Preparing for Unknown Risks: How to Better Prepare for Risks You Can’t See Yet


As security professionals we’re used to dealing with unknowns and unpredictability. We understand that it’s impossible to always know what’s around the corner. It’s not just about external threats and the big breaches splashed across the news headlines.

On one hand, we’re combating threat actors attempting to steal information, money or simply trying to cause havoc. On the other, we’re trying to better understand employee behavior amidst the myriad of applications they use on a daily basis; always vigilant for any suspicious activity. And while it certainly makes our jobs interesting, unpredictability runs contrary to how the organisations we protect prefer to operate.

Read more…
Source: Rapid7


Sign up for our Newsletter


Related:

  • How NATO Is Building Resilience Against Disruptive Cyber Technologies

    August 12, 2025

    The mission of NATO (North Atlantic Treaty Organization) is to safeguard the freedom and security of its member countries through political and military means. “We look out for our members by combining smart diplomacy with strong defense, and that includes risk management and cyber resilience,” said Konrad Wrona, Security Expert, NATO Communications and Information (NCI) Agency. ...

  • An Earth-Shattering Kaboom: Bringing a Physical ICS Penetration Testing Environment to Life

    August 6, 2025

    Whether it’s in the water we drink, the medicines we take, or the electricity we use to read blog posts on the internet, Industrial Control Systems (ICS) are part of our daily lives. There’s so much that relies on these systems, you’d like to assume they’re engineered and tested to guard against cyberattacks. You’d be wrong. ...

  • Denmark energy cyber attack highlights infrastructure security gaps

    August 4, 2025

    November 2023 saw an unprecedented cyber attack on Denmark’s energy infrastructure. In a co-ordinated breach of 22 companies, criminal gangs gained access to industrial control systems. Investigators believe at least one of the attackers was acting on behalf of a state. Michael Murphy, who heads Fortinet’s APAC Operational Technology group from the company’s Sydney office, says ...

  • Malicious Packages Across Open-Source Registries: Detection Statistics and Trends (Q2 2025)

    August 4, 2025

    In this previous blog, Fortiguard Labs highlighted a growing trend in the use of open source software (OSS) repositories as channels for malware distribution in supply chain security. With the continued reliance on third-party packages in development workflows, threat actors are increasingly exploiting vulnerabilities in the open-source ecosystem to propagate malicious code, exfiltrate data, and cause ...

  • IoT Security: Your Next Breach Could Start with Your Thermostat

    August 4, 2025

    Universities are filling up with network-connected devices. Smart locks manage building access. HVAC systems run on automated controls. Cameras stream to command centers. Vending machines, printers, thermostats, research tools, and classroom displays all connect to the network. The Internet of Things (IoT) is everywhere. These devices are often invisible to most of campus life, quietly making ...

  • Luxembourg: Cybercriminals stole thousands from BIL customers using phishing scam

    August 2, 2025

    After cybercriminals stole thousands from BIL customers using a fake website, the banking association maintains that digital banking tools remain safe, but users must stay vigilant. In the wake of a sophisticated phishing scheme that led to major financial losses for dozens of BIL customers, The Luxembourg Banker’s Association (ABBL) is defending the security of the ...