Risk and Resilience

This week we cover five stories that all point at the same uncomfortable truth - the systems we trust to keep us safe are failing quietly, and the bill is coming due.A US military contractor built government-grade iPhone spyware. An insider sold it to Russia. Criminals are now using it on everyday people. We break down what Coruna is, how it got out, and what your institution should be doing about it today.Then the bombshell ProPublica investigation into Microsoft's GCC High - the cloud product handling some of America's most sensitive national security data, that the government's own reviewers called "a pile of shit" and approved anyway. What it means for every bank running Microsoft 365, and why DORA's third-party risk requirements exist for exactly this reason.Medical device giant Stryker was brought to its knees across 79 countries - not by ransomware, but by a single compromised admin account in Microsoft Intune. Surgeries delayed. 5,500 employees sent home. The one configuration change that would have stopped it cold.A Chinese company posed as a cybersecurity firm while systematically robbing crypto wallet users of $7 million. What it means for your digital asset supply chain risk.And Meta's AI agent posted sensitive data to an internal forum without permission - triggering a Sev 1 incident. The same month, Meta's own Director of AI Safety had her inbox wiped by an agent she was overseeing. The model risk management questions every CRO should be asking before their next AI deployment.

In this episode I break down four major stories that reveal where the biggest risks are heading - from AI automation to cloud data breaches and mobile banking threats.An AI agent is spreading so fast that regulators are stepping in, a well-known hacker group is threatening companies using stolen Salesforce data, an alleged insider incident raises concerns around Social Security records, and a banking trojan is draining money from users in real time.While these stories may seem unrelated, they all point to the same underlying issue: access. As systems become more connected and automated, controlling who - or what - has access is becoming one of the most critical challenges in cybersecurity today.

In this episode, we cover seven stories that sit at the intersection of geopolitics, technology, and financial risk. From Iranian state-linked hackers confirmed inside U.S. banking networks, to regulators forcing a reckoning on cloud concentration, to AI systems taking over operational decision-making without adequate governance, the risks are converging faster than most institutions are moving.Seven stories. One through line. The threat surface is wider, faster, and more complex than most risk registers reflect.Hackers are inside banking networks right now - Symantec confirms active Seedworm intrusions at a U.S. bank, airport, and defense supply chain since FebruaryYour threat detection response window is now 30 minutes - AI has cut lateral movement time from 100 minutes in 2021 to 30 todayThree cloud providers control 85% of European financial infrastructure - DORA is forcing banks to build multi-cloud resilience nowAgentic AI is flipping the operating model - the machine becomes the operator, the human supervises, and governance hasn't caught upA government iPhone exploit kit has leaked into criminal hands - 23 vulnerabilities, five exploit chains, already used by Russian and Chinese threat actors

This week, Anthropic refused the Pentagon's demand to deploy Claude without safeguards on surveillance. The government's response? A supply chain risk designation.When Anthropic refused the Pentagon's demand to deploy Claude AI without safeguards on surveillance and autonomous weapons, the government responded with economic coercion, designating the company as a "supply chain risk" and banning it from all DoD contracts. Meanwhile, the State Department is pressuring countries worldwide to eliminate data sovereignty laws, even as the U.S. deploys AI systems ingesting classified military and intelligence data.The Resilience 2025 Cyber Risk Report reveals that ransomware has fundamentally shifted from encryption-based disruption to data-theft-based extortion- with phishing jumping from 21% to 50% of losses in a single year. Nation-states are running industrial-scale espionage campaigns like GridTide, targeting telecom infrastructure across 42 countries. And vulnerabilities in AI development tools are creating new supply chain attack vectors.If you work in financial services, tech, or any regulated industry, this 30-minute episode changes how you think about cyber risk.#Cybersecurity #RiskManagement #AI #DataSovereignty #Resilience

Happy New Year! This is our first episode of 2025, and I want to start by wishing all my listeners a happy, healthy, and successful year ahead. In this week’s episode - Week 2 of 2025 - we’ll dive into the most critical updates in the world of cybersecurity and geopolitics. Here’s a sneak peek at what’s coming up: Volt and Salt Typhoon: Chinese state-sponsored hackers targeting critical U.S. infrastructure. Gravy Analytics Breach: Hackers threaten to expose sensitive location data and personal movements. AI Spear Phishing Study: A chilling revelation—AI now matches human experts in creating deceptive phishing campaigns. UK Ministry of Defence: Stronger cybersecurity demands for its supply chain in response to escalating threats. Geopolitical Cyber Warfare: A cyber clash between the Philippines and China over territorial disputes. From state-sponsored hackers embedding themselves in U.S. networks to the alarming rise of AI-driven cyber threats, this episode has it all. Let’s dive in, starting with the evolving cyber warfare landscape involving Volt and Salt Typhoon.

Welcome to Risk and Resilience and you're tuned into the weekly update where I bring you the latest and most crucial developments in cybersecurity and technology.    This week I will be covering    Interbank Data Breach: Extortion Attempt and Customer Data Leak  CrowdStrike Outage: Impact, Response, and Lessons for Operational Resilience  Delta Air Lines Seeks Damages from CrowdStrike and Microsoft After Costly Outage  Ledger Fined €750,000 by French Data Protection Authority for Data Breaches  Russian "Doppelganger" Campaign Exploits Domain Registrars to Spread Disinformation  RedLine and Meta: Disruption of Two Major Infostealer Operations  Senator Warner Calls for Action from Domain Registrars to Combat Foreign Influence Campaign  If you liked this week's update, then do share this with your friends and colleagues. 

Welcome to Risk and Resilience and you're tuned into the weekly update where I bring you the latest and most crucial developments in cybersecurity and technology.   This week I will be covering   Internet Archive Suffers Major Security Breach, Affecting 31 Million Accounts Google Launches Global Signal Exchange to Combat Online Scams and Fraud Critical Security Flaws Discovered in Fortinet Products, CISA Issues Warning Palo Alto Networks Discloses Multiple Vulnerabilities in Expedition Software Cisco Patches Critical Command Execution Flaw in Nexus Dashboard Fabric Controller Microsoft's October Patch Tuesday Addresses 118 Vulnerabilities, Including Five Zero-Days UK Financial Sector Conducts SIMEX 24 Simulation Exercise to Test Resilience MoneyGram Confirms Cyberattack, Customer Data Compromised MITRE Launches AI Incident Sharing Initiative to Enhance AI System Security UK Government Announces Upcoming Cyber Security and Resilience Bill to Strengthen National Defenses If you liked this week's update then do share this with your friends and colleagues.

Welcome to Risk and Resilience and you're tuned into the weekly update where I bring you the latest and most crucial developments in cybersecurity and technology.   This week I will be covering   China-linked threat actors compromised some U.S. internet service providers   Kaspersky deleted its anti-malware software from customers' computers across the United States  Google says several major US companies have unknowingly hired North Korean IT workers.  US to ban connected vehicle tech from China, Russia due to national security risks.  DOJ, FBI need better metrics for tracking ransomware disruption efforts, audit finds  NIST Scraps Passwords Complexity and Mandatory Changes in New Guidelines  In a recent survey, it found that ore than a third  of employees share sensitive work information with AI tools without their employer’s permission.  If you liked this weeks update then do share this with your friends and colleagues.

Risk and Resilience Week 38 Podcast: This week I cover the following in my podcast. Meta's AI training: Using public Facebook/Instagram posts since 2007 Microsoft's Patch Tuesday: 79 updates, 4 zero-day fixes Fortinet breach: 440GB data leaked, affecting 0.3% of customers TfL cyber attack: Passenger data compromised, 17-year-old arrested UK data centers now critical infrastructure: Boosting protection and investment Apple drops NSO Group lawsuit: Protecting threat intelligence Indonesian crypto exchange Indodax: $22 million theft California regulates deepfakes in election ads: Combating misinformation

Key Headlines: Russian Military Cyber Actors Targeting Critical Infrastructure – FBI, CISA, NSA, and international partners release a critical advisory on Russian cyber threats to US and global infrastructure. Massive IT Crime Damages – IT crimes cause a staggering 91 billion rubles in damage over just seven months. Election Security Concerns – Intelligence officials warn of increasing foreign influence efforts leading up to Election Day. WordPress Sites at Risk – A vulnerability in the LiteSpeed Cache Plugin puts millions of WordPress sites in jeopardy. Singapore's Stance on Deepfakes – Proposed ban on deepfakes during elections as part of efforts to maintain electoral integrity. CISA's New Cyber Reporting Portal – A new platform to streamline and improve cyber incident reporting. NATO's Focus on Undersea Infrastructure – Reinforcing resilience and security for critical undersea infrastructure. In this week's episode, we dive into the latest cybersecurity landscape, focusing on a newly released advisory about Russian military cyber actors targeting global critical infrastructure. We unpack the financial damage caused by IT crimes reaching into the billions and discuss the escalating foreign influence threats as we approach Election Day. Additionally, we explore a newly discovered vulnerability affecting millions of WordPress sites and Singapore's proactive stance on banning deepfakes during elections. To wrap up, we examine CISA's launch of a new cyber reporting portal and NATO's strategies to protect vital undersea infrastructure. Tune in for an in-depth breakdown of these critical updates!