Cyber Risk and Information - Cyber Security Informer

News alert: Living Security report reveals that just 10% of employees drive 73% of cyber risk

The Last Watchdog

JULY 21, 2025

Austin, TX, July 21, 2025, CyberNewswire — Living Security, the global leader in Human Risk Management (HRM), today released the 2025 State of Human Cyber Risk Report , an independent study conducted by leading research firm Cyentia Institute.

Cyber Risk

Cyber Risk Risk Media Phishing

How Spread Betting Platforms Safeguard Traders Against Cyber Risks

IT Security Guru

JANUARY 30, 2025

So, lets explore how spread betting platforms are rising to this challenge and ensuring that their platforms are cyber risk-free. Cyber Risks Facing Spread Betting Platforms Cyber threats are becoming more dangerous than ever, and spread betting platforms are a major target for most of these cyberattacks.

Cyber Risk

Cyber Risk Risk Penetration Testing Accountability

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

The Last Watchdog

MARCH 19, 2025

SpyCloud , the leading identity threat protection company, today released its 2025 SpyCloud Annual Identity Exposure Report , highlighting the rise of darknet-exposed identity data as the primary cyber risk facing enterprises today. It requires organizations to rethink the risks posed by employees, consumers, partners and suppliers.

Cyber Risk

Cyber Risk Risk Phishing Cybercrime

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday

Thales Cloud Protection & Licensing

NOVEMBER 26, 2024

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday josh.pearson@t… Tue, 11/26/2024 - 08:01 As Black Friday and Cyber Monday loom, the stakes for retailers extend far beyond enticing deals and record sales. trillion, the risk of a data breach extends beyond immediate financial losses.

Retail

Retail Cyber Risk Risk DDOS

How Exposure Management Helps Communicate Cyber Risk

Security Boulevard

JUNE 23, 2025

This week, Tenable experts discuss best practices for communicating cyber risk. Many security teams are buried in mounds of information from an array of disconnected security solutions. This makes it tough to present a consolidated, understandable overview of cyber risk. The challenge isn't the data itself.

Cyber Risk

Cyber Risk Risk Engineering Cybersecurity

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Unisys, for instance, was found to have framed cyber risks hypothetically even though its systems had already been breached, exfiltrating gigabytes of data. But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option.

CISO

CISO CSO Risk Cyber threats

Why MSSPs Must Prioritize Cyber Risk Quantification in 2025

Centraleyes

JUNE 9, 2025

They want risk explained in clear, unambiguous terms—and most of all, they want numbers. Cyber Risk Quantification (CRQ) helps MSSPs turn security work into real business value. With CRQ, you’re helping your clients understand risk, prioritize smartly, and report confidently. What Is Cyber Risk Quantification?

Cyber Risk

Cyber Risk Risk Insurance Cyber Insurance

AI Dilemma: Emerging Tech as Cyber Risk Escalates

Trend Micro

JULY 2, 2025

Move faster than your adversaries with powerful purpose-built XDR, cyber risk exposure management, and zero trust capabilities Learn more Extend Your Team Extend Your Team. Respond Faster. Respond Faster. 6 Alerts Back Unread All Inside the criminal mind: Trend’s deep dive into cybercrime.

Cyber Risk

Cyber Risk Risk Cyber threats Artificial Intelligence

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Compromised LLM-based applications could expose large amounts of personal information, disrupt essential services, or lead to manipulations of decision-making processes. Security teams will need to address the unique risks posed using LLMs in mission critical environments. While cloud offers flexibility, it introduces new cyber risks.

Cyber threats

Cyber threats CISO IoT Phishing

Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On

Security Boulevard

DECEMBER 30, 2024

But theyre just one example of the additional attention governments around the world are giving to cyber risk. The EU recently issued the network and information systems (NIS)2 Directive, aimed at improving cybersecurity across member states. View cyber risk as business risk. Be proactive.

Cybersecurity

Cybersecurity CISO Cyber Risk Risk

Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps

Security Boulevard

NOVEMBER 22, 2024

Each entry in the “OWASP Top 10 for LLM Applications 2025” report includes a description of the security risk; its different types; examples of attack scenarios; related frameworks and taxonomies; and more. Meanwhile, procurement and risk managers can use the list when evaluating software vendors.

Cyber Risk

Cyber Risk Risk Cybersecurity Artificial Intelligence

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. One example of is AI model cards, which inform users about how AI models are intended to be used. emphasizes governance, while the SEC mandates cyber risk reporting and incident disclosures.

Cybersecurity

Cybersecurity CISO Risk Government

News alert: One Identity wins 2024 Cyber Defense Award: Hot Company – PAM category

The Last Watchdog

DECEMBER 5, 2024

5, 2024, CyberNewswire — One Identity proudly announces it has been named a winner in the Hot Company: Privileged Access Management (PAM) category in the 12th annual Cyber Defense Awards by Cyber Defense Magazine (CDM), the industrys leading information security magazine. Miliefsky, Publisher of Cyber Defense Magazine.

InfoSec

InfoSec CISO Cyber Risk Cybersecurity

Romantic Lawsuit for Two? Don't Let Cybercriminals Scam You this Valentine's Day

SecureWorld News

FEBRUARY 14, 2025

If a store has limited contact information and no or too good to be true customer reviews, this is also a red flag," Machin said. Protect your personal information Valentine's Day scammers take advantage of social engineering and people letting their guard down around February 14th.

Scams

Scams Cybercrime Phishing Social Engineering

What Rebels Teach us About Stronger Cyber Defence

Jane Frankland

APRIL 25, 2025

We need cybersecurity leadersCISOs, cyber risk owners, and IT decision makerswho are willing to challenge the norm, think critically, and make ethical decisions to protect our organisations, and world. Making a bold, informed choice is sometimes the only way forward.

Technology

Technology Cyber threats Risk CISO

AI and Data Security: Takeaways from Latest Cybersecurity Info Sheet

SecureWorld News

JUNE 19, 2025

The 2025 Cybersecurity Information Sheet (CSI) on AI and Data Security offers critical guidance for organizations navigating the intersection of artificial intelligence and cybersecurity. The CSI notes, "Without adequate security measures, AI-enabled systems can become high-value targets and unintentional amplifiers of cyber risk."

Cybersecurity

Cybersecurity Artificial Intelligence Risk Cyber Risk

Cisco Contributes to Cyber Hard Problems Report

Cisco Security

JULY 7, 2025

National Academies of Sciences, Engineering and Medicine (NASEM) , a private non-profit dedicated to providing independent, objective advice to inform policy and confront challenging issues for the benefit of society. Nguyen also praised Hyrum for his contribution in “one of the fastest-emerging areas of cyber risk.

Cyber Risk

Cyber Risk Media Risk Cybersecurity

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Cybercrime Artificial Intelligence

GUEST ESSAY: Ponemon study warns: AI-enhanced deepfake attacks taking aim at senior execs

The Last Watchdog

APRIL 22, 2025

The most common deepfakes are impersonation of executives trusted contacts, urgent demands for payments, and false information about a detected security breach. Common fakery The most common deepfakes experienced are impersonation of executives trusted entities and urgent demands for payments or information about a detected security breach.

Authentication

Authentication Social Engineering Technology Media

Top 15 Exploited Vulnerabilities of 2023

SecureWorld News

NOVEMBER 12, 2024

The request allows a cyber actor to take full control of a system. The actor can then steal information, launch ransomware, or conduct other malicious activity. Malicious cyber actors began exploiting the vulnerability after it was publicly disclosed in December 2021. This exploit occurs even without user interaction.

Software

Software Cyber threats Risk Passwords

Empowering Boards for Cybersecurity Incidents

SecureWorld News

JANUARY 12, 2025

A 2022 PwC study found that 59% of directors admitted their board is not very effective in understanding the drivers and impacts of cyber risks for their organization, emphasizing the critical role of board members in these moments. Only a select group of properly trained individuals should escalate cyber incidents to the board.

Cybersecurity

Cybersecurity Data breaches Ransomware Government

Optimize Your Security Budget and Improve Security with Threat-Informed Defense

Security Boulevard

MARCH 20, 2025

Ive been on the road lately asking security leaders how their teams reply to the question: Can we defend our most valuable information assets against techniques known to be used by this threat actor, and, if not, what can we do about it? Answering this question quickly and with confidence is at the core of what security teams are paid to do.

Risk

Risk CISO Cyber Risk Cyber threats

Protecting Oil and Gas Industry Infrastructure: Strategies for Resilience

SecureWorld News

JANUARY 16, 2025

Ensure compliance with regulations When IT support processes fail to align with manufacturing needs, the consequences are significant: Staying informed: Governments and industry bodies frequently update regulations to address emerging threats. Companies must monitor these changes and ensure compliance to avoid legal penalties.

Energy and Utilities

Energy and Utilities IoT Backups Artificial Intelligence

Healthcare Cybersecurity Market Soars: Key Trends and Insights

SecureWorld News

MAY 2, 2025

Attackers are not only encrypting data but also engaging in "double extortion," stealing sensitive patient information to demand higher ransoms. Leaders are investing in stronger endpoint protection, network monitoring, and incident response capabilities to mitigate ransomware risks.

Healthcare

Healthcare Marketing Cybersecurity CISO

Cybersecurity in Aviation: Rising Threats and Modernization Efforts

SecureWorld News

JUNE 9, 2025

In 2018, Cathay Pacific suffered what remains one of the most serious data breaches in airline history, compromising the personal information of up to 9.4 million passengers —including passport details, birth dates, frequent-flier numbers, phone numbers, and credit card information. million Microsoft Windows computers globally.

Cybersecurity

Cybersecurity Social Engineering Computers and Electronics Risk

Qantas: Breach affects 6 million people, “significant” amount of data likely taken

Malwarebytes

JULY 2, 2025

.” An initial review has confirmed the data includes: Customers’ names Email addresses Phone numbers Birth dates Frequent flyer numbers Fortunately, credit card details, personal financial information and passport details were not held in the breached system. Qantas says it will also continue to update customers via its social channels.

Social Engineering

Social Engineering Cyber Risk Data breaches Passwords

Unlock the Power of Financial Quantification of Cyber Risk

Security Boulevard

APRIL 18, 2025

In today's complex threat landscape, gut feelings and disparate risk scores are no longer sufficient for effective cyber risk management. Organizations need concrete, data-driven insights to make informed decisions, prioritize security investments, and ultimately, protect their bottom line.

Cyber Risk

Cyber Risk Risk Cyber threats

Story of the Year: global IT outages and supply chain attacks

SecureList

DECEMBER 9, 2024

This incident highlighted the risks of attacks where third-party service providers become the entry point. However, delegating tasks also introduces new information security challenges. IT outsourcing is growing in popularity, offering benefits such as time and resource savings. Another threat that looms large is data breaches.

Internet

Internet Internet Risk Social Engineering

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

FEBRUARY 7, 2025

When data breaches escalate, cyber-attacks grow more sophisticated, nation states ramp up their digital warfare, and regulations tighten the noose, staying ahead isnt just an optionits your only line of defence. Amid a backdrop of increasingly sophisticated and frequent cyberattacks, APTs are a growing concern for CISOs and cyber risk owners.

Cyber Risk

Cyber Risk CISO Risk Encryption

The Rise of Insider Threat Automation: When Employees Weaponize AI

SecureWorld News

MARCH 10, 2025

From simple breaches to complex automation Traditionally, insider threats involved straightforward breaches: an employee downloads sensitive files ( Stuxnet, anyone? ), leaks confidential information, or manipulates company data for personal gain. In fact, it even makes it easier to get valuable information that's often not even encrypted.

Risk

Risk Cybersecurity Healthcare Data breaches

Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks

Security Boulevard

JANUARY 24, 2025

Invest in essential cybersecurity controls for protecting AI systems both before and after theyre deployed, and for responding to and recovering from cyber incidents. Pay attention to information governance, such as what data will be exposed to AI systems and how it will be protected.

Banking

Banking Cybersecurity Artificial Intelligence Ransomware

IATA Cyber Regulations

Centraleyes

DECEMBER 11, 2024

Legal Context: While the framework itself is industry-led, it aligns with broader cybersecurity laws such as the General Data Protection Regulation (GDPR) in Europe, the Cybersecurity Information Sharing Act (CISA) in the U.S., and the EU Cybersecurity Act. are typically required to meet IATAs expectations.

Risk

Risk Penetration Testing Cybersecurity Digital transformation

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Security Boulevard

MARCH 7, 2025

Check out best practices for shoring up data security and reducing cyber risk. And get the latest on cyber scams; zero-day vulnerabilities; and critical infrastructure security. 1 - CSA: How to boost data security and reduce cyber risk Risk assessment gaps. Siloed cyber tools. Misaligned priorities.

Cybersecurity

Cybersecurity Scams CSO Risk

Cybersecurity Snapshot: CISA’s Best Cyber Advice on Securing Cloud, OT, Apps and More

Security Boulevard

MAY 2, 2025

The recommendations will help to protect the sector from cyber incidents, identify and address vulnerabilities prior to product release, improve incident response, and significantly improve software security , CISA said in a statement. Maintain a comprehensive asset inventory, and keep software updated and patched.

Cybersecurity

Cybersecurity Software Cyber Risk Risk

Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat

Security Boulevard

JUNE 27, 2025

government’s latest call for developers to use memory-safe programming languages, as well as its warning for cybersecurity teams regarding cyber risk from hackers tied to Iran. Plus, get the latest on ransomware trends, the quantum computing cyber threat and more! Check out the U.S. and the U.K.) Passkeys are rolling out fast.

Cyber threats

Cyber threats Cybersecurity Computers and Electronics Password Management

FDA Playbook Engineers Safety Into Medical Device Manufacturing

SecureWorld News

JUNE 25, 2025

As connected healthcare devices become more pervasive and critical to patient outcomes, the cyber risks tied to their design, production, and deployment grow exponentially. These connections are usually unencrypted or allow users access to manipulate information. In its latest white paper, the U.S.

Manufacturing

Manufacturing Engineering Healthcare Risk

Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture

Security Boulevard

JUNE 6, 2025

National Cyber Security Centre’s (NCSC) “ Timelines for migration to post-quantum (PQC) cryptography.” Embrace change: Stay attuned to emerging cyber risks and be ready to modify cybersecurity processes accordingly. Show how this capacity to adapt to new cyber threats helps strengthen the organization’s resilience.

CISO

CISO Cybersecurity Cyber threats Government

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

Security Boulevard

MARCH 21, 2025

And get the latest on open source software security; cyber scams; and IoT security. 1 - Tenable: Orgs using AI in the cloud face thorny cyber risks Using AI tools in cloud environments? Make sure your organization is aware of and prepared for the complex cybersecurity risks that emerge when you mix AI and the cloud.

Risk

Risk IoT Cybersecurity Manufacturing

Security Roundup January 2025

BH Consulting

JANUARY 30, 2025

Cyber risk remains top of mind for business leaders A regular January fixture, the World Economic Forums Global Risk Report 2025 features two technology-related threats among the top five risks for the year ahead and beyond. The report ranks risks by severity over two-year and 10-year timeframes.

Cyber Risk

Cyber Risk Computers and Electronics Risk CISO

Unanswered Questions Loom Over Cyber Attacks on M&S, Co-op & Harrods

Jane Frankland

MAY 3, 2025

link] Meanwhile, the Co-op is grappling with claims from cyber criminals that they possess the private information of 20 million members from its membership scheme. Whether its informing employees, customers, or stakeholders, timely and transparent communication can significantly limit reputational damage and maintain trust.

Cyber Attacks

Cyber Attacks Retail Cyber threats Backups

Authorities Unsure if Spain, Portugal Power Outage Was a Cyber Attack

SecureWorld News

APRIL 29, 2025

Whether it was caused by a sophisticated cyberattack or an ordinary technical failure, the outcome remains the same: millions disrupted, critical services compromised, and economic damage," said Kip Boyle , Instructor and vCISO at Cyber Risk Opportunities LLC.

Cyber Attacks

Cyber Attacks Energy and Utilities Telecommunications Government

Q&A: Cybersecurity in ‘The Intelligent Era’

IT Security Guru

MARCH 26, 2025

The increasing deployment of deepfakes highlights a concerning trend where AI, in the hands of sophisticated fraudsters, produces convincing deepfakes of people and their voices.

Cybersecurity

Cybersecurity Encryption Threat Detection Authentication

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Centraleyes

MARCH 13, 2025

Enhanced Governance Requirements Entities must appoint a qualified Chief Information Security Officer (CISO) with a direct reporting line to the board of directors. New Risk Assessment Standards New updates mandate independent third-party risk assessments. These changes took effect in 2024. Here are the highlights: 1.

Cybersecurity

Cybersecurity Financial Services Risk Encryption

Key Cybersecurity Trends for 2025. My Predictions

Jane Frankland

JANUARY 12, 2025

In this blog, I’m exploring these changes, grouped under key categories that I’ve used in previous years, to help business leaders and cyber risk owners better prepare for the evolving landscape. Ransomware remains a prominent threat, but the methods have evolved. But it doesnt stop there.

Cybersecurity

Cybersecurity CISO Insurance IoT

News alert: Living Security report reveals that just 10% of employees drive 73% of cyber risk

How Spread Betting Platforms Safeguard Traders Against Cyber Risks

Trending Sources

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

Protecting Retailers Against Cyber Risks on Black Friday and Cyber Monday

How Exposure Management Helps Communicate Cyber Risk

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Why MSSPs Must Prioritize Cyber Risk Quantification in 2025

AI Dilemma: Emerging Tech as Cyber Risk Escalates

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On

Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

News alert: One Identity wins 2024 Cyber Defense Award: Hot Company – PAM category

Romantic Lawsuit for Two? Don't Let Cybercriminals Scam You this Valentine's Day

What Rebels Teach us About Stronger Cyber Defence

AI and Data Security: Takeaways from Latest Cybersecurity Info Sheet

Cisco Contributes to Cyber Hard Problems Report

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

GUEST ESSAY: Ponemon study warns: AI-enhanced deepfake attacks taking aim at senior execs

Top 15 Exploited Vulnerabilities of 2023

Empowering Boards for Cybersecurity Incidents

Optimize Your Security Budget and Improve Security with Threat-Informed Defense

Protecting Oil and Gas Industry Infrastructure: Strategies for Resilience

Healthcare Cybersecurity Market Soars: Key Trends and Insights

Cybersecurity in Aviation: Rising Threats and Modernization Efforts

Qantas: Breach affects 6 million people, “significant” amount of data likely taken

Unlock the Power of Financial Quantification of Cyber Risk

Story of the Year: global IT outages and supply chain attacks

Secure Communications: Relevant or a Nice to Have?

The Rise of Insider Threat Automation: When Employees Weaponize AI

Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks

IATA Cyber Regulations

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Cybersecurity Snapshot: CISA’s Best Cyber Advice on Securing Cloud, OT, Apps and More

Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat

FDA Playbook Engineers Safety Into Medical Device Manufacturing

Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

Security Roundup January 2025

Unanswered Questions Loom Over Cyber Attacks on M&S, Co-op & Harrods

Authorities Unsure if Spain, Portugal Power Outage Was a Cyber Attack

Q&A: Cybersecurity in ‘The Intelligent Era’

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Key Cybersecurity Trends for 2025. My Predictions

Stay Connected