Connect with us


When it comes to cyber risk, money is the universal language

Safe Security’s Saket Modi discusses the value of quantifying cybersecurity and why putting a financial figure on the risk can drive a better response.

The C-suite conversation around cybersecurity has shifted. While it was previously the case that CISOs and other security heads tried to convince senior executives of the importance of investing in cybersecurity, a steady stream of serious breaches has firmly changed this.

The last few years have seen some monumentally expensive breaches, with the Advanced Info Service hack, for example, being estimated to cost as much as $58bn to fully remediate. Last year’s Comcast breach is estimated to have topped $10bn in losses and recovery costs.

Aside from these high-profile outliers, the average breach is now an increasingly expensive burden for organisations to bear. The IBM Cost of a Data Breach Report 2021 puts the average cost at $4.24m, up from $3.86m the year before.

The business world has responded to this clear threat by ramping up its security spending, and it’s estimated that investments will cumulatively hit around $1.75trn between 2021 and 2025 according to Cybersecurity Ventures.

The security conversation now centres on the most effective way to mitigate the chances of an incident before it even happens. But choosing the right security solutions and strategies to proactively measure, manage and mitigate risk is no small task, with each organisation having its own unique needs and priorities and a myriad of options to pick from.

The challenges in communicating risk today

The security industry has historically struggled when it comes to proving its business value in easily understandable, financial terms. While the ROI of other IT investments such as cloud migration can be easily quantified by metrics such as increased productivity, the reactive function of cybersecurity has proven more difficult to capture and translate. As such, conversations surrounding cyberthreats have tended to be vague and easily bogged down by technical jargons that lack a business context.

Security leaders need to speak to the board in a language they can relate to, focusing on business outputs and ROI, based on solid metrics backed by sound data science principles. One of the best ways to achieve this is to adopt proactive cyber risk quantification.

This is a model that creates a tangible risk value for every asset in the organisation, drawn from multiple data points across people, processes, technology, cybersecurity products and third parties in real time.

These risk values can then be translated into a direct monetary value that speaks very clearly to the board and other stakeholders in their own language. What financial risk do businesses face as a result of their cyber risk posture?

The need for real security metrics

Attempts to measure risk are often stymied by the need to collate and integrate data points from multiple disparate security tools and relate them to business decision-makers. Cyber risk quantification takes all of these data streams and combines them into one powerful, easily understood metric.

As this threat level can also be converted into a financial value, it can demonstrate both the current potential financial loss that cybersecurity risks represent and the reduction of cost that cybersecurity investments can deliver.

These metrics can be explored at a highly granular level, zeroing in on the financial impact of vulnerabilities in specific applications, devices and cloud instances.

This granular view can even extend down to individual users or outwardly to third-party connections. The benefit is that this view immediately allows decision makers to prioritise mitigation strategies – accept the risk, manage it through cybersecurity initiatives, or transfer it via cyber insurance.

The problem with bloated security stacks

The insights provided by the cyber risk quantification model can help organisations make more informed decisions about which security tools to invest in, particularly given that the default reaction to emerging threats tends to be to purchase more products. More investment does not equal better security.

In fact, security stacks tend to become very bloated and inefficient, often with many underused or redundant products. It is estimated that the average small business now uses up to 20 different security tools, while their larger counterparts are likely to have more than 130.

Bloated security stacks are not only an inefficient use of the allocated budget, but also tend to be difficult to manage. Unless there is effective centralisation and automation in place, security teams will spend much of their time flitting between different dashboards and being inundated with security alerts that provide little context or actionable insight.

Organisations should streamline their stacks to a single unified view to remove silos and overlaps, focusing on the solutions that will provide the clearest value by reducing risk exposure.

Introducing a universal language for threat data

To be truly effective, an approach based on cyber risk quantification needs to draw on data from every element of the business, as well as contextualising it against factors such as the organisation’s size, structure, location and sector.

All of this data should also be compared to real-time threat intelligence that reflects the cyber landscape outside of the organisation.

Businesses that are looking out for a proactive approach to cybersecurity need not lose hope with the checklist of actions to perform. They are well on their way to predicting their next data breach if they are collecting signals across people, processes, technology and third parties.

Now, they need to start analysing these signals in an objective and contextual manner through sound data science-based principles and use any inferences to measure their risk. Once risk is quantified, it is easier to plan strategies that manage and mitigate it.

By Saket Modi

Saket Modi is the CEO and co-founder of cybersecurity company Safe Security.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Source link


European Startup Ecosystems Awash With Gulf Investment – Here Are Some Of The Top Investors

European Startup Ecosystem Getting Flooded With Gulf Investments

The Voice Of EU | In recent years, European entrepreneurs seeking capital infusion have widened their horizons beyond the traditional American investors, increasingly turning their gaze towards the lucrative investment landscape of the Gulf region. With substantial capital reservoirs nestled within sovereign wealth funds and corporate venture capital entities, Gulf nations have emerged as compelling investors for European startups and scaleups.

According to comprehensive data from Dealroom, the influx of investment from Gulf countries into European startups soared to a staggering $3 billion in 2023, marking a remarkable 5x surge from the $627 million recorded in 2018.

This substantial injection of capital, accounting for approximately 5% of the total funding raised in the region, underscores the growing prominence of Gulf investors in European markets.

Particularly noteworthy is the significant support extended to growth-stage companies, with over two-thirds of Gulf investments in 2023 being directed towards funding rounds exceeding $100 million. This influx of capital provides a welcome boost to European companies grappling with the challenge of securing well-capitalized investors locally.

Delving deeper into the landscape, Sifted has identified the most active Gulf investors in European startups over the past two years.

Leading the pack is Aramco Ventures, headquartered in Dhahran, Saudi Arabia. Bolstered by a substantial commitment, Aramco Ventures boasts a $1.5 billion sustainability fund, alongside an additional $4 billion allocated to its venture capital arm, positioning it as a formidable player with a total investment capacity of $7 billion by 2027. With a notable presence in 17 funding rounds, Aramco Ventures has strategically invested in ventures such as Carbon Clean Solutions and ANYbotics, aligning with its focus on businesses that offer strategic value.

Following closely is Mubadala Capital, headquartered in Abu Dhabi, UAE, with an impressive tally of 13 investments in European startups over the past two years. Backed by the sovereign wealth fund Mubadala Investment Company, Mubadala Capital’s diverse investment portfolio spans private equity, venture capital, and alternative solutions. Notable investments include Klarna, TIER, and Juni, reflecting its global investment strategy across various sectors.

Ventura Capital, based in Dubai, UAE, secured its position as a key player with nine investments in European startups. With a presence in Dubai, London, and Tokyo, Ventura Capital boasts an international network of limited partners and a sector-agnostic investment approach, contributing to its noteworthy investments in companies such as Coursera and Spotify.

Qatar Investment Authority, headquartered in Doha, Qatar, has made significant inroads into the European startup ecosystem with six notable investments. As the sovereign wealth fund of Qatar, QIA’s diversified portfolio spans private and public equity, infrastructure, and real estate, with strategic investments in tech startups across healthcare, consumer, and industrial sectors.

MetaVision Dubai, a newcomer to the scene, has swiftly garnered attention with six investments in European startups. Focusing on seed to Series A startups in the metaverse and Web3 space, MetaVision raised an undisclosed fund in 2022, affirming its commitment to emerging technologies and innovative ventures.

Investcorp, headquartered in Manama, Bahrain, has solidified its presence with six investments in European startups. With a focus on mid-sized B2B businesses, Investcorp’s diverse investment strategies encompass private equity, real estate, infrastructure, and credit management, contributing to its notable investments in companies such as Terra Quantum and TruKKer.

Chimera Capital, based in Abu Dhabi, UAE, rounds off the list with four strategic investments in European startups. As part of a prominent business conglomerate, Chimera Capital leverages its global reach and sector-agnostic approach to drive investments in ventures such as CMR Surgical and Neat Burger.

In conclusion, the burgeoning influx of capital from Gulf investors into European startups underscores the region’s growing appeal as a vibrant hub for innovation and entrepreneurship. With key players such as Aramco Ventures, Mubadala Capital, and Ventura Capital leading the charge, European startups are poised to benefit from the strategic investments and partnerships forged with Gulf investors, propelling them towards sustained growth and success in the global market landscape.

We Can’t Thank You Enough For Your Support!

— By Darren Wilson, Team

— Contact us:

— Anonymous submissions:

Continue Reading


China Reveals Lunar Mission: Sending ‘Taikonauts’ To The Moon From 2030 Onwards

China Reveals Lunar Mission

The Voice Of EU | In a bold stride towards lunar exploration, the Chinese Space Agency has unveiled its ambitious plans for a moon landing set to unfold in the 2030s. While exact timelines remain uncertain, this endeavor signals a potential resurgence of the historic space race reminiscent of the 1960s rivalry between the United States and the USSR.

China’s recent strides in lunar exploration include the deployment of three devices on the moon’s surface, coupled with the successful launch of the Queqiao-2 satellite. This satellite serves as a crucial communication link, bolstering connectivity between Earth and forthcoming missions to the moon’s far side and south pole.

Unlike the secretive approach of the Soviet Union in the past, China’s strategy leans towards transparency, albeit with a hint of mystery surrounding the finer details. Recent revelations showcase the naming and models of lunar spacecraft, steeped in cultural significance. The Mengzhou, translating to “dream ship,” will ferry three astronauts to and from the moon, while the Lanyue, meaning “embrace the moon,” will descend to the lunar surface.

Drawing inspiration from both Russian and American precedents, China’s lunar endeavor presents a novel approach. Unlike its predecessors, China will employ separate launches for the manned module and lunar lander due to the absence of colossal space shuttles. This modular approach bears semblance to SpaceX’s Falcon Heavy, reflecting a contemporary adaptation of past achievements.

Upon reaching lunar orbit, astronauts, known as “taikonauts” in Chinese, will rendezvous with the lunar lander, reminiscent of the Apollo program’s maneuvers. However, distinct engineering choices mark China’s departure from traditional lunar landing methods.

The Chinese lunar lander, while reminiscent of the Apollo Lunar Module, introduces novel features such as a single set of engines and potential reusability and advance technology. Unlike past missions where lunar modules were discarded, China’s design hints at the possibility of refueling and reuse, opening avenues for sustained lunar exploration.

China Reveals Lunar Mission: Sending 'Taikonauts' To The Moon From 2030 Onwards
A re-creation of the two Chinese spacecraft that will put ‘taikonauts’ on the moon.CSM

Despite these advancements, experts have flagged potential weaknesses, particularly regarding engine protection during landing. Nevertheless, China’s lunar aspirations remain steadfast, with plans for extensive testing and site selection underway.

Beyond planting flags and collecting rocks, China envisions establishing a permanent lunar base, the International Lunar Research Station (ILRS), ushering in a new era of international collaboration in space exploration.

While the Artemis agreements spearheaded by NASA have garnered global support, China’s lunar ambitions stand as a formidable contender in shaping the future of space exploration. In conclusion, China’s unveiling of its lunar ambitions not only marks a significant milestone in space exploration but also sets the stage for a new chapter in the ongoing saga of humanity’s quest for the cosmos. As nations vie for supremacy in space, collaboration and innovation emerge as the cornerstones of future lunar endeavors.

Continue Reading


Aviation and Telecom Industries Reach Compromise on 5G Deployment

The Voice Of EU | In a significant development, AT&T and Verizon, the two largest mobile network operators in the United States, have agreed to delay the deployment of 5G services following requests from the aviation industry and the Biden administration. This decision marks a crucial compromise in the long-standing dispute between the two industries, which had raised concerns over the potential interference of 5G with flight signals.
The aviation industry, led by United Airlines CEO Scott Kirby, had been vocal about the risks of 5G deployment, citing concerns over the safety of flight operations. Kirby had urged AT&T and Verizon to delay their plans, warning that proceeding with the deployment would be a “catastrophic failure of government.” The US Senate Commerce Committee hearing on the issue further highlighted the need for a solution.
In response, US Transportation Secretary Pete Buttigieg and Federal Aviation Administration (FAA) head Steve Dickson sent a letter to the mobile networks, requesting a two-week delay to reassess the potential risks. Initially, AT&T and Verizon were hesitant, citing the aviation industry’s two-year preparation window. However, they eventually agreed to the short delay, pushing the deployment to January 19.
The crux of the issue lies in the potential interference between 5G signals and flight equipment, particularly radar altimeters. The C-Band spectrum used by 5G networks is close to the frequencies employed by these critical safety devices. The FAA requires accurate and reliable radar altimeters to ensure safe flight operations.

Airlines in the US have been at loggerheads with mobile networks over the deployment of 5G and its potential impact on flight safety.

Despite the concerns, both the FAA and the telecoms industry agree that 5G mobile networks and airline travel can coexist safely. In fact, they already do in nearly 40 countries where US airlines operate regularly. The key lies in reducing power levels around airports and fostering cross-industry collaboration prior to deployment.
The FAA has been working to find a solution in the United States, and the additional two-week delay will allow for further assessment and preparation. AT&T and Verizon have also agreed to not operate 5G base stations along runways for six months, similar to restrictions imposed in France.
President Joe Biden hailed the decision to delay as “a significant step in the right direction.” The European Union Aviation Safety Agency and South Korea have also reported no unsafe interference with radio waves since the deployment of 5G in their regions.
As the aviation and telecom industries continue to work together, it is clear that safe coexistence is possible. The delay in 5G deployment is a crucial step towards finding a solution that prioritizes both safety and innovation. With ongoing collaboration and technical assessments, the United States can join the growing list of countries where 5G and airlines coexist without issue.

Continue Reading


Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!