Risk Management articles

It is the 20th anniversary of CISA’s cybersecurity awareness month and for the beginning of the second decade of this tradition. While this year’s themes are geared towards personal security, there are ways to implement them within an organization for more cyber resilience so there’s still something to learn here. Here are the key themes for the year: These themes are important to be aware of, but on the organizational level, there’s a lot more that can be done to […]

Even the best-managed security programs can fall short if implemented poorly. Correctly executing managed security is just as important as selecting the right vendor. In fact, it is the final step in choosing that vendor for your business. Let’s dive into how to best implement managed security in your business. Importance of a Plan in Managed Security Implementation If you’ve done your homework right, you have a shortlist of vendors who appear to have the necessary expertise, time, resources, and […]

The escalating complexity of business IT environments, coupled with an increase in security threats, means companies can no longer ignore taking their security posture seriously. Unfortunately, the worldwide cybersecurity labor shortage continues to grow, adding to the challenge of having an in-house department that can protect and respond to cyber threats. Furthermore, security needs have become increasingly specialized, requiring expert hands on deck for your company to be fully protected. The complex nature of an organization’s distributed environment today means […]

Cybersecurity in the manufacturing industry is not a new topic, but it is an increasingly important one. Like many other industries, manufacturing is rapidly adopting new technology, which is widening the threat landscape, leading to new cyber risks. Unlike other industries, most of this new technology falls under the umbrella of operational technology (OT) rather than information technology (IT). OT is a combination of hardware and software that manages industrial operations. It includes (among other things) industrial control systems (ICS) […]

Thanks to the 2018 Murphy v. NCAA Supreme Court case, sports betting and gambling are legal in 34 states and Washington, D.C. This historic case opened the doors for online sports betting, which has risen dramatically in recent years. New platforms and games are entering the market daily, and research from Data Bridge Market shows that the online sports betting market is expected to reach USD 167.66 billion by 2029. As the industry booms and more and more bets are being placed […]

Most of the sensational data breaches that get covered on the news are about consumer-focused companies. That makes sense when we think about the impact that can come from these kinds of attacks. In one fell swoop, millions of customer records can be lost. Obviously, this carries a lot of weight since it is relevant to a wide cross-section of people. Some noteworthy breaches of this magnitude include T-Mobile, SolarWinds, and LastPass. Supply chain companies may think they don’t need […]

Data from the FBI’s IC3 (Internet Crime Complaint Center) painted a stark picture of digital crime in 2022. The center recorded 800,944 complaints, leading to financial losses exceeding $10.3 billion. The increased sophistication in these crimes is driven, in part, by advancements in artificial intelligence technology. Many companies are still inadequately equipped to counter these escalating cyber threats because of the following factors: All of the above adds up to an immense investment required from SMBs to keep cybercriminals out […]

The World Travel & Tourism Council predicts that travel-related GDP will grow an average of 5.8% annually between 2022 and 2032. While this is good news for the hospitality industry, but an increase in online bookings and web traffic also makes it an even more enticing target for hackers. In fact, the industry has long attracted hackers with PwC’s Hotels Outlook Report 2018-2022 naming hospitality as the second-most-attacked industry. Even more interesting is the number of high-profile breaches that have […]

The finance industry is one of the most targeted industries for cyberattacks, and it makes sense. When most cyberattacks are conducted for financial gain, bad actors would naturally be inclined to go directly where the money is. However, the mass disruption caused by digitization and FinTech has created recent shifts in the industry making them particularly vulnerable. As the finance world becomes more digitized and financial institutions become increasingly interconnected, banking and financial services have become more efficient and inclusive […]

To stay competitive and relevant in business, we have to understand how to move at the pace of technology. We see this on both the consumer and business sides – expectations evolve alongside emerging trends, such as AI and machine learning. The same is true for cybercriminals. They also move at the pace of technology, and they’re counting on businesses to be behind the curve. While many attacks are known, such as phishing, business email compromise (BEC), and ransomware, tactics […]

Recent data from Verizon reveals that small and large businesses suffer from similar vulnerabilities and attack surfaces, yet small businesses face much more difficult challenges. Small businesses are typically less prepared for a cyberattack than their larger counterparts and attackers are often more successful when targeting small businesses. Verizon’s report indicates that cybercriminals have far more success penetrating small businesses with fewer than 1,000 employees than businesses with over 1,000 employees. Given that ninety-eight percent of cyberattacks were financially motivated, […]

Cyberattacks across all industries are on the rise, but the numbers are particularly troubling for the legal industry. According to American Bar Association’s 2022 Legal Technology Survey Report, 27% of respondents claimed to have experienced a security breach – up from 25% the year before. An additional 25% reported not knowing if their firm had experienced a security breach. A 2021 report released by security firm BlueVoyant found that while 15% of thousands of law firms showed signs of compromised networks, […]

In December 2022, FBI Supervisory Special Agent Michael Sohn cautioned small businesses that they were being targeted by cybercriminals. While larger corporations are investing more in hardening their security posture, the relative weakness of smaller businesses makes them prime targets for hackers. However, no matter how much cybersecurity a company has in place, no one can guarantee that its network will never be breached. That’s why a comprehensive risk strategy for cybersecurity includes cyber insurance and incident response to mitigate […]

No industry was more affected by the COVID-19 pandemic than the healthcare industry. While stories of frontline worker heroics and employee shortages took center stage, another important story has been brewing over the last few years — the significant increase in cybersecurity attacks in the healthcare space. With stay-at-home orders and social distancing requirements in place throughout 2020, many healthcare systems were forced to rapidly adopt healthcare technology that allowed for telemedicine and the remote monitoring of patients. The way […]