solutions create more cyber threats than they mitigate. A new policy paper proposes an AI bill of materials (AIBOM) as a crucial step towards reducing cyber risk and improving transparency.

Analyst 207
Business executive presenting to an audience in a modern boardroom.

Boards Urged to Prioritize Cyber Risk Quantification

To make cyber risk more tangible and actionable, boards are advised to prioritize quantifying it in terms of dollar value, allowing managers across the organization to understand and address potential threats more effectively. By translating cyber risk into a clear financial impact, companies like BP are better equipping themselves to manage and mitigate digital threats.

Analyst 207
Risk analyst examines supply chain data on tablet in industrial setting.

Vulnerabilities Dwindle to Manageable Number in Supply Chain Risk Landscape

The good news on supply chain risk: out of 1,200 high-priority vulnerabilities in 2025, only 58 proved both highly exposed and easily exploitable, making them a manageable threat. By focusing on these urgent few, organizations can tackle their most immediate and impactful risks.

Analyst 207
Hospital corridor with healthcare professionals and a laptop on a cart, soft natural daylight from large windows.

AI Tools Expose Healthcare to Rising Cyber Risk

The healthcare sector faces a rising cyber risk with the emergence of advanced AI tools like Anthropic's Claude Mythos, which could exponentially speed up vulnerability detection and exploitation. A leak of this powerful technology could create a force multiplier for cybercriminals, putting healthcare CISOs and security teams on high alert.

Analyst 207
Government officials gather around a laptop displaying code, showing interest and concern.

House Panel Scrutinizes Anthropic's Mythos Amid Cyber Risk Concerns

A recent closed-door briefing by Anthropic showed lawmakers firsthand how its advanced AI model, Mythos, can swiftly identify and reason through software vulnerabilities, highlighting the urgent need for federal agencies to access cutting-edge US models to stay ahead of cyber threats. This live demo reinforced the importance of responsible access to advanced AI for civilian cyber defenders to find and patch vulnerabilities before they can be exploited.

Analyst 207
Modern financial district with sleek skyscrapers and a laptop in the foreground.

IMF Warns AI Exacerbates Cyber Risk to Financial Stability

The International Monetary Fund warns that artificial intelligence is supercharging cyber risk, transforming it into a potential threat to global financial stability. A single vulnerability exploited across multiple institutions could have devastating consequences for the entire financial ecosystem.

Analyst 207
Busy office workspace with employees at desks, laptops, and papers, surrounded by cubicles and office furniture.

AI Adoption Outpaces Security Policies, Heightens Cyber Risk

Most organizations are already using AI tools, with 90% of digital trust professionals confirming employees are leveraging them, yet only 38% have a comprehensive policy in place to manage the risks. This disconnect leaves a staggering 25% of organizations with no AI policy at all, heightening cyber risk.

Analyst 207
Concerned risk professional stands amidst blurred office screens and coworkers.

Cyber Risks Expose Organizations to Increased Threats

Organizations are facing a harsh reality: understanding cyber risk is only half the battle, as the real challenge lies in responding effectively when a threat strikes. Marsh's 2026 People Risks report reveals that cyber-related challenges, including cyber-threat literacy, top the list of people risks, ahead of technological change and skills shortages.

Analyst 207
Factory production floor with scattered machines and a partially visible industrial control system.

Ransomware Drives 90% of Manufacturing Cyber Losses

Ransomware is wreaking havoc on the manufacturing sector, responsible for a staggering 90% of total cyber losses - despite accounting for just a small fraction of claims. When ransomware strikes, the financial blow is severe, highlighting the urgent need for robust security measures.

Analyst 207
Person in secure room surrounded by equipment and screens manages sensitive data transfer.

Zero Trust Stalls at Data Movement Bottleneck

The moment data crosses a boundary, it's often assumed to be trustworthy - but that's exactly where attackers strike, exploiting this blind spot with alarming success. A recent Cyber360 survey reveals that 53% of security leaders still rely on manual processes to move sensitive data, leaving a gaping Zero Trust gap that's ripe for exploitation.

Analyst 207
Cityscape at dusk with cracked glass window reflecting distorted computer screens and code, symbolizing cyber threats.

Kaspersky Report Exposes Shifting Cyberattack Landscape

Get ready to face the future of cyber threats! The Kaspersky Security Services report delivers eye-opening insights into the evolving cyberattack landscape, combining real-world incident response findings with hard data from its Managed Detection and Response service.

Analyst 207
Futuristic control room with curved screen displaying interconnected gears, sleek chair and devices in foreground.

Modern Resource Management: Exclusive Best Practices

Modern Resource Management shows how federal teams can do more with less by replacing spreadsheets with systems—using outcomes-based metrics, integrated analytics, and agile workforce planning to protect readiness and deliver measurable public benefits. Get exclusive best practices for balancing short-term pressures with equitable, long-term mission gains.

Analyst 207
cyber risk management: Must-Have Best Legal Defense

cyber risk management: Must-Have Best Legal Defense

Cyber incidents aren’t just IT headaches — they’re legal minefields that can trigger fines, lawsuits and boardroom liability. Align contracts, AI governance, vendor controls and BYOD policies so technical breaches don’t become costly legal crises.

Analyst 207
machine learning and generative AI: Must-Have Cyber Risks

machine learning and generative AI: Must-Have Cyber Risks

When a single ransomware strike toppled 158‑year‑old Passwork KNP and put 700 people out of work, it exposed how machine learning and generative AI have made powerful cyberattacks cheap and easy; consider this a wake‑up call to harden defenses, test backups, and treat cyber risk as core operational priority.

Analyst 207
board-level readiness: Must-Have Critical Wake-Up

board-level readiness: Must-Have Critical Wake-Up

The NCSC and ministers have warned FTSE 350 chiefs that many boards are leaving the digital front door wide open—it’s time for executives to treat cyber as a strategic priority, not an IT problem. Stronger board-level accountability, realistic testing and smarter supplier checks can stop breaches from becoming boardroom crises.

Analyst 207
Libraesva ESG Urgent Patch: Critical Risk Exposed

Libraesva ESG Urgent Patch: Critical Risk Exposed

A newly patched command-injection flaw in Libraesva’s Email Security Gateway was reportedly exploited by state-sponsored actors, putting email perimeters at risk of lateral movement and data theft. If you run ESG, update immediately, segment management interfaces, and hunt for signs of compromise.

Analyst 207
London tube attack: Shocking Exclusive Charges Spark Risk

London tube attack: Shocking Exclusive Charges Spark Risk

Nearly a year after an August 2024 cyberattack that snarled the Tube, two teenagers have been charged in a case that highlights how fragile modern transit systems can be. The prosecution raises fresh questions about cyber resilience, juvenile culpability and the stakes for everyday commuters.

Analyst 207
authentication tokens Risky Fallout: Stunning Wake-Up

authentication tokens Risky Fallout: Stunning Wake-Up

When Salesloft’s stolen authentication tokens turned into a supply‑chain free‑for‑all, hundreds of companies woke up to the scary truth that machine identities are as precious as passwords. Now’s the time to rotate keys, audit integrations, and rethink how we trust the apps that sit between our teams and their data.

Analyst 207
Salesloft Drift integration: Risky Must-Have Fixes

Salesloft Drift integration: Risky Must-Have Fixes

A widely used Salesloft–Drift integration meant to speed workflows is being abused to pivot into Google Workspace accounts—now’s the time to audit OAuth permissions, enforce least privilege, and revoke any unnecessary app access before attackers do.

Analyst 207
exploit code Exclusive: Risky Leak Spurs Policy Shift

exploit code Exclusive: Risky Leak Spurs Policy Shift

After a SharePoint zero-day was weaponized, Microsoft quietly stopped sharing proof-of-concept exploit code with some Chinese firms — a pragmatic but politically fraught move that highlights the uneasy trade-off between helping defenders and giving attackers a roadmap. The incident makes clear we need faster patching, tighter disclosure controls, and better international norms to protect users without splintering cooperation.

Analyst 207
SAP NetWeaver Critical Threat: Must-Have Patch Urgency

SAP NetWeaver Critical Threat: Must-Have Patch Urgency

A public, weaponized exploit chaining two critical SAP NetWeaver flaws lets attackers bypass authentication and gain remote code execution. If you haven’t patched every NetWeaver instance, prioritize fixes, network segmentation and monitoring now to avoid data theft and disruption.

Analyst 207