Skip to content

// #security-risk-management

0 articles

← All tags

Commentary tagged #security-risk-management

Opinion

Ransomware in Healthcare Is a Patient Safety Crisis, Not an IT Problem

The ransomware attack on ChipSoft paralysing 80% of Dutch hospitals and the Anubis attack on Signature Healthcare this week are not data breach incidents with clinical inconvenience as a side effect. They are patient safety events. The healthcare sector's continued treatment of ransomware as a cybersecurity problem rather than a clinical risk is costing lives.

CipherWatch Editorial

Security Intelligence Platform
Opinion

Ransomware Has Industrialised — Your Response Strategy Probably Has Not

Qilin's 131 confirmed victims in March alone is not a spike — it is what a mature criminal enterprise operating at scale looks like. The ransomware ecosystem has industrialised completely, with dedicated development, HR, and affiliate management functions. Enterprise response strategies built for a different threat model are overdue for review.

CipherWatch Editorial

Security Intelligence Platform
Opinion

The KEV List Is Not a Vulnerability Management Strategy

CISA's Known Exploited Vulnerabilities catalogue has become the de facto patch priority list for thousands of organisations — most of whom had no coherent strategy before it arrived. Treating the KEV list as a vulnerability management programme is a category error that leaves organisations systematically exposed to everything that has not yet been exploited.

CipherWatch Editorial

Security Intelligence Platform