The latest Global Cybersecurity Outlook from the World Economic Forum highlights three forces reshaping cyber risk in 2026: artificial intelligence, geopolitics and cyber enabled fraud. For many boards, that’s going to raise questions such as “how much loss are we really exposed to?”, and “where should the next pound of investment go?”.

The UK Cyber Security and Resilience Bill is moving supply chain security from compliance to calculus. The days of managing third-party risks with just questionnaires are over. It's time for a new approach.

Many organisations say they want to be “cyber resilient”, but the term is often vague. At its core, resilience means ensuring the business can continue to operate despite inevitable events – cyber or otherwise. The problem is that resilience is still too often treated as an aspiration, rather than a discipline.

Is your organisation primarily using a traffic light system (red, amber, green) to manage cyber risk? You could be overlooking a crucial dimension of risk management.

The digital landscape continues to evolve at an unprecedented rate, bringing forth new challenges and amplifying the urgency for robust cybersecurity measures.

The KPMG annual Cybersecurity considerations report identifies eight key considerations that CISOs should prioritise in 2024 to help mitigate risk, drive business growth and build resilience.

Cyber Human Risk Management (HRM) is essential to cybersecurity culture, as the way people manage technology is the window through which threat actors can infiltrate organisations.

Organisations around the world need to factor the geopolitical risk to cyber security – and the cyber-driven elements of geopolitical risk – into their strategic decision making.