Tag: risk management
301 articles

Security Leaders Face New Risk Calculus with AI-Driven Workforces
The modern workforce has a new equation: humans and AI agents working together, facing the same dynamic threats and risks. This emerging reality demands a fresh approach to security, one that recalibrates risk and rethinks trust in a blended workforce.

Attackers Target New Assets Within Minutes of Exposure
The moment a new asset goes live with a public IP address, the clock starts ticking - and within minutes, attackers are circling, waiting to pounce on unsuspecting targets. In just 24 hours, a newly exposed asset can go from discovery to compromise, with threat actors exploiting vulnerabilities at an alarming rate.

Cyber Risks Expose Organizations to Increased Threats
Organizations are facing a harsh reality: understanding cyber risk is only half the battle, as the real challenge lies in responding effectively when a threat strikes. Marsh's 2026 People Risks report reveals that cyber-related challenges, including cyber-threat literacy, top the list of people risks, ahead of technological change and skills shortages.

Threat Response Times Hinge on Smart SOC Design
When a breach occurs, the clock is ticking - and the cost of delayed response can be crippling, with every hour of inaction threatening data exfiltration, service disruption, regulatory exposure, and brand damage. A smart SOC design can be the difference between a swift response and a devastating fallout.

Insurance Premiums Signal Global Supply Chain Strains Ahead
A sharp spike in maritime war-risk insurance premiums served as an early warning sign of impending supply chain disruptions in the Strait of Hormuz, offering a potential low-cost signal for officials to anticipate and prepare for global supply shocks. By tracking these premium changes, Australia and other nations may be able to mitigate the impact of future disruptions.

Cyber Insurance Claims Data Reveals Top Incident Types
A new report reveals that a whopping majority of cyber insurance claims are driven by just three types of incidents, forcing insurers, organizations, and regulators to rethink where risk lies and how it should be priced. This surprising concentration of claims in a few categories has significant implications for managing financial risk.

NIST Scales Back Vulnerability Ratings Amid Surge in Submissions
The National Institute of Standards and Technology is overhauling its vulnerability rating system, scaling back severity scores for lower-priority flaws as submissions surge. This change means some software flaws will no longer get a severity score, shifting focus to the most critical vulnerabilities.

Mythos Threat Looms Over Cyber Defenses
A new force in cyberspace, known as Claude Mythos, threatens to revolutionize the speed at which cyber defenses are compromised, dramatically shortening the window between vulnerability discovery and exploitation. Experts warn that this emerging threat could upend traditional cybersecurity strategies, making it essential for organizations to reassess their approach to managing vulnerabilities and security operations.
CISOs Face Emerging AI Risk Management Challenges
As AI evolves from a useful tool to an omnipresent force, chief information security officers must urgently reassess their risk management playbook to stay ahead of emerging threats. A recent GovInfoSecurity webinar, "What CISOs Need to Know About AI Risk," tackles this critical question and explores the implications of AI risk for CISOs.

AI Adoption Exposes Hidden Security Gaps in Enterprise Operations
As AI rapidly moves from experimentation to executive mandate, organizations face a daunting challenge: how to harness its power while securing and governing its adoption. With boards, investors, and executives pushing for integration, the pressure is on to balance AI adoption with robust security and oversight.

Goldman Sachs Bolsters Defenses with Anthropic's Mythos Model
Goldman Sachs is taking a proactive approach to harnessing AI's potential while safeguarding against risks, partnering with Anthropic and security vendors to deploy controls around powerful models like Mythos. CEO David Solomon emphasizes the bank's hyper-aware stance, balancing innovation with robust risk management to mitigate threats like accelerated cyberattacks.

Vulnerabilities Surge as Velocity Gap Widens in AI-Driven Development
The alarming truth: while alert volume grew by 52% year-over-year, prioritized critical risks exploded by nearly 400% in just 90 days, leaving defenders scrambling to keep up with a tsunami of high-impact problems. A new dataset from OX Security reveals this velocity gap in AI-driven development, where the noise is rising - but it's the critical risks that should give defenders pause.

Cybersecurity Risk Outpaces Corporate Defenses
As companies pour more resources into AI and technology, a pressing question remains: can they defend what matters most? Despite escalating investments, many firms admit they're ill-equipped to tackle growing cybersecurity risks, which now rank among the top business threats.

Experts Weigh In on Claude Mythos and Project Glasswing Implications
Security experts recently gathered to share their insights on Claude Mythos and Project Glasswing, shining a spotlight on the risks, oversight, and urgency surrounding these emerging initiatives. By bringing their perspectives to the public record, the discussion sets the stage for scrutiny and debate.

AI Adoption Enters Agentic Era with Heightened Security Risks
As AI pilot projects evolve into autonomous systems operating across entire corporations, the stakes are rising - and so are the security risks. The era of experimentation is over; now it's time to face the bills and take control of enterprise AI risks, responsibilities, and responses.

Scenario Planning Evolves as Uncertainty Compounds Global Risk
When the future suddenly stops making sense, organizations are faced with a daunting decision: stick with outdated planning methods or evolve to anticipate the unexpected. As uncertainty compounds and trends become less reliable, a new approach to strategic planning and risk management is urgently needed.

Qodo Raises $70M to Mitigate AI Code Risks with Governance Platform
As businesses increasingly turn to AI to generate production code, a pressing question emerges: who will be accountable when machines write the software that runs our critical systems? With AI-generated code comes a new set of risks - bugs, security threats, and noncompliance - that governance gaps must address to ensure speed and scale don't compromise safety and reliability.

Critical AI Agent Risk Categorization: A CISOs' Guide
As AI increasingly permeates our daily lives, a crucial question emerges: how can we safeguard against these intelligent systems becoming security threats? Not all AI agents are created equal when it comes to risk, which scales with access to systems and level of autonomy, demanding a nuanced approach to securing AI systems.

Risk Management Takes Critical Turn with NIST SP 800-39 Insights
In today's high-risk digital landscape, effective risk management is no longer a choice - it's a necessity for protecting your organization's information systems and sensitive data. By adopting a comprehensive risk management approach, you can ensure the confidentiality, integrity, and availability of your data and stay ahead of evolving cyber threats.

cyber risk Must-Have Strategy for Best Business Alignment
Too many security teams track patch counts while executives ask whether revenue and reputation are really protected; aligning risk operations with business priorities turns cyber efforts from checkbox exercises into measurable protection for what matters most. By mapping critical processes, quantifying financial impact, and uniting tech and leadership, organizations can prioritize controls that reduce real risk and keep operations—and customers—running.

geostationary satellite communications: Shocking Risk
Point a few hundred dollars of consumer gear at the sky and you can snoop on vast swaths of unencrypted satellite traffic — from in‑flight Wi‑Fi and private calls to corporate and critical‑infrastructure links. It’s a wake‑up call: encrypt by default and update decades‑old satellite systems before curiosity becomes catastrophe.

payment data breach: Stunning Alarming Risk Exposed
About 180,000 people had names and payment details left exposed — putting them at heightened risk of fraud and identity theft; here’s what to do now to protect yourself and why companies must tighten their defenses.

cyber risks: Must-Have Legal Protections & Best Practices
Imagine a software update or personal phone turning into courtroom evidence — cyber incidents now trigger regulatory fines, class actions, and contract disputes. Treat cybersecurity as a legal risk: bring lawyers into governance, tighten contracts and vendor controls, and document AI and BYOD policies before an incident makes the decisions for you.

cyber risk management: Must-Have Best Legal Defense
Cyber incidents aren’t just IT headaches — they’re legal minefields that can trigger fines, lawsuits and boardroom liability. Align contracts, AI governance, vendor controls and BYOD policies so technical breaches don’t become costly legal crises.