osmond-lead

Cyberbytes Issue 6/25: Cyber Insurance – Mandatory or Optional?

Mon, 29 Sep 2025 16:16:31 GMT

Cyber Insurance: The Next Seatbelt for Digital Risk?

In 1666 the Great Fire of London turned fire insurance from a novel experiment into a cornerstone of urban risk management. It demonstrated that collective preparedness and pooled risk are essential to societal resilience. Today, the relentless surge of cyberattacks poses a similar challenge in the digital realm, forcing policy-makers and organisations to rethink how they manage cyber threats.

As economic losses mount, the debate over whether cyber insurance should become mandatory is intensifying across policy, legal, and risk management circles. Are we approaching a tipping point where cyber insurance shifts from a niche product to a standard, and potentially mandatory, safeguard in our digital age?

Podcast zum Artikel auf Deutsch: Cyber-Versicherung - Unterschiedliche Perspektiven

(AI NARRATED)

Podcast on the article in English: Cyberinsurance - The Great Debate

(AI NARRATED)

Cyberbytes Issue 4/25: Ransomware - To Ban or Not to Ban?

Thu, 31 Jul 2025 13:20:46 GMT

The Ransomware Riddle: Should Paying Be a Crime?

As ransomware attacks escalate globally, governments are grappling with a critical question: Should paying ransoms be legally banned? This issue dives into the complex debate surrounding proposed bans - especially targeting public sector and critical infrastructure organizations. With countries like the UK, US, and Australia exploring or implementing restrictions, the conversation spans ethical dilemmas, national security concerns, and operational realities.

Would outlawing payments disrupt the cybercrime economy, or risk punishing victims and jeopardizing essential services?

This blog explores the who, what, when, and why behind one of cybersecurity’s most pressing policy debates.

Cyberbytes Issue 3/25: NIS 2 Directive - Update on development

Thu, 31 Jul 2025 12:49:10 GMT

What does NIS 2 mean for companies in the EU and Switzerland? So, where do we stand today?

The new EU NIS 2 Directive introduces significantly stricter cybersecurity requirements for medium-sized and large companies in critical and important sectors. It expands the scope, tightens reporting requirements and introduces clear control mechanisms. Swiss companies are also affected – either directly through harmonised national laws or indirectly through their EU business relationships.

This article provides a concise and practical overview of who , what , when and why behind

NIS 2.

Cyberbytes Ausgabe 2/25: Informationssicherheitsgesetz (ISG), Teil 2 - aktueller Stand Mai 2025

Thu, 12 Jun 2025 08:14:42 GMT

ISG 2025: Das Cybergesetz, das Ihr Unternehmen härter treffen könnte, als Sie denken

Das neue Informationssicherheitsgesetz (ISG) ist kein trockenes Behördenpapier – es betrifft direkt jene, die das Rückgrat unserer digitalen Infrastruktur bilden.

Ob Betreiber kritischer Infrastrukturen wie Energie, Wasser, Verkehr oder Gesundheit,

IT-Dienstleister mit Bundesaufträgen oder Organisationen mit sensiblen Systemen :

Für sie alle bringt das ISG 2025 klare Pflichten, neue Meldefristen – und echte Konsequenzen bei Verstössen.

Was genau ändert sich? Wer ist betroffen? Und warum ist jetzt der richtige Zeitpunkt, sich vorzubereiten? In diesem Beitrag liefern wir die Antworten.

Cyberbytes issue 1/25: Cyber Secure, Credit Sure - Digital Defenses as the New Credit Score

Wed, 14 May 2025 09:47:08 GMT

Why Cybersecurity Is the New Credit Score

In today’s digital economy, cybersecurity isn’t just about protecting data—it’s becoming an important factor in determining creditworthiness. In this issue of CyberBytes, we explore how financial institutions are increasingly factoring cyber risk into credit assessments, what this means for businesses of all sizes, and why cyber resilience could soon be as important as your balance sheet. Whether you're a startup or a multinational, understanding this shift could be critical to securing your next loan.

Operational Resilience and Business Continuity Management

Tue, 02 Jul 2024 06:35:26 GMT

Complementary and Interdependent but not Interchangeable

In today’s cyber jungle, where cloud-based architectures, bad actors, phishing scams, and zero-day exploits run rampant, businesses of all sizes find themselves treading an increasingly perilous path around ever more numerous pitfalls. Enter Operational Resilience (OR) and Business Continuity Management (BCM), two key aspects of robust business operations essential for steering companies through the digital minefield.

Understanding these two concepts in relation to one another, especially the distinctions between the two and how they complement each another, is crucial for fortifying companies against the perils of the digital world.

Cyberbytes issue 3/24: Artificial Intelligence (AI) Act, 2024 (EU)

Fri, 26 Apr 2024 06:24:24 GMT

What is behind the EU AI Act 2024? Cyberbytes 3/24 provides a concise overview.

The EU Artificial Intelligence Act is a comprehensive legal framework that aims to protect fundamental rights while promoting innovation by classifying AI systems according to their level of risk, banning certain types of AI, and imposing obligations on providers and users of high-risk AI systems.

Cyberbytes issue 2/24: Federal Act on Information Security in the Confederation (FAISC) / Informationssicherheitsgesetz (ISG), 2024 (CH)

Wed, 27 Mar 2024 13:51:46 GMT

Focus on the new Swiss Security Act: Cyberbytes 2/24 explains what the Federal Act on Information Security (FAISC / ISG) means for Switzerland.

The Federal Act on Information Security in the Confederation (FISIC), which came into force on 1 January 2024, aims to ensure the secure processing of information and the safe use of IT resources by federal and cantonal authorities, private-law companies that support the Confederation and operators of critical infrastructure. In addition, an amendment introduced a reporting obligation for cyber attacks on critical infrastructure, which is expected to come into force on 1 January 2025.

Cyberbytes 1/24: DORA 2024 - What the EU’s Digital Resilience Law Means

Thu, 07 Mar 2024 12:50:35 GMT

DORA Demystified: Cyberbytes 1/24 explains the EU’s Digital Operational Resilience Act and its impact on financial entities.

The Digital Operational Resilience Act (DORA) is a European Union regulation that came into force on 16 January 2023 and will apply from 17 January 20251. Its main objective is to improve the IT security of financial institutions, including banks, insurance companies and investment firms. In doing so, DORA aims to ensure that the European financial sector remains resilient even in the face of severe operational disruptions.

Cyber Risk Specialists: Masters of Mitigation in the Digital Age

Fri, 02 Jun 2023 17:20:31 GMT

Cyber Risk Specialists: Masters of Mitigation in the Digital Age explores how today’s experts tackle rising cyber threats with precision and foresight.

Cyber risk management, also known as cybersecurity risk management, is the process of identifying, prioritising, managing and monitoring risks to information systems. In today's interconnected world, organisations rely heavily on information technology for critical business functions. However, this reliance exposes them to various cybersecurity threats, including cybercriminal activity, employee error, natural disasters, and more. These risks can result in lost revenue, data breaches, long-term reputational damage and regulatory fines.