Security News

Oomnitza revealed a snapshot survey, conducted by Gatepoint Research, which found that siloed technology management is increasing operational blind spots and cyber risk. While 76% of enterprises employ multiple systems to oversee the underlying technology that supports their IT and business services, 71% of IT leaders anticipate increased security breaches and operational expenditures.

Kovrr and SANS Institute released their joint survey that reveals enterprise motivation and impact of cyber risk quantification in the modern cybersecurity landscape. Primary CRQ use cases include cyber budget allocation, board reporting and governance, cyber insurance and risk transfer options, M&A cyber due diligence and for capital reserve and management strategy.

Now, it is possible to look into the future and make contextual risk forecasts using cyber risk quantification. When data is collated and analyzed correctly, it can be used to provide a real-time risk score which is useful for improving the efficiency of security teams by helping them prioritize risk.

A systemic cyber risk is one where a single failure somewhere in cyberspace could result in catastrophic results that span a country or spread around the world and impacting societies, governments and entire cyber infrastructures. The US Cybersecurity and Infrastructure Security Agency last year kicked off the Systemic Cyber Risk Reduction Effort to focus on the issue, including developing metrics and tools to measure and address the risks to the nation's infrastructure.

Cyber perils are the biggest concern for companies globally in 2022, according to the Allianz Risk Barometer. Cyber incidents tops the Allianz Risk Barometer for only the second time in the survey's history, Business interruption drops to a close second and Natural catastrophes ranks third, up from sixth in 2021.

A Trend Micro report predicts global organizations will emerge more alert and better prepared in 2022 thanks to a comprehensive, proactive, cloud-first approach to mitigating cyber risk. Research, foresight, and automation are critical for organizations to manage risk and secure their workforce.

ENISA has announced the release of its report - Railway Cybersecurity - Good Practices in Cyber Risk Management for railway organizations. European railway undertakings and infrastructure managers need to address cyber risks in a systematic way as part of their risk management processes.

"The number of ransomware attacks may even increase before the situation gets better," says Scott Sayce, Global Head of Cyber at AGCS. "Not all attacks are targeted. Criminals also adopt a scattergun approach to exploit those businesses that aren't addressing or understanding the vulnerabilities they may have. As insurers we must continue to work with our clients to help businesses understand the need to strengthen their controls. At the same time, in today's rapidly evolving cyber insurance market, providing emergency response services, as well as financial compensation, is now the standard." These cyber risk trends are mirrored in AGCS' own claims experience, being involved in more than a thousand cyber claims overall in 2020, up from about 80 in 2016.

The 2020 Global Risk Study by PwC said that nearly 50% of respondents believe their risk, internal audit, compliance and cybersecurity departments are hampered by not formulating a common view of threats and the associated risk. "When we work with business partners and stakeholders, it's important to make sure we find a common language, so everyone understands the risk we're communicating," Schorr said.

Cyber risk measurement and mitigation platform provider Safe Security this week announced that it has received a $33 million strategic investment led by BT Group. As part of the investment, BT will have exclusive rights to use and sell Safe Security's products in the U.K. by incorporating the cyber risk management platform into its portfolio.