cyber risk management

Microsoft has officially stopped providing security updates, feature updates, and standard technical support for Windows 10 as of October 14, 2025 — and for most users the practical next step is to move to Windows 11 (if your PC is eligible) or enroll in the temporary Extended Security Updates...

A new wave of skepticism is sweeping through the IT security world following revelations by renowned German researchers who have cast serious doubt on the safety of Windows Hello for business use. The much-touted biometric authentication system, a showcase feature in both Windows 10 and Windows...

A series of newly discovered vulnerabilities in Rockwell Automation’s Arena simulation software have jolted the industrial software ecosystem, underscoring the persistent security challenges faced by critical manufacturing sectors worldwide. Carrying a high CVSS v4 base score of 8.4, these...

A seismic shift is underway in the security landscape as AI, quantum computing, and cyber-physical systems fundamentally reshape the risks and strategies that define enterprise resilience. Forward-thinking security leaders no longer ask whether disruption will hit, but rather how rapidly they...

Rockwell Automation’s Lifecycle Services—with key offerings powered by VMware—have become foundational in modernizing industrial infrastructures, integrating both critical manufacturing systems and advanced cybersecurity managed services at global scale. Yet as these digital transformation...

In the early hours of an otherwise ordinary workweek, the headlines told a chilling story: KNP, a storied logistics company in the United Kingdom with 158 years of history, shuttered operations overnight due to a catastrophic ransomware attack. This collapse is more than a cautionary tale—it’s a...

Amid heightening U.S.-China tech rivalry and gathering clouds of suspicion around supply chain security, Microsoft’s recently announced decision to cease using China-based engineers for support on Pentagon cloud projects marks both a watershed moment for defense technology policy and a sobering...

Datalink Networks’ recent launch of a nationwide Microsoft 365 Security Monitoring Program marks a significant stride for security-conscious organizations across regulated sectors such as small and mid-sized businesses (SMBs), healthcare providers, and educational institutions. This offering is...

The DuraComm DP-10iN-100-MU, a model within the SPM-500 series power distribution panels, has come under renewed scrutiny from the cybersecurity and critical infrastructure communities following the announcement of several high-impact vulnerabilities. As digital transformation sweeps through...

Microsoft has recently announced a significant policy shift: the company will no longer employ engineers based in China to provide technical support for the U.S. Department of Defense's (DoD) cloud computing systems. This decision follows an investigative report by ProPublica that raised...

In a development that has sent ripples through the enterprise IT community, Microsoft has issued urgent guidance regarding the exploitation of a newly discovered remote code execution (RCE) vulnerability in on-premise SharePoint servers, catalogued as CVE-2025-53770. The U.S. Cybersecurity and...

The digital fabric of today’s global economy is increasingly woven together by vast, interconnected software supply chains. While this complex ecosystem accelerates innovation and business agility, it also conceals a growing vulnerability: persistent blind spots that cybercriminals are eager to...

When examining the evolving cybersecurity threat landscape faced by industrial control systems, the recent disclosure of a critical vulnerability within Delta Electronics’ DTM Soft platform stands out as a reminder of the pressing need for proactive software security practices, particularly in...

Modern industrial automation thrives on the reliability and security of software environments like Siemens’ Totally Integrated Automation (TIA) Portal and TIA Project-Server, which orchestrate the backbone for thousands of critical infrastructure installations globally. As industries rush to...

The cybersecurity stakes for today’s businesses have never been higher, with record numbers of threats, mounting regulatory pressure, and a continuous shortage of experienced infosec professionals. Recent years have seen sustained attacks ranging from sophisticated ransomware to nation-state...

South Africa’s cyber security landscape is undergoing rapid transformation, spurred by the dual catalysts of escalating digital adoption and a corresponding wave of ever-more sophisticated cyber threats. Ransomware, phishing campaigns, insider attacks, and deeply engineered multi-vector exploits...

In the rapidly evolving world of industrial control systems (ICS), vulnerabilities within automation infrastructure can reverberate far beyond the factory floor, exposing critical manufacturing environments to increasingly sophisticated cyber threats. Recent advisories concerning the FESTO...

In a significant move to enhance cybersecurity measures and reduce associated insurance costs, Microsoft has partnered with Antigen Security to offer substantial savings on cyber liability insurance premiums. This collaboration enables organizations utilizing Microsoft 365 E3/E5 Security and...

In a recent blog post titled "Microsoft Dependency Has Risks," Czech developer and penetration tester Miroslav Homer presents a compelling argument about the strategic vulnerabilities organizations face due to heavy reliance on Microsoft products and services. Homer's analysis is particularly...

Few cybersecurity issues generate as much alarm—or as many practical ramifications—as those affecting building automation and industrial control systems. This has once again been underscored by a recent vulnerability uncovered in Mitsubishi Electric air conditioning systems, outlined by the...