Click here to access subscription content at The RTJ Bridge - The Premium Version of The RiskTech Journal

〰️

Click here to access subscription content at The RTJ Bridge - The Premium Version of The RiskTech Journal 〰️

The RiskTech Journal

The RiskTech Journal is your premier source for insights on cutting-edge risk management technologies. We deliver expert analysis, industry trends, and practical solutions to help professionals stay ahead in an ever-changing risk landscape. Join us to explore the innovations shaping the future of risk management.

The GRC Blind Spot: What the SharePoint Cyberattack Reveals About Risk Management Vulnerabilities
Microsoft, SharePoint, GRC, Cybersecurity Wheelhouse Advisors Microsoft, SharePoint, GRC, Cybersecurity Wheelhouse Advisors

The GRC Blind Spot: What the SharePoint Cyberattack Reveals About Risk Management Vulnerabilities

This past weekend, Microsoft confirmed that attackers exploited a critical zero-day vulnerability in on-premises SharePoint servers—a breach that quickly escalated into a global cybersecurity incident. Governments, universities, energy providers, and private enterprises were affected. At least 85 servers were confirmed compromised within 48 hours, with analysts warning that tens of thousands remained at risk.

Read More
Inside the Hack: Why Social Engineering Exposes the Limits of Cyber Defense and Demands Integrated Risk Management
Social Engineering, Cybersecurity, IRM Ori Wellington Social Engineering, Cybersecurity, IRM Ori Wellington

Inside the Hack: Why Social Engineering Exposes the Limits of Cyber Defense and Demands Integrated Risk Management

The recent cyberattack on Marks & Spencer (M&S), perpetrated by the notorious hacking group Scattered Spider, vividly underscores the evolving sophistication of cyber threats—and the alarming vulnerability of even well-protected enterprises. Despite significant investments in cybersecurity defenses, M&S faces an estimated loss of up to £300 million in operating profits and a plunge of £600 million in market capitalization following the breach.

As detailed recently by the Financial Times, Scattered Spider’s methods illuminate a stark reality: technical cybersecurity solutions alone are not enough. The group’s expertise lies in a blend of digital deception and human manipulation, a practice known as social engineering. Unlike traditional cybercriminals reliant solely on technical exploits, Scattered Spider meticulously researches employee identities, simulates convincing interactions, and leverages human psychology to circumvent cyber defenses.

Read More