Preparing for Unknown Risks: How to Better Prepare for Risks You Can’t See Yet


As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.

On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.

Read more…
Source: Rapid7


Sign up for our Newsletter


Related:

  • UK unveiled new cyber action plan to tackle threats and strengthen public services

    January 6, 2026

    New measures will be introduced to make online public services more secure and resilient, so people can use them with confidence – whether applying for benefits, paying taxes or accessing healthcare. Backed by over £210 million, the Government Cyber Action Plan published today (Tuesday 6 January) sets out how government will rise to meet the growing ...

  • Business continuity isn’t keeping pace with cyber threats, warns Sedgwick CISO

    January 2, 2026

    Business continuity plans are lagging behind the speed and complexity of modern cyberattacks, according to Eric Schmitt (pictured), chief information security officer at Sedgwick. “In most cases, it is not,” Schmitt said, when asked whether current business continuity frameworks are adapting to today’s cyber threat environment. He drew a sharp line between business continuity and disaster ...

  • Cognizant hit with multiple US class-action lawsuits after TriZetto data breach

    January 2, 2026

    Cognizant Technology Solutions is facing a wave of class-action lawsuits in the United States after a long-running data breach at its healthcare claims processing unit, TriZetto Provider Solutions (TPS), triggered legal challenges from affected individuals. According to court filings, at least three lawsuits were filed late last month in federal courts in New Jersey and Missouri, ...

  • Malware in 2025 spread far beyond Windows PCs

    December 29, 2025

    If there’s one thing that became very clear in 2025, it’s that malware is no longer focused on Windows alone. We’ve seen some major developments, especially in campaigns targeting Android and macOS. Unfortunately, many people still don’t realize that protecting smartphones, tablets, and other connected devices is just as essential as securing their laptops. Banking Trojans ...

  • Threat landscape for industrial automation systems in Q3 2025

    December 25, 2025

    In Q3 2025, the percentage of ICS computers on which malicious objects were blocked decreased from the previous quarter by 0.4 pp to 20.1%. This is the lowest level for the observed period. Regionally, the percentage of ICS computers on which malicious objects were blocked ranged from 9.2% in Northern Europe to 27.4% in Africa. The most ...

  • Cisco email security products actively targeted in zero-day campaign

    December 19, 2025

    A China-affiliated threat actor has been abusing a zero-day vulnerability in multiple Cisco email appliances to gain access to the underlying system and establish persistence. Cisco confirmed the news in a blog post and a security advisory, urging users to apply provided recommendations and harden their networks. In its announcement, Cisco said it first spotted the ...