All Insights
Whitepaper
Mega trends

A new age of cybersecurity culture

Published on
April 30, 2024

Cyber Human Risk Management (HRM) is essential to cybersecurity culture, as the way people manage technology is the window through which threat actors can infiltrate organisations.

In all organisations, but particularly ones with diverse ways of working across geographies, building a comprehensive and sustained cybersecurity culture can be challenging. Cybersecurity culture complexities can include how to overcome change resistance, how to adopt emerging technologies securely without slowing down innovation, how to manage interconnected systems securely, how to make the most of metrics and measurement, and more.

KPMG, along with Cybersecurity at Massachusetts Institute of Technology (MIT) Sloan (CAMS), part of Sloan Management School Cybersecurity Research Division, set out to gain a better understanding of cybersecurity culture, its challenges, and how AI could make an impact.

Read the full survey findings to learn how AI can impact cybersecurity culture, and in turn CRQ.

Read now
Our blog

Latest Insights

The latest from the CRI community.
Blog
Resilience

The Future of MDR: From reactive monitoring to intelligence-led attack disruption

In today’s threat landscape, where attacks span identity, cloud, endpoint, data and third-party ecosystems, metrics such as alerts triaged, tickets closed and response times are no longer enough. What matters is whether an organisation can identify the threats that matter, disrupt them before they become business events, and use that insight to make better risk decisions.
Salil Shukla
June 2, 2026
4 min read
Blog
Resilience

Reinventing cyber budgeting: From legacy spend to quantified risk

Cyber risk is rising while budgets remain constrained. Investment in cyber has plateaued, yet the threat landscape continues to expand in frequency, sophistication, and impact. Despite this, many organisations continue to budget in the same way – rolling forward prior spend, adjusting incrementally, and reinforcing existing control environments. How is CRQ helping leaders prioritise investment, strengthen resilience, and stay ahead of a rapidly evolving threat landscape?
Martin Tyley
May 27, 2026
4 min read
Blog
Resilience

APT campaigns and their ripple effect on cyber risk

Advanced Persistent Threat groups are not typical cyber adversaries. Often nation-state sponsored, they operate with scale, sophistication, and patience. Their objectives extend well beyond financial gain – from espionage and intellectual property theft to preparing the ground for future disruption. See how organisations are using CRQ to understand the real impact of advanced threats—and prioritise investment accordingly.
Callum Wilson
May 26, 2026
4 min read

See CRI in action

Book a personalised demo and discover how CRI can help you make smarter cyber risk decisions.
Book a demo