36 résultats
pour « cybersecurity »
The Global Cybersecurity Outlook 2025 reveals escalating cyber risks due to geopolitical tensions, technological advancements, and supply chain vulnerabilities. Over 50% of organizations cite supply chain risks as their top concern. Experts stress updating technology, redefining risk management, and fostering collaboration to address growing cybercrime, AI threats, and regulatory challenges.
In the ever changing landscape cybersecurity landscape, Jeff Crume reviews his predictions for last year and peers into his crystal ball to see what may be coming in 2025 and beyond especially when it comes to how AI will change the threat landscape to possible solutions.
This paper introduces a dynamic, proactive cyber risk assessment methodology that combines internal and external data, converting qualitative inputs into quantitative measures within a Bayesian network. Using the Exploit Prediction Scoring System, it dynamically estimates attack success probabilities and asset impact, validated through a Supervisory Control and Data Acquisition (SCADA) environment case study.
“Using cybersecurity certification as the basis for providing a complete defense to liability may not prevent every harm from occurring. However, if organizations invest in certification to avoid legal liability, this should collectively improve the resilience and quality of technology products in the United States and beyond.”
“… the report underscores the critical role of emerging governance, risk, and compliance frameworks in ensuring organizations remain adaptive and resilient in the face of ever-evolving cyber threats. In an era where digital risks are continuously evolving...”
"Using a novel firm-level measure of cybersecurity, we find that cybersecurity risk increases the probability of bank default. The effect is larger for banks with deposit withdrawal, but less pronounced for banks with liquidity buffer. Our results are robust to using an instrumental variable approach and to using alternative measures. "
#regulators recently issued #cybersecurity #disclosure guidelines to enhance #transparency and #accountability among firms. A study analyzed cybersecurity disclosure practices among a sample of Toronto Stock Exchange firms over seven years. Findings indicate a notable increase in disclosure after 2017 guidance by #canadian Securities Administrators. However, improvements are needed, especially in #governance and #riskmitigation disclosure. This study sheds light on policy's impact on cybersecurity transparency.
#cybersecurity goes beyond networks and people, encompassing #physicalsecurity crucial for organizations. Inadequate physical security, seen in incidents like the Oklahoma City bombing, 9/11 attacks, and U.S. Capitol breach, highlight policy and control failures. Effective physical security involves planning, #riskassessment, #controls, and frameworks like #cpted, #nist, and #fema, addressing present and future #threats.
On July 26, 2023, the #sec adopted final rules requiring disclosure of material #cybersecurity incidents on Form 8-K and periodic disclosure of a registrant’s cybersecurity #riskmanagement, strategy, and #governance in #annualreports.
"This paper presents a continuous-time dynamic model of market adoption of #cybersecurity. Individuals choose whether and when to make a precautionary investment in self-protection against the evolving security #risk of direct attack and indirect contagion. The equilibrium adoption path has a ``tipping point'': individual users will invest to get protected all at once when a critical mass of the infected has been reached."