The latest data analyzed by NordStellar, a threat exposure management platform, reveals that the number of ransomware incidents in 2025 is continuing to grow. Between January and September 2025, 6,330 ransomware cases were exposed on the dark web, representing a 47 percent increase compared to the 4,293 cases recorded in Read More
Geopolitical uncertainty risk is rising rapidly, along with digital disruption, according to the Institute of Internal Auditors’ latest Risk in Focus research. The findings, based on feedback from more than 4,000 internal audit practitioners from 131 countries, found that risk ratings related to geopolitical uncertainty and technological advancements saw the sharpest Read More
This year, the compliance landscape is shifting on multiple fronts. Seven new U.S. state-level privacy laws are taking effect, the U.S. Department of Health and Human Services is proposing major changes to HIPAA—the most significant since 2013, and the EU AI Act is introducing sweeping new governance requirements for high-risk Read More
Five years after debuting guidelines that can help organizations balance the goals of using information while protecting individual privacy, the National Institute of Standards and Technology (NIST) has drafted a new version of the NIST Privacy Framework intended to address current privacy risk management needs, maintain alignment with NIST’s recently Read More
The Institute of Internal Auditors has released the Cybersecurity Topical Requirement, the first of several “Topical Requirements” to be published this year. Incorporating feedback from global practitioners and stakeholders, the Cybersecurity Topical Requirement provides a baseline approach to assessing the design and implementation of cybersecurity governance, risk management and control Read More
In today’s digital era, cybersecurity transcends mere IT concerns to become a cornerstone of organizational integrity. The evolution of cyber threats demands that organizations not just react but proactively manage these risks. Here lies the critical part of internal audit, a strategic ally in fortifying an organization’s cyber defenses. Here Read More
A new survey is taking a look into the future to consider what the top risks may look like in 2034. The survey, conducted by Protiviti, finds that cybersecurity and risks from emerging technology are likely to still be at the center of risk management efforts in the next decade. Read More
For the modern IT auditor, the digital landscape is a battleground. The enemy is a battalion of ever-evolving threats, and our weapons are layered defenses built on meticulous analysis and proactive vigilance. This constant state of war demands laser focus on the areas where our defenses are most likely to Read More
In the relentless chess match between defenders and attackers on IT systems, traditional security solutions are beginning to show their fatigue. Static rules and signatures miss evolving threats, while broad-brush defenses often sacrifice performance for security. Enter Context-Sensitive Defense (CSD), a new frontier in cybersecurity that promises to adapt and Read More
As the scale of emerging technology risks facing companies continue to multiply, IT auditors play a key role in identifying these threats and helping their organizations to navigate them. A new survey conducted by Protiviti and The Institute of Internal Auditors (IIA) reveals which risks are keeping IT auditors up Read More
