Withstanding Cyber-Attacks: Cyber-Resilience Practices in the Financial Sector

April 30, 2020 9:31 am Published by

This research using qualitative data collected among a sample of 44 cyber security professionals from 28 financial sector organizations in 5 geographies describes the measures enabling cyber-resilience in the financial sector. The general objective is to learn from those who implement cyber-resilience on a daily basis what works, what does not, and what are their main constraints.

Quantum Banner

Quantum Threat Timeline

October 3, 2019 3:01 pm Published by

The 'quantum race' is on and the race course and timeline are partially unknown. The creation of a scalable, fault-tolerant quantum computer that poses a significant risk to cyber security may be closer than we think. Although quantum attacks are not here yet, critical decisions need to be made today in order to respond to these threats in the future.

Distribution Analysis for Information Risk – A Cyber Quantification Framework

October 3, 2019 2:37 pm Published by

The Distribution Analysis for Information Risk (DAIR) is a cyber quantification methodology that maps cyber events with a hierarchical risk taxonomy to evaluate operational, business & systemic risk economic capital. DAIR will help organizations quantify cyber risk in a consistent and meaningful way, giving consideration to asset vulnerabilities as well as business and systemic considerations.

GRI Quantum Risk Assessment Report – Part 4

February 19, 2019 10:20 am Published by

Public-key cryptography, which underpins the security of most of the tools we rely on today including cloud computing, payment systems, the internet, and IoT, are all susceptible to being broken by quantum computers in the not-so-distant future.

GRI Quantum Risk Assessment Report – Part 3

January 16, 2019 1:20 pm Published by

This publication provides an extension of our work on estimating the real-world effort it will take for a quantum computer to compromise symmetric cryptographic functions at the foundation of protecting our ICT infrastructure.