The RTJ Bridge is the new premium version of The RiskTech Journal, delivering fast-moving, strategically relevant insights for risk leaders navigating today’s digital business landscape.

Designed as the link between editorial commentary and in-depth research, The RTJ Bridge offers exclusive access to:

High-frequency insight notes on market shifts, regulatory signals, and emerging technologies
Executive briefings and editorial series including “The Risk Ignored”
Strategic previews of IRM Navigator™ research, including upcoming Risk Landscape Reports

Whether you're monitoring vendor moves, tracking governance shifts, or preparing for regulatory disruption, The RTJ Bridge equips you with actionable foresight.

The RTJ Bridge - The Premium Version of The RiskTech Journal

Subscribe to get access now

The RTJ Bridge Subscription

$6.99

Every month

The RTJ Bridge Subscription is a premier resource for executives and professionals focused on the intersection of risk management and technology. It provides subscribers with access to a curated collection of articles and expert insights designed to enhance risk management strategies through technological innovation. With its online format, The RTJ Bridge offers flexible access to critical information, helping leaders make informed decisions and stay competitive.

✓ Timely Insights: Access to weekly cutting-edge articles

✓ Expert Opinions: Direct advice from industry leaders

✓ Comprehensive Coverage: In-depth exploration of risk topics

✓ Flexible Access: Read anytime, anywhere, with online access

A ship's bridge with a person standing inside, seen through large glass windows, on a white vessel with round portholes and safety railing.

Ori Wellington 9/10/25 Ori Wellington 9/10/25

Technology Risk at Machine Speed: Why Integrated Systems Demand Integrated Risk Management

Jaguar Land Rover’s cyber incident shows how modern enterprises operate inside an interconnected matrix of risk. Technology assets and operational processes are closely linked, so a disruption in one tier quickly spreads across production sites, suppliers, dealers, and customers.

On September 2, 2025, JLR confirmed a cyber intrusion and proactively shut systems to contain the impact. By September 6, production was halted in the United Kingdom, Slovakia, Brazil, and India. West Midlands suppliers sent thousands of staff home. Dealer platforms, including the electronic parts catalogue, were inaccessible. Analysts estimate losses of £5 million per day, and insiders indicate recovery will take weeks rather than days. A group calling itself Scattered Lapsus$ Hunters claimed responsibility.

Ori Wellington 9/8/25 Ori Wellington 9/8/25

Audit Committees Signal a Mandate for Unified IRM, Not Just GRC

Audit committees in 2025 are under growing pressure to oversee risks that are more complex, interconnected, and fast-moving than ever before. KPMG’s survey of 85 U.S. audit committee members (February–May 2025) highlights systemic oversight gaps in cybersecurity, privacy, AI, and third-party resilience. While only one-quarter of respondents describe their risk management as holistic and forward looking, the survey reveals that committees are struggling less with awareness and more with execution. The IRM Navigator™ Maturity Curve confirms that most organizations remain in the early to mid stages of maturity. However, the five functional layers of Autonomous IRM offer a more practical blueprint for closing these oversight gaps and absorbing workload without restructuring committees.

This research note interprets the KPMG findings through the lens of both frameworks: the Maturity Curve, which shows where audit committees are today, and the five functional layers, which define how they can progress toward unified, assurance-driven oversight.

John A. Wheeler 8/27/25 John A. Wheeler 8/27/25

The Risk Ignored, Part II Chapter 5: The Academic Reckoning

In Part I of The Risk Ignored, we followed the rise and fall of GRC. Born in the aftermath of the Sarbanes-Oxley Act, it was codified by Archer, PwC, and Michael Rasmussen, and quickly became the acronym that defined a market. Yet by the late 2000s, GRC was collapsing under its own weight. The very acronym that promised coherence came to mean everything and, in practice, nothing at all.

The story of The Risk Ignored Part II: The Seeds of Integration begins here. The collapse of GRC and the inadequacy of compliance-first ERM created a void. The question, for both scholars and practitioners, was what comes next.

John A. Wheeler 7/29/25 John A. Wheeler 7/29/25

How IRM Can Protect Cyberinsurers from Cyberattacks

Cyberinsurance providers face a unique irony in today's risk landscape. Despite their role in safeguarding others against cyber threats, they have become prime targets for cybercriminals. Recent high-profile breaches, including attacks on Allianz Life, CNA Financial, and Philadelphia Indemnity, vividly illustrate this growing vulnerability. These incidents underscore not only the attractiveness of insurers as targets—given the extensive sensitive client data they hold—but also reveal substantial weaknesses in their ability to manage third-party risks, respond to incidents, and comply with tightening regulations.

If cyberinsurance companies fail to adopt a holistic, integrated approach to risk management, the resulting breaches may significantly damage their reputations, compromise their operational integrity, and erode market trust. It is therefore imperative to rethink their approach to cybersecurity risk management.