InfoSec

Credit Ratings, Governance Duties,& the New Systemic Risk Perimeter

Financial, InfoSec, Reputation, Training /

Executive Summary Governance has shifted from an internal process to a legally defined, externally observable analytical variable. The combined effect of the European Union’s Network and Information Systems Directive (NIS2) Article 20, Digital Operational Resilience Act (DORA) Article 5 and the Credit Rating Agencies Regulation 1060/2009 (CRA Regulation) marks a structural change in how governance […]

Credit Ratings, Governance Duties,& the New Systemic Risk Perimeter Read More »

OPINION: How Financial Crime has been allowed to be mis-classified as cyber incidents.

InfoSec, Reputation /

Why hyper-specialisation blinds firms to financial losses hidden behind digital delivery. When firms treat ransomware and fraud as ‘cyber events’, they reclassify a financial crime into a technical issue and accountability slips through the cracks. By Rois Ni Thuama, 29th October 2025 AT ‘International Anti-Financial Crime Conference 2025’ in London this month, one panellist observed

OPINION: How Financial Crime has been allowed to be mis-classified as cyber incidents. Read More »

Cyber Risk Is Business Risk: Lessons from the 20th September 2025 European Airport Cyberattack 

InfoSec, Reputation, Supply Chain /

By Dr Rois Ni Thuama and Kathleen Moriarty International airports across Europe faced major disruption this weekend after a cyberattack on MUSE, the Collins Aerospace check-in/boarding platform used by multiple airlines. Heathrow, Brussels and Berlin all reported impact, with electronic check-in and bag-drop affected and manual workarounds invoked. Reuters  The Dutch Cyber Security Council captured

Cyber Risk Is Business Risk: Lessons from the 20th September 2025 European Airport Cyberattack  Read More »

No-one is losing their life over infosec decisions and no-one should be losing their head

InfoSec /

Picture: PC Pro Issue 366 Don’t be daunted by the rapidly changing face of the security landscape – learn from those who climbed the southwest face of Everest instead On an icy night in November 2018, I picked my way slowly around the snaking roads of north Wales through a flurry of snow. I was

No-one is losing their life over infosec decisions and no-one should be losing their head Read More »

Traditional security training never worked. It was not then and is not now fit for purpose

InfoSec, Training /

Picture: PC Pro Magazine Issue 360 Rois takes aim at patronising cybersecurity training software – and the companies behind them that seem to think we’re all three years old. Cybersecurity training is broken. Is it? Is it really, though? In line with the current trend to offer trigger warnings for almost everything, here’s yours. A

Traditional security training never worked. It was not then and is not now fit for purpose Read More »

Contact Us
Contact Us