Skip to main content

Tag: risk assessment

29 articles

Concerned corporate team in meeting room with cityscape view and scattered papers.

Organizations' Crisis Response Lags Behind Confidence Levels

Most companies are blissfully unaware of impending crises, with a staggering 93% admitting they've missed warning signs of disruptions - and it's costing them dearly, with every business surveyed reporting a significant financial hit.

Analyst 207
Professionals gather around a large table in a bright planning room with whiteboards, maps, and laptops.

Risk Informed: New Framework Integrates Assessment into Cognitive Ops Design

In cognitive operations, risk multiplies rapidly, making every design decision a high-stakes game - which is why integrating risk assessment into Cognitive Ops Design is a crucial step that can't be ignored. By acknowledging the unpredictable ripple effects of cognitive ops, you can proactively bake risk assessment into your strategy.

Analyst 207
Fighter jet flies through stormy sky amidst dark clouds and lightning, with a worn and cracked American flag waving in the…

Pentagon's Air Superiority Claims Over Iran Mask Growing Risks

The Pentagon's bold claim of air superiority over Iran masks a far more complex and perilous reality, one that outside analysts warn poses a growing threat to the lives of aircrew. But is the sky as safe as the Pentagon says, or a contested domain where danger lurks?

Analyst 207
indirect prompt injection: Stunning, Risky Threat

indirect prompt injection: Stunning, Risky Threat

Imagine a calendar invite or shared doc quietly telling your phone assistant to betray you — researchers show indirect prompt injection turns everyday interactions into real attack paths that can leak data, send messages, or trigger devices. Their TARA framework and practical fixes show those risks can fall sharply if developers add source checks, action gating, and clearer user consent.

Analyst 207
Claude model Exclusive Safety: Best Privacy Win

Claude model Exclusive Safety: Best Privacy Win

When Anthropic found users asking Claude how to build a bomb, it began scanning some chats to flag nuclear-related queries — a safety-minded move that nonetheless raises tricky privacy and transparency questions.

Analyst 207
Comment Now on Draft SP 800-53 Controls for Secure Patches

Comment Now on Draft SP 800-53 Controls for Secure Patches

Join the conversation on NISTs draft updates to SP 800-53 and discover how these new guidelines can transform your approach to securing software patches—because safeguarding your systems has never been more crucial!

Analyst 207
5G cybersecurity principles: Must-Have Best Practices

5G cybersecurity principles: Must-Have Best Practices

As 5G transforms connectivity, the NCCoE’s white paper lays out five practical cybersecurity principles—isolation, segmentation, redundancy, continuous risk assessment, and security-by-design—to help organizations build faster, more resilient, and trustworthy networks. Adopt these guidelines now to protect privacy, ensure uptime, and stay ahead of evolving threats.

Analyst 207
AI Zero Trust Security: Must-Have, Risky Reality

AI Zero Trust Security: Must-Have, Risky Reality

AI-powered Zero Trust promises smarter, faster defenses—adaptive risk scoring, real-time responses, and less analyst fatigue—but also introduces risks like biased models, data poisoning, and tricky governance challenges. Balancing those trade-offs with quality data, transparent policies, and human oversight is essential to make AI Zero Trust both effective and trustworthy.

Analyst 207
5G cybersecurity Must-Have: Best Protection Guide

5G cybersecurity Must-Have: Best Protection Guide

As 5G spreads, new cyber risks multiply—NCCoE’s latest white paper lays out practical, must-have principles to design secure 5G networks from the ground up. Whether you’re a tech leader or policymaker, this guide helps you balance innovation and safety to protect devices, data, and critical infrastructure.

Analyst 207
Small Business Cybersecurity: Must-Have Essential Defenses

Small Business Cybersecurity: Must-Have Essential Defenses

A single cyberattack can sink a small business—NCCoE’s Cybersecurity Connections turns NIST guidance into practical, budget-friendly steps (MFA, patching, tested backups) and real-world tools to help owners protect customers, preserve trust, and keep their business running.

Analyst 207
NIST Privacy Framework: Must-Have Guide to Best Practices

NIST Privacy Framework: Must-Have Guide to Best Practices

Get a practical, easy-to-adopt roadmap with the updated NIST Privacy Framework — it turns privacy principles into clear, actionable steps that align with cybersecurity to reduce risk and build user trust. Whether you’re a startup or an enterprise, the refreshed guidance helps you embed privacy-by-design, measure results, and map controls to compliance for stronger, sustainable data stewardship.

Analyst 207
Mental Health Provider Penalized $225K for Inadequate Risk Assessment

Mental Health Provider Penalized $225K for Inadequate Risk Assessment

Mental health provider fined $225K for failing to conduct adequate risk assessments, highlighting the importance of proper patient evaluation practices.

Analyst 207
Redefining IT Risk Evaluations in Operational Technology Settings

Redefining IT Risk Evaluations in Operational Technology Settings

Explore innovative strategies for assessing IT risks in Operational Technology environments, enhancing security and efficiency in industrial operations.

Analyst 207
Bridging the Overlooked Vulnerability Management Gap

Bridging the Overlooked Vulnerability Management Gap

Discover strategies to bridge the overlooked vulnerability management gap, enhancing your organization’s security and risk mitigation efforts effectively.

Analyst 207
Industry-Specific AI: Ushering a New Era Beyond Generic Chatbots

Industry-Specific AI: Ushering a New Era Beyond Generic Chatbots

Industry-Specific AI goes beyond generic chatbots by delivering tailored, innovative, and efficient solutions that redefine industry automation.

Analyst 207
NIST Unveils Innovative Metric for Gauging Exploit Risk

NIST Unveils Innovative Metric for Gauging Exploit Risk

Discover NIST’s innovative metric, redefining exploit risk assessment with cutting-edge analytics and proactive security strategies.

Analyst 207
#Infosec2025: NCC Group Expert Warns UK Firms to Prepare for Cyber Security and Resilience Bill

#Infosec2025: NCC Group Expert Warns UK Firms to Prepare for Cyber Security and Resilience Bill

UK firms must ready themselves for the Cyber Security & Resilience Bill, warns NCC Group expert ahead of #Infosec2025.

Analyst 207
Proposed GDPR Overhaul Fuels New Privacy Debates

Proposed GDPR Overhaul Fuels New Privacy Debates

Proposed GDPR overhaul sparks fresh debates on privacy, reshaping data protection standards and regulatory enforcement in the digital realm.

Analyst 207
5 BCDR Essentials for Effective Ransomware Defense

5 BCDR Essentials for Effective Ransomware Defense

Discover 5 BCDR essentials for effective ransomware defense—key strategies to secure data, ensure rapid recovery, and maintain business continuity.

Analyst 207
Rethinking CVSS: Overcoming Its Limitations and Strengthening Security Metrics

Rethinking CVSS: Overcoming Its Limitations and Strengthening Security Metrics

Rethink CVSS by overcoming its limitations and strengthening security metrics to enhance risk assessments and boost threat detection capabilities.

Analyst 207
Beyond Vulnerability Management – Can You CVE What I CVE?

Beyond Vulnerability Management – Can You CVE What I CVE?

Explore advanced CVE strategies that transcend basic vulnerability management. Discover how “Can You CVE What I CVE?” transforms threat analysis and risk mitigation.

Analyst 207
Automate CVE Response and Vulnerability Advisories Using Tines

Automate CVE Response and Vulnerability Advisories Using Tines

Automate CVE response and vulnerability advisories with Tines. Boost security with reliable, efficient incident workflows and fast threat mitigation.

Analyst 207
IDG Clinches Major EU Afghan Security Contract

IDG Clinches Major EU Afghan Security Contract

IDG clinches a major EU Afghan security contract, boosting regional defense operations and enhancing strategic stability.

Analyst 207
The Fragmentation of Standard Vulnerability Tracking: Impacts of CVE Fallout

The Fragmentation of Standard Vulnerability Tracking: Impacts of CVE Fallout

Explore the impacts of CVE fallout on vulnerability tracking, highlighting the challenges of fragmentation and its effects on cybersecurity practices.

Analyst 207