Risk Management articles

As the threat landscape continues to grow and shift and cyberattacks continue to rise, many companies are looking for new ways to defend themselves against bad actors, nation-states, and competitors trying to hack their systems and steal intellectual property. One major threat organizations may not be on top of is the one that lurks within their company — insider threats. It’s estimated that 60% of data breaches are caused by insider threats, and a study by the Ponemon Institute found […]

Worldwide adoption of digital systems has led to the emergence of a very real threat to businesses of all sizes. While these digital solutions empower businesses to conduct their operations more efficiently, a constantly connected state means that business data is always at risk. Company data is often available from the internet, whether stored on the cloud or on-prem, and hackers are constantly trying to access it. With companies using third parties more and more, this data can often be […]

According to a study of 35,000 organizations and 12.6 million individuals by KnowBe4, over 33% of users are susceptible to becoming victims of phishing attacks. These attacks often come via phishing emails carrying malicious attachments in the form of .js files, PDFs, excel sheets containing malicious macros, or script files, each of which allows the attacker to execute malicious code. While email security tools often detect these attachments, many still get through, posing a risk to less-trained employees who aren’t […]

As economic uncertainty continues in Q3 of 2023, many small and mid-sized businesses (SMEs) are struggling to stay afloat. Spending needs to be curbed and executives are faced with tough choices about where to make cuts. For many, trimming the cybersecurity budget is often one of the first steps. After all, what are the chances a bad actor will go after a mom-and-pop shop when they can make far more by attacking a large corporation or major financial institution?  Higher-ups […]

Growing strain on IT departments means organizations need a better solution to manage their cybersecurity needs. IT departments are overworked. A recent survey published in Security Magazine found that 62% of IT Leaders frequently work on holidays or weekends, and almost 50% have needed to work through the night at least once. Many IT leaders also lack the specific cybersecurity knowledge necessary to put the right kind of security in place. They may only invest in preventative options and may […]

The growing sophistication of cybersecurity threats means that investing in top-quality cyber protection is no longer an option but a necessity. However, budget constraints make this virtually impossible for many organizations, especially smaller ones to do in-house. Managed security has emerged as a solution for organizations struggling to optimize their cybersecurity. With a managed security program, organizations can have top-of-the-line security for a fraction of the cost of assembling, integrating, and maintaining an internal program. That said, choosing the right […]

It is the 20th anniversary of CISA’s cybersecurity awareness month and for the beginning of the second decade of this tradition. While this year’s themes are geared towards personal security, there are ways to implement them within an organization for more cyber resilience so there’s still something to learn here. Here are the key themes for the year: These themes are important to be aware of, but on the organizational level, there’s a lot more that can be done to […]

Even the best-managed security programs can fall short if implemented poorly. Correctly executing managed security is just as important as selecting the right vendor. In fact, it is the final step in choosing that vendor for your business. Let’s dive into how to best implement managed security in your business. Importance of a Plan in Managed Security Implementation If you’ve done your homework right, you have a shortlist of vendors who appear to have the necessary expertise, time, resources, and […]

The escalating complexity of business IT environments, coupled with an increase in security threats, means companies can no longer ignore taking their security posture seriously. Unfortunately, the worldwide cybersecurity labor shortage continues to grow, adding to the challenge of having an in-house department that can protect and respond to cyber threats. Furthermore, security needs have become increasingly specialized, requiring expert hands on deck for your company to be fully protected. The complex nature of an organization’s distributed environment today means […]

Cybersecurity in the manufacturing industry is not a new topic, but it is an increasingly important one. Like many other industries, manufacturing is rapidly adopting new technology, which is widening the threat landscape, leading to new cyber risks. Unlike other industries, most of this new technology falls under the umbrella of operational technology (OT) rather than information technology (IT). OT is a combination of hardware and software that manages industrial operations. It includes (among other things) industrial control systems (ICS) […]

Thanks to the 2018 Murphy v. NCAA Supreme Court case, sports betting and gambling are legal in 34 states and Washington, D.C. This historic case opened the doors for online sports betting, which has risen dramatically in recent years. New platforms and games are entering the market daily, and research from Data Bridge Market shows that the online sports betting market is expected to reach USD 167.66 billion by 2029. As the industry booms and more and more bets are being placed […]

Most of the sensational data breaches that get covered on the news are about consumer-focused companies. That makes sense when we think about the impact that can come from these kinds of attacks. In one fell swoop, millions of customer records can be lost. Obviously, this carries a lot of weight since it is relevant to a wide cross-section of people. Some noteworthy breaches of this magnitude include T-Mobile, SolarWinds, and LastPass. Supply chain companies may think they don’t need […]

Data from the FBI’s IC3 (Internet Crime Complaint Center) painted a stark picture of digital crime in 2022. The center recorded 800,944 complaints, leading to financial losses exceeding $10.3 billion. The increased sophistication in these crimes is driven, in part, by advancements in artificial intelligence technology. Many companies are still inadequately equipped to counter these escalating cyber threats because of the following factors: All of the above adds up to an immense investment required from SMBs to keep cybercriminals out […]

The World Travel & Tourism Council predicts that travel-related GDP will grow an average of 5.8% annually between 2022 and 2032. While this is good news for the hospitality industry, but an increase in online bookings and web traffic also makes it an even more enticing target for hackers. In fact, the industry has long attracted hackers with PwC’s Hotels Outlook Report 2018-2022 naming hospitality as the second-most-attacked industry. Even more interesting is the number of high-profile breaches that have […]