You’ve just sat down to start your work day and you’re going through your emails, hot cup of coffee in hand. You see an email from your company’s IT department telling you to install an update ASAP. As soon as you click the link in the email, you realize you probably should have checked with IT first.

Legal authorities and the general public typically hold organizations accountable for any harm caused during their daily operations. The expectation is that leaders of those organizations have considered the potential harms that might happen, and implemented reasonable precautions to reduce or eliminate the risks. This is known as the “DoCRA standard.”

In today’s interconnected world, it’s easy for organizational leaders to see a security incident on the news and question if they could be next. Security is often top of mind but rarely a strategic priority, leaving many CISOs struggling to communicate how to reduce risk to the board. And the latest risk management trends could present new challenges for security leaders. How can you overcome them?

Today we are going to keep looking at artificial intelligence and how corporations can get ahead of the risks thereof. Our previous post on AI was primarily a list of potential risks that could run rings around your company if you’re not careful; so what steps can the board and senior executives take to prevent all that? Well, first things first. AI is a new technology.

We’re proud to announce that SecurityScorecard has been named to Fast Company’s prestigious annual list of the World’s Most Innovative Companies for 2023. This list highlights companies at the forefront of their respective industries, who are rethinking business and culture, while paving the way for future innovations. We’re honored to join the ranks of other innovators, such as OpenAI, Disney, and Tiffany & Co.

In today’s world organizations rely on computer systems and data for pretty much everything, including mission-critical processes and interactions with customers. And given the relentless increase in cybersecurity threats, this means that organizations’ need to protect themselves and their customer data from such threats is paramount. The average cost of a single data breach in the United States is now $9.44 million.

The Dutch Police have arrested three individuals for suspected ransomware activity, which generated at least 2.5M Euro in extortion fees. The actors are believed to have attacked thousands of organizations, compromising the data of tens of millions of individuals. This is another example of successful law enforcement activity against ransomware operations. Such activity has increased over the past year, leading to the arrest of several prominent ransomware group members, such as Revil and Netwalker.

While things can sometimes seem “back to normal” in the rest of the world, the devastating war is still going on in Ukraine, affecting millions of innocent civilians. Reflecting on the past year’s suffering of the Ukrainian people, we’d like to summarize the cyber warfare aspect of this conflict. In 2022, Russian government-backed cyberattacks targeted users in Ukraine more than any other country.

Companies and their many stakeholder groups depend on accurate information. Whether you’re a manager, investor, board director, or employee, it’s crucial to have an accurate picture of what is happening in a company. Publicly traded companies provide this picture through financial data, collected and shared through formal, published financial reports.

Today’s release of the White House’s National Cybersecurity Strategy is the result of more than a year of government and industry collaboration that sets new boundaries for the government approach needed to improve global cyber defenses. The strategy clearly represents a shift away from decades-old voluntary compliance regimes to a more aggressive regulatory construct that seeks to shift cyber burdens onto providers/developers and owners and operators of critical infrastructure.