Cyber Insurance in 2025: How Risk Ratings Are Changing Underwriting
Cyber insurance used to be based on sector, turnover, and a brief questionnaire. In 2025, that's changed. With the rise [...]
How AI & Automation Are Transforming Enterprise Supply Chain Risk Management
Managing cyber risk across an enterprise supply chain used to be a manual grind — spreadsheets, questionnaires, audits, and long [...]
Preparing for Cyber Litigation: Risk Frameworks & Legal Readiness
Cybersecurity is no longer just an IT or compliance issue — it’s now a serious legal exposure. In 2025, companies [...]
Redefining Cyber Risk Quantification: How Cyber Tzar’s Virtuous Triangle Solves the Challenges of Modern Cyber Threats
Executive Summary Cyber risk quantification has often been viewed with scepticism, dismissed as simplistic, static, or out of step with [...]
The Virtuous Triangle: Scaling Cyber Risk Assessments with Purpose and Precision
Risk isn’t static. It changes with every new CVE, every new phishing campaign, and every new misconfigured server. In a [...]
Vendor Risk Intelligence: How AI & Automation Are Changing TPRM
Third-party risk management (TPRM) used to be manual, slow, and reactive. In 2025, AI and automation are rewriting the rules [...]
Data Breach Reporting Obligations: What In-House Lawyers Must Know
In the wake of high-profile cyber breaches, regulatory scrutiny is rising — and in-house legal teams are now expected to [...]
Tier 4 Supplier Risk: The Blind Spot in Most Supply Chains
When organisations think about supply chain risk, they usually focus on direct vendors — cloud providers, IT partners, or logistics [...]
From Siloed Systems to a Shared Risk Picture: Cyber Strategy for Multi-Org Collaborations
Local councils teaming up to share finance platforms. Police forces joining together for firearms licensing. Universities collaborating on accelerators and [...]
Are Your Pen Tests Lying to You? What Automated Scanning Misses Without Context
Penetration tests are often treated like a gold standard.They’re expensive. Formal. Signed off by boards. But here’s the truth: 🛑 [...]
Insider Threats in Defence: Managing Risk from Within
Cybersecurity in the defence sector has long focused on sophisticated external threats — nation-state actors, advanced persistent threats (APTs), and [...]
The New Age of Supply Chain Attacks: How to Build Resilience in 2025
The cyber kill chain has shifted. In 2025, attackers aren’t just going after large enterprises — they’re targeting the suppliers, [...]
What Brokers Need to Know About Cyber Underwriting in 2025
Cyber insurance is no longer a niche product. It’s a boardroom priority. But for brokers, the market in 2025 is [...]
The Future of Third-Party Risk: Why Real-Time Risk is the Only Way Forward
If you're still relying on once-a-year questionnaires or static audits to manage third-party cyber risk, you're already behind the curve. [...]
Don’t Pay: Why Ransom is a False Solution
In 2021, the Harris Federation—one of the UK’s largest school groups—was hit by a crippling cyber attack. Russian ransomware group [...]
Cyber Resilience Is Not a Destination
When a significant cyber incident hit Marks & Spencer in April 2025, former John Lewis chairman Sir Charlie Mayfield appeared [...]
The Business of Blackmail: Understanding Ransomware in Retail
When Marks & Spencer’s online services went dark last week, it wasn’t just a technical hiccup. The high street giant [...]
Securing the Final Frontier: Addressing Cybersecurity Challenges in Space Exploration
In an era where space exploration and satellite technologies are integral to global communication, navigation, and security, the imperative to [...]
Chinese Espionage Group Exploits ivanti EPMM Zero-Days: What It Means for Supply Chain Security
Two new ivanti EPMM (Endpoint Manager Mobile) vulnerabilities – CVE-2025-4427 and CVE-2025-4428 – have been exploited in the wild as [...]
When the Fire Alarm Fails: Cyber Risks in School Infrastructure
In 2021, the Harris Federation—one of the UK’s largest multi-academy trusts—was hit by a devastating cyber attack. The hackers demanded [...]
