Two years ago, Kovrr took a unique approach to cyber risk modeling of financial quantification (FQ) and expanded to the enterprise market. After a long time of quantifying risks of portfolios for global insurers and reinsurers, Kovrr was able to build expertise around quantifying risk with specific expertise in acquiring high-quality data to feed our models and fast time to value using automation.

Whether or not you believe in omens and superstition , Friday the 13th is a day of infamy. To celebrate—if that’s a thing—let’s look at some creepy cyber incidents that will have your skin crawling in good old Friday the 13th fashion.

Third party risk assessment is the process of evaluating and managing the risks associated with engaging third parties. It involves identifying, assessing, and mitigating potential risks that could arise from working with external vendors or partners. The goal of this type of assessment is to ensure that any risks posed by these relationships are minimized or eliminated altogether.

During the last week of December, a threat actor who goes by the name “Ryushi”, claimed to be selling public and private data of 400 million Twitter users, which was scrapped in 2021, using an API vulnerability which was fixed by Twitter in 2022. Since then, Ireland’s Data Protection Commission (DPC) notified that it "will examine Twitter's compliance with data-protection law in relation to that security issue".

Malware is short for "malicious software" and refers to any software program that is designed to harm or exploit a computer or device. And unfortunately, malware is all over the internet, with 560,000 new pieces of malicious software detected every day. It can come from many potential sources, including: It’s vital for organizations to understand the risks malware poses and take effective measures to stop potential threats.

Cloud computing is a powerful service, but securing its assets proves to be a difficult task by even the largest companies in the world. The average cost of a cloud breach is around $4 million, and it is vital that cloud workloads are as secure as possible. This article will explain cloud security and provide seven steps organizations should take when conducting their cloud risk assessment.

‍ Even maintaining current budgets can be hard as companies look for cost savings in non-revenue-generating areas. But you don’t have to wait for a cyber attack to occur to prove that you need to invest in cybersecurity. ‍ Instead, CISOs can demonstrate the ROI of their current spend, and potentially convince other leaders to increase budgets, by using cyber risk quantification (CRQ).

It’s estimated that 63.5 percent of the world’s total population—or 5.07 billion people—uses the Internet today, with a projected 30.9 billion devices connected to the Internet by 2025. (This means even more proving to CAPTCHAs that we’re not robots–good luck picking out all the fire hydrants in the grids!) With more people working from home, combined with a greater reliance on cloud services and ecommerce, the potential for cyberattacks has never been higher.

CISOs – the senior level executives responsible for developing and implementing cybersecurity programs for corporations and other organizations – are not happy campers these days. And it’s not just because they are chronically understaffed and under constant pressure.

I am yet to meet a CISO who has been given unlimited resources to secure the organization, and in almost all cases, there is more work that can be done to improve security. So given infinite time and resources, how to prioritize the next strategic initiative or project? The increasing maturity of security control frameworks such as those developed by NIST and CIS provide a good structure for maturing a cyber security programme, mapped to preventing common tactics, techniques and procedures .