It seems everyone is concerned about cybersecurity these days, and the investor community is no different. Shareholders are reading the headlines—ransomware attacks, data breaches, infrastructure disruptions—and they are wondering how these incidents could impact the companies that they invest in. Shareholders are about to get a lot more information from companies in the months ahead. In July 2023, the U.S.

In an era where digital innovation has become the lifeblood of businesses, cybersecurity has taken center stage in the corporate world. The Australian Prudential Regulation Authority (APRA) recognized this need and introduced CPS 234, a regulation that puts cybersecurity at the forefront of APRA-regulated entities. APRA is currently conducting an independent tripartite cyber assessment of compliance with CPS234, which took effect in 2019.

Software supply chain attacks, or digital supply chain attacks, have become increasingly prevalent over the last couple of years. According to a study by KPMG, 73% of organizations have experienced at least one significant disruption from a third-party in the last three years. What’s the best way to protect against potential software supply chain attacks? To get the answer, let’s define what those attacks are, how they happen, and how you can defend against them.

Cyber threats pose a significant risk to organizations due to today's increasingly interconnected digital landscape. To address these challenges and ensure the security and resilience of critical infrastructure and digital services, the European Union introduced the Directive (UE) 2022/2555, commonly known as NIS 2 - which was actually approved on the same day as DORA, both being critical in how the EU is leveraging regulatory compliance and technology to reduce cyber risk.

The cloud can be cost-effective, scalable, flexible and – mostly – secure. So, it’s not surprising that 94 percent of enterprises use cloud services, 67 percent of enterprise infrastructure is cloud-based, and 92 percent of businesses have a multi-cloud strategy in place (source). But that doesn’t mean that breaches can’t happen.

Recent events, including the 2020 COVID-19 pandemic, shifts in demand, and labor shortages have shone a spotlight on supply chain resilience – or lack thereof. In response, business leaders recognize that becoming more resilient is a necessity and are looking at strategies for doing so. As a best practice, Gartner recommends that companies diversify their manufacturing networks, utilize regional or local supply chains, add buffer capacity, and more.

Thanks to globalization and rapidly developing technology, enterprise involves more connections than ever before, and more connections means more risk in the supply chain. Supply chain risk extends past those suppliers with whom you’re doing business directly. Beyond your third-party suppliers are their suppliers, and the supply chain continues branching out from there. In today's connected world, organizations must not isolate their supply chain risk management.

In today's interconnected and digital world, businesses face increasing risks, particularly in the realm of cybersecurity. To address these risks and ensure the operational resilience of financial institutions, industries and governments push for regulatory frameworks. Two prominent examples are the EU's Digital Operational Resilience Act (“DORA”) and the UK's Prudential Standard PS21/3 (“PS21/3”).

The increasing sophistication and frequency of cyber threats have exposed companies to significant risks, including data breaches, financial losses, and reputational damage. Investors have become deeply concerned that these risks can negatively impact their investment decisions. As we have previously discussed, companies and their shareholders must tackle the significant and constantly changing challenge of understanding cybersecurity risk.

Your external attack surface is growing rapidly. The adoption of cloud technologies, business growth, a remote workforce, IoT, and a growing supply chain of digital vendors creates an enormous digital footprint and increased cyber risk. External attack surface management (EASM) can help you mitigate and manage this risk—proactively and at scale.