More results...
It begins with a simple notification: “Markets in Free Fall.” Within moments, the headlines multiply: new tariffs, emergency actions, plummeting consumer confidence. Across boardrooms and break rooms, anxiety ripples at every level. People begin refres…
Cybersecurity isn’t what it used to be. Attackers are moving quicker, disruptions happen all the time, and many security plans built for more predictable times just can’t keep up. With everything from ransomware to geopolitical threats to cloud slip-up…
The European Commission has approved the 2025-2027 Digital Europe Programme (DIGITAL) work program, allocating €1.3 billion to advance key technologies essential for the EU’s future and technological sovereignty. DIGITAL is an EU funding initiative des…
Many companies think cyber insurance will protect them from financial losses after an attack. But many policies have gaps. Some claims get denied. Others cover less than expected. CISOs must understand the risks before an attack happens. Misconceptions…
Demystify the potential threat that quantum computing poses to encryption and the security of the network.
In this Help Net Security interview, Matthew Darlage, CISO at Citizens, discusses key strategies for strengthening cyber resilience in banks. He underlines that adherence to frameworks like NIST is essential for continuous improvement and that data pro…
The Open Source Security Foundation (OpenSSF), a cross-industry initiative by the Linux Foundation, has announced the initial release of the Open Source Project Security Baseline (OSPS Baseline), a tiered framework of security practices that evolve wit…
In this Help Net Security interview, Chester Wisniewski, Director and Global Field CISO at Sophos, discusses the shifting ransomware landscape, the risks posed by quantum decryption threats, and the role of vendor security validation. Wisniewski notes …
And how to become resilient with ISO 27001 and ISO 22301 Unfortunately, even the most secure organisation can suffer an incident. The odds are simply stacked against you: While you need to protect all your assets from all types of threat, an attacker needs only one exploitable weakness to get into your systems. Plus, any security measure you implement is only designed to stop, at most, a handful of threats – and that’s assuming it was both correctly implemented and still doing its job. Regardless of implementation, single measures aren’t enough – because no measure is foolproof. The consequences of
The post Why You Need Cyber Resilience and Defence in Depth appeared first on IT Governance UK Blog.
DORA’s supply chain security requirements IT Governance’s research for November 2023 found that 48% of the month’s incidents originated from the supply chain (i.e. were third-party attacks). For Europe, this number rises to 61%. Admittedly, it only takes a comparatively small number of supply chain attacks to skew the number of incidents. It’s in their nature for one attack to compromise potentially hundreds or even thousands of organisations. However, that doesn’t stop the numbers from being worrying. It can be challenging to secure your supply chain – organisations tend to simply trust that the products and services they use are
The post The Third-Party Threat for Financial Organisations appeared first on IT Governance UK Blog.