Cyber risk has become a barometer for corporate resilience and trust. As the landscape accelerates, boards are expanding how they engage with performance, talent, and technical insight to keep pace with rising expectations. In today’s environment, traditional rhythms are giving way to more dynamic approaches that reflect the speed of change.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Red Dead Redemption 2 and GTA 5 game maker Rockstar Games confirms a data breach stemming from a third-party cloud provider after hackers threatened to leak stolen information.
A data breach at Booking.com has leaked the personal information of customers across multiple countries after unauthorized third parties accessed reservation details.
The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require users to update their macOS certificates.
The U.K.’s NCSC warns that Russian hackers linked to the country’s GRU Military Intelligence Unit are using compromised routers for DNS hijacking to enable credential theft.
Microsoft has banned the developer accounts of high-profile open-source projects, leaving them unable to publish software updates, exposing Windows users to various cyber threats.
A joint advisory by U.S. federal agencies warns of Iranian-affiliated cyber attacks on critical infrastructure, including energy, water, and government sectors.
The Trump administration has proposed a $707 million cut to CISA’s operating budget, citing waste, weaponization, and redundancy concerns, as nation-state cyber threats increase.
The idea of continuously verifying access rather than assuming trust is more relevant than ever, but the challenge is that many organizations implemented Zero Trust as a fixed framework in environments that have since become highly dynamic.
A ransomware attack hit the online ticketing platform Vivaticket, disrupting booking services across European museums and monuments.










