07 February 2025

New research from Orange Cyberdefense reveals that nearly six in ten (58%) large UK financial services (FS) firms suffered at least one third-party supply chain attack in 2024, with 23% being targeted three or more times.
Supply chain attacks continue to be one of the most critical and challenging areas in cybersecurity today. A Censuswide survey of 200 UK CISOs and senior security decision-makers, commissioned by Orange Cyberdefense, reveals that most FS firms must reevaluate how they assess third-party risk.
Find out more06 February 2025

Alexia Pedersen, O’Reilly
With technological developments racing ahead, what are the implications for IT skills in 2025? We discuss how the UK’s enterprises can ensure their teams are up to the task.
Where are the skills gaps within the UK’s existing IT staff?
Alexia Pedersen, SVP International, O’Reilly: Our research underscores significant skills gaps within the UK’s existing IT workforce. Employers identified the digital skills they found most lacking, noting an urgent need for expertise in AI and ML (61%), cybersecurity (48%), data analysis (48%), cloud computing (43%), and programming (32%) across their workforce over the next 12 months. The significant surge in demand reflects the urgency for companies to adapt to rapid technological advancements, especially considering the integration of GenAI.
06 February 2025
Insider threats are some of the greatest cybersecurity risks. Unlike other types of security threats, insider threats are complicated because attacks typically involve valid credential use and only a few are caused deliberately.
An insider’s access to an organisation’s most valuable assets makes these attacks harder to identify and remediate.
The impacts of insider threats are far-reaching and have the potential to cause irrevocable damage to an organisation’s reputation. On a financial level alone, the Ponemon Institute found that insider threats cost companies an average of $701.5k per incident in 2023. Beyond these financial losses, organisations that fall victim to insider attacks also face severe reputational and regulatory repercussions.
05 February 2025

Melissa Bischoping, Senior Director, Security & Product Design Research, Tanium
Last summer’s IT glitch that led to unprecedented levels of digital chaos was a wake-up call on a global scale. But unlike other incidents, the outages were not the result of a security incident or malicious cyber activity.
In this case, it appears it was due to a routine software update process that didn’t quite go to plan. This latest headline-grabbing event showed how easily things can grind to a halt when a spanner is thrown into the works. In a shift from the usual storyline, many endpoints were patched and protected, but still fell to an exploited risk inherent in our current IT systems. Modern organizations may have yet-unknown single points of failure which can lead to widespread disruption. For many businesses, the outage resulted in significant operational delays, lost revenue, and a breach of customer trust.