Skip to main content

Tag: risk management

301 articles

Humans and AI-driven technology collaborate in a modern office setting.

Security Leaders Face New Risk Calculus with AI-Driven Workforces

The modern workforce has a new equation: humans and AI agents working together, facing the same dynamic threats and risks. This emerging reality demands a fresh approach to security, one that recalibrates risk and rethinks trust in a blended workforce.

Analyst 207
Rows of computer servers and networking equipment in a network operations center overlooking a cityscape through a large…

Attackers Target New Assets Within Minutes of Exposure

The moment a new asset goes live with a public IP address, the clock starts ticking - and within minutes, attackers are circling, waiting to pounce on unsuspecting targets. In just 24 hours, a newly exposed asset can go from discovery to compromise, with threat actors exploiting vulnerabilities at an alarming rate.

Analyst 207
Concerned risk professional stands amidst blurred office screens and coworkers.

Cyber Risks Expose Organizations to Increased Threats

Organizations are facing a harsh reality: understanding cyber risk is only half the battle, as the real challenge lies in responding effectively when a threat strikes. Marsh's 2026 People Risks report reveals that cyber-related challenges, including cyber-threat literacy, top the list of people risks, ahead of technological change and skills shortages.

Analyst 207
Security analysts respond to threats in a dimly lit operations center with multiple screens displaying alerts and…

Threat Response Times Hinge on Smart SOC Design

When a breach occurs, the clock is ticking - and the cost of delayed response can be crippling, with every hour of inaction threatening data exfiltration, service disruption, regulatory exposure, and brand damage. A smart SOC design can be the difference between a swift response and a devastating fallout.

Analyst 207
Tightly wound rope coil with fraying strands against a global trade route map and a laptop in foreground.

Insurance Premiums Signal Global Supply Chain Strains Ahead

A sharp spike in maritime war-risk insurance premiums served as an early warning sign of impending supply chain disruptions in the Strait of Hormuz, offering a potential low-cost signal for officials to anticipate and prepare for global supply shocks. By tracking these premium changes, Australia and other nations may be able to mitigate the impact of future disruptions.

Analyst 207
Dimly lit office with broken laptop, scattered papers, and torn files near an open window overlooking a cityscape at dusk.

Cyber Insurance Claims Data Reveals Top Incident Types

A new report reveals that a whopping majority of cyber insurance claims are driven by just three types of incidents, forcing insurers, organizations, and regulators to rethink where risk lies and how it should be priced. This surprising concentration of claims in a few categories has significant implications for managing financial risk.

Analyst 207
Overflowing inbox with papers and a prominent rating sheet on top.

NIST Scales Back Vulnerability Ratings Amid Surge in Submissions

The National Institute of Standards and Technology is overhauling its vulnerability rating system, scaling back severity scores for lower-priority flaws as submissions surge. This change means some software flaws will no longer get a severity score, shifting focus to the most critical vulnerabilities.

Analyst 207
Crumbling castle wall with shattered laptop in foreground, stormy dark sky with lightning.

Mythos Threat Looms Over Cyber Defenses

A new force in cyberspace, known as Claude Mythos, threatens to revolutionize the speed at which cyber defenses are compromised, dramatically shortening the window between vulnerability discovery and exploitation. Experts warn that this emerging threat could upend traditional cybersecurity strategies, making it essential for organizations to reassess their approach to managing vulnerabilities and security operations.

Analyst 207

CISOs Face Emerging AI Risk Management Challenges

As AI evolves from a useful tool to an omnipresent force, chief information security officers must urgently reassess their risk management playbook to stay ahead of emerging threats. A recent GovInfoSecurity webinar, "What CISOs Need to Know About AI Risk," tackles this critical question and explores the implications of AI risk for CISOs.

Analyst 207
Ominous gate with small lock in front of futuristic HQ at dusk, lit by single flickering bulb.

AI Adoption Exposes Hidden Security Gaps in Enterprise Operations

As AI rapidly moves from experimentation to executive mandate, organizations face a daunting challenge: how to harness its power while securing and governing its adoption. With boards, investors, and executives pushing for integration, the pressure is on to balance AI adoption with robust security and oversight.

Analyst 207
Fortress-like company headquarters with sleek skyscrapers and ominous gate at dusk.

Goldman Sachs Bolsters Defenses with Anthropic's Mythos Model

Goldman Sachs is taking a proactive approach to harnessing AI's potential while safeguarding against risks, partnering with Anthropic and security vendors to deploy controls around powerful models like Mythos. CEO David Solomon emphasizes the bank's hyper-aware stance, balancing innovation with robust risk management to mitigate threats like accelerated cyberattacks.

Analyst 207
Lone developer looks concerned at laptop showing rising velocity graph amidst cluttered workspace.

Vulnerabilities Surge as Velocity Gap Widens in AI-Driven Development

The alarming truth: while alert volume grew by 52% year-over-year, prioritized critical risks exploded by nearly 400% in just 90 days, leaving defenders scrambling to keep up with a tsunami of high-impact problems. A new dataset from OX Security reveals this velocity gap in AI-driven development, where the noise is rising - but it's the critical risks that should give defenders pause.

Analyst 207
Dimly lit figure hunched over laptop in cityscape with ominous fortress wall looming in background.

Cybersecurity Risk Outpaces Corporate Defenses

As companies pour more resources into AI and technology, a pressing question remains: can they defend what matters most? Despite escalating investments, many firms admit they're ill-equipped to tackle growing cybersecurity risks, which now rank among the top business threats.

Analyst 207
Person surrounded by shattered glass and wires, laptop shows butterfly in precarious environment.

Experts Weigh In on Claude Mythos and Project Glasswing Implications

Security experts recently gathered to share their insights on Claude Mythos and Project Glasswing, shining a spotlight on the risks, oversight, and urgency surrounding these emerging initiatives. By bringing their perspectives to the public record, the discussion sets the stage for scrutiny and debate.

Analyst 207
Locked safe with exposed circuit board amidst shattered glass and wires, set against a dark cityscape.

AI Adoption Enters Agentic Era with Heightened Security Risks

As AI pilot projects evolve into autonomous systems operating across entire corporations, the stakes are rising - and so are the security risks. The era of experimentation is over; now it's time to face the bills and take control of enterprise AI risks, responsibilities, and responses.

Analyst 207
A broken compass lies on a vintage globe surrounded by scattered papers and a smartphone with a glowing screen, set against…

Scenario Planning Evolves as Uncertainty Compounds Global Risk

When the future suddenly stops making sense, organizations are faced with a daunting decision: stick with outdated planning methods or evolve to anticipate the unexpected. As uncertainty compounds and trends become less reliable, a new approach to strategic planning and risk management is urgently needed.

Analyst 207
Qodo Raises $70M to Mitigate AI Code Risks with Governance Platform

Qodo Raises $70M to Mitigate AI Code Risks with Governance Platform

As businesses increasingly turn to AI to generate production code, a pressing question emerges: who will be accountable when machines write the software that runs our critical systems? With AI-generated code comes a new set of risks - bugs, security threats, and noncompliance - that governance gaps must address to ensure speed and scale don't compromise safety and reliability.

Analyst 207
Critical AI Agent Risk Categorization: A CISOs' Guide

Critical AI Agent Risk Categorization: A CISOs' Guide

As AI increasingly permeates our daily lives, a crucial question emerges: how can we safeguard against these intelligent systems becoming security threats? Not all AI agents are created equal when it comes to risk, which scales with access to systems and level of autonomy, demanding a nuanced approach to securing AI systems.

Analyst 207
Risk Management Takes Critical Turn with NIST SP 800-39 Insights

Risk Management Takes Critical Turn with NIST SP 800-39 Insights

In today's high-risk digital landscape, effective risk management is no longer a choice - it's a necessity for protecting your organization's information systems and sensitive data. By adopting a comprehensive risk management approach, you can ensure the confidentiality, integrity, and availability of your data and stay ahead of evolving cyber threats.

Analyst 207
cyber risk Must-Have Strategy for Best Business Alignment

cyber risk Must-Have Strategy for Best Business Alignment

Too many security teams track patch counts while executives ask whether revenue and reputation are really protected; aligning risk operations with business priorities turns cyber efforts from checkbox exercises into measurable protection for what matters most. By mapping critical processes, quantifying financial impact, and uniting tech and leadership, organizations can prioritize controls that reduce real risk and keep operations—and customers—running.

Analyst 207
geostationary satellite communications: Shocking Risk

geostationary satellite communications: Shocking Risk

Point a few hundred dollars of consumer gear at the sky and you can snoop on vast swaths of unencrypted satellite traffic — from in‑flight Wi‑Fi and private calls to corporate and critical‑infrastructure links. It’s a wake‑up call: encrypt by default and update decades‑old satellite systems before curiosity becomes catastrophe.

Analyst 207
payment data breach: Stunning Alarming Risk Exposed

payment data breach: Stunning Alarming Risk Exposed

About 180,000 people had names and payment details left exposed — putting them at heightened risk of fraud and identity theft; here’s what to do now to protect yourself and why companies must tighten their defenses.

Analyst 207
cyber risks: Must-Have Legal Protections & Best Practices

cyber risks: Must-Have Legal Protections & Best Practices

Imagine a software update or personal phone turning into courtroom evidence — cyber incidents now trigger regulatory fines, class actions, and contract disputes. Treat cybersecurity as a legal risk: bring lawyers into governance, tighten contracts and vendor controls, and document AI and BYOD policies before an incident makes the decisions for you.

Analyst 207
cyber risk management: Must-Have Best Legal Defense

cyber risk management: Must-Have Best Legal Defense

Cyber incidents aren’t just IT headaches — they’re legal minefields that can trigger fines, lawsuits and boardroom liability. Align contracts, AI governance, vendor controls and BYOD policies so technical breaches don’t become costly legal crises.

Analyst 207