< ciso
brief />
Tag Banner

All news with #insider risk tag

46 articles

Lessons from underground: combating BEC threats

📣 Flare researchers examined underground forum discussions and tools used to orchestrate Business Email Compromise (BEC) campaigns, finding that attacks extend beyond email to include remote access, cash-out networks, and call centers. Actors target finance and leadership SaaS accounts, increasingly using AI to craft realistic messages and scale operations. Defenders should monitor exposed credentials, enforce MFA, train high-risk staff, and treat multi-channel contacts cautiously.
read more →

AI Adoption Is Accelerating Risks for SMEs

🔒 Small and mid-sized businesses are rapidly adopting AI, often ahead of large enterprises, and this pace is outstripping their ability to govern associated cyber risks. Shadow AI—employees using public tools without oversight—exposes customer data, financial records, and intellectual property, while attackers increasingly exploit these weaker links in supply chains. The author urges owners and CFOs to map AI use, restrict sensitive data, treat AI access like hires, and engage advisors who can secure AI adoption effectively.
read more →

Reframing Trust: A CISO’s Risk-Tiering Model

🔍 Security awareness training that taught employees to spot obvious phishing cues is no longer sufficient. AI-generated attacks and legitimate-looking infrastructure have erased the surface signals users were trained to rely on, making sustained human vigilance unrealistic. The article argues for applying Daniel Kahneman’s fast/slow thinking at the organizational level to map and re-tier processes, keeping fast lanes where justified and revoking them where risk has changed.
read more →

Xsolis data breach compromises 1.4M patient records

🔒 Xsolis, a U.S. healthcare technology provider, detected a targeted phishing attack that led to unauthorized access to parts of its network in January 2026. The company says files containing sensitive customer information—such as names, addresses, dates of birth, insurance details, Social Security numbers, and medical treatment data—were accessed, affecting 1,396,519 individuals. Xsolis contained the breach, engaged external cybersecurity experts, reset user passwords, enhanced monitoring, accelerated employee security training, and is notifying impacted individuals with offered identity monitoring services.
read more →

Tabletop simulates modern retail ransomware mayhem

🔍 The Semperis-run "Enter the War Room" tabletop at Infosecurity Europe simulated a ransomware and reputational attack on fictional supermarket BlueCart. Red-team operators exploited supplier trust, stolen credentials, weak MFA, and poor network segmentation to access AI supply-chain systems and exfiltrate loyalty data. Attackers combined misinformation, deepfakes, fake orders, and payroll disruption to magnify harm, while defenders focused on out-of-band communications, honeypots, and refusing ransom demands to limit impact.
read more →

Cybersecurity Professionals Reporting Increased Job Strain

🔐 A new report from ISSA and Omdia, surveying 380 practitioners, finds 68% of cybersecurity professionals say their jobs have become harder in the past two years. The study highlights that >70% are excluded from key technology decisions, with rising involvement from IT operations and platform engineering (79%) and tech choices made without cyber input (72%). Work-related stress is significant: 69% report work-life balance challenges and 47% have considered leaving due to stress. Respondents point to leadership commitment, compensation, and career support as key factors for job satisfaction.
read more →

Why schools remain favourite cybercriminal targets

🔒 Recent ransomware incidents have shown that schools are year-round targets for cybercriminals. Evanston Township High School closed after an attack disrupted critical systems, while Powys County Council in Wales confirmed student and staff data were accessed at multiple schools. Districts are engaging external experts and notifying authorities, highlighting schools' limited budgets and reliance on networked systems.
read more →

Reframing Burnout as a Cybersecurity Risk

🛡️ Cybermindz warns that burnout among cyber professionals should be treated as a measurable operational risk rather than only a wellness concern. Their survey of 101 practitioners found frequent burnout and high emotional exhaustion, while their iRest® training study across 275 participants showed improved sleep, reduced exhaustion and lower attrition risk. Founder Peter Coroneos argues a risk-based framing can secure resources and support resilience.
read more →

Detecting and Blocking Unsanctioned AI in the Enterprise

🔍 While many organizations intentionally deploy AI to improve productivity, unsanctioned AI is proliferating faster — employees install tools or vendors embed assistants into existing apps. The article defines four AI categories and maps specific detection techniques to each, covering DNS, web gateways/NGFW, EPP/EDR, application and browser controls, and SSPM/identity governance. It flags OAuth consent as a high-risk channel and summarizes admin steps for Microsoft Entra, Google Admin, Salesforce, and ServiceNow to block or restrict app access.
read more →

Most CISOs Would Consider Paying Ransoms to Recover

🔒 A new report from Absolute Security finds that 58% of CISOs would realistically consider paying a ransom to restore systems after a ransomware attack. US respondents were likelier to consider payment (63%) than UK peers (47%), with legal guidance, GDPR and doubts over recovery cited as reasons. Operational downtime was viewed as the most damaging impact. The report warns organizations to invest in resilience, infrastructure and governance to reduce reliance on ransom payments.
read more →

The Fake IT Worker Threat CISOs Must Address Urgently

🛡️ Hiring fraud has produced thousands of fake IT workers who gain trusted access and create serious insider risks. Companies such as Amazon report coordinated attempts tied to state actors, while researchers like SentinelOne and vendors observe AI-enabled deepfakes, synthetic identities and stolen US credentials used to pass recruitment checks. Organizations must treat remote hiring as an access-control problem: strengthen identity screening, enforce staged trust, and deploy continuous post-hire telemetry and behavioral detection.
read more →

Only 34% of Cyber Pros Plan to Stay With Employers

🔍Only 34% of cybersecurity professionals plan to remain with their current employer, according to a survey of 500 respondents by IANS and Artico Search. The report finds that flexible work models, visible leadership support, and structured career development influence retention more than absolute pay. Hybrid schedules, mentorship, and modern tooling help reduce burnout and turnover.
read more →

Cyber Threat Literacy Tops Global People Risks 2026

🛡️ Marsh's 2026 People Risks report, compiled from interviews with over 4,500 HR and risk professionals across 26 markets, finds cyber-threat literacy is the top global people risk, with technological change, tech skills shortages and AI-related mindset barriers also ranking highly. The report highlights mishandling of data and low employee security awareness as persistent threats that can increase exposure to breaches and reputational damage. Marsh recommends reframing cyber risk to cover OT, HR and third-party systems, recruiting cyber talent, building a cyber-centric culture, reducing fatigue, and ensuring human oversight with robust governance and insurance cover.
read more →

CISOs Evolve into Enterprise Risk and Business Strategists

🔒 Nitin Raina’s move from IT operations to Thoughtworks’ global CISO and global head of enterprise risk illustrates a fast-growing trend: CISOs increasingly lead enterprise risk programs. Since 2020 Raina has built an ERM function that links strategic, operational, and cybersecurity risks through assessments, gap analyses, and controls. Industry reports show most CISOs now share accountability for operational business risk and are responsible for AI governance, making GRC and risk quantification central to executive and board trust.
read more →

CISOs Must Innovate to Retain Cybersecurity Talent

🔒 A new 2026 Cybersecurity Talent Report from IANS and Artico Search warns CISOs must be aggressive and innovative to retain staff amid a volatile jobs market. Based on interviews with over 500 US cybersecurity professionals, the study found only 34% plan to stay in their roles while 43% are considering a change, with turnover intent higher among senior staff. The report links job satisfaction to career progression, compensation movement and work-life balance, and highlights hybrid working and visible senior support as key retention drivers.
read more →

Employee Data Breaches Reach Seven-Year High in UK

🔒 New analysis from law firm Nockolds shows employee data breaches reported to the UK Information Commissioner’s Office reached 3,872 incidents in 2025, a 5% year‑on‑year increase and about 29% above the 2019 baseline of 3,010. The report highlights a divergence in incident types: cyber-related breaches fell 6% to 1,568, while non-cyber incidents rose 15% to 2,304. Nockolds principal associate Joanna Sutton attributes the shift to hybrid working and gaps in physical and procedural safeguards, and urges closer collaboration between HR and security teams to improve training, policies and risk controls.
read more →

Mazda reports security breach exposing partner data

🔒 Mazda Motor Corporation disclosed unauthorized access to a warehouse management system used for parts procured from Thailand, affecting 692 records containing employee and business partner information. The exposed data types included user IDs, full names, email addresses, company names and business partner IDs, and Mazda says no customer data was involved. The company reported the incident to the Personal Information Protection Commission and implemented security patches, reduced internet exposure, increased monitoring and stricter access controls while investigating with external specialists.
read more →

AI-Driven Insider Risk Now a Critical Business Threat

🔒 Mimecast's State of Human Risk Report 2026 warns that insider threats have escalated into a critical business risk, driven in part by employees mishandling or abusing AI tools. The study found 42% of organizations reported increases in both malicious insider activity and negligence-related incidents, while security leaders now anticipate an average of six insider-driven incidents per month. Mimecast cautions that attackers and insiders leveraging AI amplify exposure and call for security to address risk at the user level.
read more →

Majority of CISOs Open to Career Moves, Many Exit Now

🚨 A recent IANS Research and Artico Search survey found that 69% of enterprise CISOs are open to a career move within the next year, often targeting larger-company CISO roles, other executive posts, or non-CISO paths. Analysts attribute the trend to chronic exhaustion, misaligned authority, and a structurally broken role that leaves leaders accountable without matching influence. Experts recommend giving CISOs enterprise-level standing, direct CEO and board access, and authority and budget that match their responsibilities to retain top security talent.
read more →

Loyalty Is Not Security: What CISOs Must Reconsider

🔒 The article argues that organizations commonly mistake tenure, performance, or verbal commitment for durable loyalty, creating a blind spot for insider risk. Loyalty is dynamic—shaped by fairness, hardship, and alignment—and can erode into resentment, data theft, or sabotage. The author advocates continuous, tiered verification, privacy-respecting monitoring, and AI-aware controls, citing Trusted Workforce 2.0 as a blueprint and cost comparisons that favor proactive programs.
read more →