Blind Spots Become Breaches. Adaptability Builds Resilience.
Cyber This Week Edition 96 explores ransomware losses, third-party risk, AI data leakage, converging cybercrime, litigation exposure, logging gaps, quantum readiness, emergency response, and evolving cybersecurity teams.
Cybersecurity is entering a period where assumptions are becoming liabilities. This edition of Cyber This Week examines how AI, interconnected threats, and evolving risk exposures are challenging frameworks that were designed for a more predictable world. From ransomware losses driven by third-party dependencies to AI assistants becoming potential vectors for data leakage, organisations are being forced to confront blind spots that were previously overlooked. At the same time, the convergence of cybercrime, quantum-readiness concerns, and growing litigation exposure is expanding the conversation beyond security teams and into boardrooms, legal functions, and business leadership. A recurring theme emerges across these stories. Confidence alone is no longer enough. Visibility, preparedness, and adaptability are becoming the true indicators of resilience.

This Week's Articles
- 01Risk & Insurance
Ransomware and Third-Party Vendors Drive Highest Cyber Insurance Losses, Willis Report Finds
The Willis report identifies ransomware as the costliest category of cyber incident, while breaches involving third-party vendors account for a growing proportion of insurance claims. It highlights the need for stronger vendor-risk management, suitable insurance coverage, and ransomware-specific response planning.
Why it mattersRansomware and third-party failures are creating significant financial losses. Organisations need stronger vendor oversight, realistic insurance coverage, and tested incident-response plans.
- 02CPO Magazine
“SearchLeak” Copilot Vulnerability Chain Turns the AI Assistant Into a Data Theft Partner
Researchers discovered an attack chain that could manipulate Microsoft Copilot into accessing and exfiltrating sensitive enterprise information. The vulnerability demonstrates how AI assistants can become part of an attack when several security weaknesses are combined.
Why it mattersAI assistants may inherit access to sensitive enterprise data. Security teams need stronger isolation, permission controls, monitoring, and testing of AI-enabled workflows.
- 03World Economic Forum
Cybercrime Is Converging. The Response Must Converge Faster
Cybercrime increasingly operates as an interconnected ecosystem involving ransomware, fraud, money laundering, trafficking, and organised crime. The article calls for coordinated intelligence sharing, stronger public-private partnerships, and collective disruption of criminal infrastructure.
Why it mattersCybercrime cannot be addressed effectively through isolated investigations. Cross-sector collaboration and shared intelligence are essential to disrupt connected criminal networks.
- 04SecurityInfoWatch
AI, Cybersecurity Risks Drive Sharp Rise in Corporate Litigation Exposure, New Survey Finds
A Norton Rose Fulbright survey finds that corporate litigation exposure is rising because of cybersecurity incidents, AI adoption, and changing regulations. Businesses face growing legal risks from breaches, AI failures, and compliance shortcomings.
Why it mattersCybersecurity and AI failures increasingly create legal and financial consequences. Boards, security leaders, and legal teams need coordinated governance and evidence of due care.
- 05Intelligent CISO
What Are Cybersecurity’s Biggest Blind Spots?
Security experts identify overlooked threats including compromised credentials, vulnerable supply chains, employee fatigue, quantum-computing risks, and unsecured Internet of Things devices. The article encourages leaders to address these risks before they cause major incidents.
Why it mattersMajor incidents often begin in areas that organisations underestimate. Regularly reviewing hidden and emerging risks helps prevent assumptions from becoming vulnerabilities.
- 06Help Net Security
Companies Are Discarding the Logs They Need to Catch a Breach
Many large organisations discard or fail to collect significant amounts of system-log data to reduce storage and monitoring costs. This weakens their ability to detect intrusions, investigate incidents, and understand how an attack occurred.
Why it mattersWithout the right logs, security teams lose visibility during detection and investigation. Cost savings must be balanced against forensic, compliance, and response requirements.
- 07CSO Online
Cybersecurity Was Built for Predictable Systems. AI Changes the Rules
Traditional cybersecurity controls were designed for systems that behave predictably, whereas AI applications can produce dynamic and unexpected outcomes. The article recommends real-time visibility, runtime monitoring, and adaptive security controls for AI-enabled environments.
Why it mattersStatic controls may not adequately protect systems whose behaviour changes dynamically. AI environments require continuous monitoring and adaptable security policies.
- 08Forbes
AI, Quantum and the New Cybersecurity Framework Imperative
Advances in artificial intelligence and quantum computing are outpacing conventional security frameworks. The article argues that organisations must move beyond perimeter-based prevention and build adaptable systems capable of anticipating threats, tolerating disruption, and recovering quickly.
Why it mattersAI and quantum developments are changing long-term security assumptions. Organisations need adaptable frameworks, crypto-agility, resilience, and forward-looking risk planning.
- 09Security Magazine
Organizations’ Emergency Response Fails to Match Confidence Levels
Research reveals a gap between how prepared organisations believe they are and how effectively they respond to real emergencies. Many businesses miss early warning signs, while leadership teams are frequently surprised by external threats and operational pressures.
Why it mattersConfidence is not the same as preparedness. Exercises, measurable response capabilities, early-warning processes, and leadership involvement are needed to validate readiness.
- 10Dark Reading
Stressors, AI Forcing Changes to Cybersecurity Teams
Expanding threats, workplace pressure, and the growing complexity of AI are changing cybersecurity roles and team structures. Organisations are reconsidering staffing models, required skills, and the use of flexible or part-time security leadership.
Why it mattersSecurity operating models must evolve with technology and workforce pressures. Organisations need sustainable staffing, updated skills, and leadership structures suited to modern risk.
