In recent years, cybersecurity threats have become increasingly common and sophisticated, posing significant risks to individuals, businesses, and governments. In response to these threats, the European Union (EU) has introduced the NIS2 Directive, a new legislation focused on improving cybersecurity across the EU.

The government just released its new National Cybersecurity Strategy built around five pillars: I have many thoughts and inputs on each of these pillars and will address them in individual installments to keep them easily digestible. I believe vigorous debate on these issues is important so we can achieve the best possible outcomes in each of these lines of effort. Implementing strategy is when the hard work begins and the stakes couldn’t be higher with this topic. We have to get it right.

Financial services companies are a favorite target for threat actors. Most of us are familiar with the Equifax and Capital One breaches that exposed hundreds of millions of customer records. But there are other attacks that don’t make the headlines. Over the years, the Carnegie Endowment’s FinCyber project has documented hundreds of separate cyber incidents impacting financial institutions around the world.

The Open Web Application Security Project (OWASP) is a global non-profit organization dedicated to improving the security of software. The OWASP foundation first released a list of the top 10 security risks faced by APIs in 2019. Although 4 years is an extremely long time when it comes to computing, the fact remains that most organizations are still in the process of putting better API security controls in place to protect against the 2019 Top 10.

In today's digital age, cybersecurity risks are a major concern for businesses of all sizes. With cyber attacks becoming more sophisticated and frequent, it is important for businesses to assess their cybersecurity risk, prioritize them, and take measures to mitigate them.