Latest news with #riskmanagement
Forbes
11 hours ago
- Business
- Forbes
The Rise Of Adaptive Security Training: Personalized Risk Management
Stu Sjouwerman is Founder and Executive Chairman of KnowBe4 Inc., a security awareness training and simulated phishing platform. Cybersecurity relies as much on human behavior as it does on technology. Even the most robust firewalls can be rendered ineffective with a single thoughtless click. As organizations face increasingly sophisticated phishing attacks and insider threats, they are realizing that traditional, one-size-fits-all security training is no longer sufficient to meet their needs. Adaptive security training represents a strategic shift toward a data-centric, personalized approach to risk management, where real-time behavioral data tailors learning experiences to individual users, roles and risk profiles, thereby influencing effective training interventions that manage behaviors and enhance cybersecurity. Instead of bombarding everyone with the same material, adaptive security training determines each user's risk level, learning style and previous behavior to develop a customized training course. It provides personalized training, rather than using a one-size-fits-all approach. AI And Behavioral Analytics AI and behavioral analytics fuel the next-generation personalized risk management. The technology is well-suited to sift through enormous amounts of data, including clickstreams, login activity and email interactions. AI can help organizations detect anomalies in user activity (e.g., late-night logins or access to confidential documents) and forecast future risk based on learning from past events and behavioral patterns. It can also launch automated interventions, such as initiating a micro-training session or marking a user for examination. Behavioral science makes interventions human-oriented. Applying concepts like nudging, gamification and habit formation enables behavioral science to provide guidance on how training is administered as well as users' reactions to it. Measuring The Effectiveness Of Adaptive Training Adaptive security training extends beyond simply verifying that a participant has completed a module. It is also about understanding how well the training changed behavior and reduced organizational risk. The training participation rate is an essential metric for organizations to assess the effectiveness and relevance of their training initiatives. They measure this by the frequency at which employees interact with the training content, completion rates and time spent on modules. Human risk scores can help organizations judge the effectiveness of their training programs in reducing risk. A drop in the risk score can confirm the effectiveness of their program. Follow-up quizzes and simulations can assess employees' knowledge retention and identify any change in their long-term behavior. Real-time behavioral analytics are the most effective tool for revealing if employees are applying their learnings in the real world. For example, are they reporting phishing attempts more often or avoiding risky clicks? Some companies use post-training surveys to measure the relevance and level of participation of the training material among workers. This feedback cycle is critical for improving subsequent training. Other training results, such as fewer security breaches, less downtime and better compliance, directly connect training success to organizational objectives. Adaptive Training Influencing Employee Behavior An adaptive, personalized approach to risk management not only instructs employees on what to do; it also motivates them to act and prepares them to do it effectively. Here's how: • It tracks employee reactions to specific threats, such as fraudulent emails masquerading as well-known companies, and immediately modifies training to counteract risky actions. This timely feedback boosts appropriate behaviors and lowers the likelihood of recurrence. • When training resources are tailored to an employee's role, risk exposure and preferred learning style, the resources are viewed as more relevant. This personalized approach enhances engagement and minimizes "training fatigue," making it more likely that employees will remember and apply their training. • The use of behavioral science techniques like gamification encourages secure behaviors over time and enables knowledge to become second nature. Over time, adaptive training creates a security culture of awareness. Staff begin to realize that cybersecurity is everyone's responsibility, not some ad hoc job, and it ceases to be a second thought in their daily routine. Potential Roadblocks And Considerations Adaptive training transforms workers from potential liabilities to valuable assets. However, implementing adaptive training is not without its challenges. Adaptive platforms often require synchronization with HR software, learning management systems (LMS), email clients and security software. Seamless integration between these systems can be technically challenging. Gathering behavioral data to customize a training program may also raise concerns about privacy in terms of both surveillance and data misuse. Although adaptive training provides rich data, converting that into unambiguous business value, such as confirming a drop in security incidents or improved compliance, is challenging without applying the appropriate analytics framework. Employees accustomed to traditional training may be resistant to new approaches, demanding strong change management and visible leadership support to adopt the new approach. The emergence of adaptive security training marks a cultural shift in cybersecurity methods, transitioning from reactive to proactive, from general to tactical and from compliance-based approaches to behavior-based. Personalized risk management enables organizations to develop targeted interventions that aggressively address vulnerabilities, adapt to evolving threats and reduce human error, empowering employees to become active defenders of the organization. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Zawya
14 hours ago
- Business
- Zawya
Dulsco Group appoints a Group Internal Audit & Risk Director
DUBAI, United Arab Emirates — Dubai-born Dulsco Group, a leader in People Solutions, Environmental Solutions, Talent Solutions, and Energy Recruitment Solutions, has appointed Michael Pitts as Group Internal Audit & Risk Director to refresh and lead a strengthened independent, risk-based internal audit function across the Group's regional and cross-border operations. In the newly created role, Michael draws on more than two decades of leadership in internal audit and risk management. With deep-rooted expertise in governance, internal control and ethics he has been entrusted with some of the most complex and high-value assignments, having led audits of mega capital projects valued up to USD 46 billion across sectors including upstream and downstream hydrocarbons, power generation, infrastructure and shipbuilding. Unifying with Dulsco Group's recent period of mergers and acquisitions in the last half decade, Michael has extensive experience in auditing business transformation and large-scale organisational change initiatives including post-acquisition integration of a USD 3.3 billion portfolio. Michael brings a strong ability to integrate analytics, technology, and business intelligence to uncover insights that support decision making and thereby boost enterprise value. He will collaborate across the business to support Dulsco Group's C-Suite and Board in delivering improvements. David Stockton, Group Chief Executive Officer of Dulsco Group said: 'Dulsco Group is marking a milestone year, and we are delighted to welcome Michael Pitts as the new Group Internal Audit & Risk Director. In Michael we have not only secured someone who has decades of experience in complex audit leadership and management, but someone who will drive change throughout the business by the combined use of data and technology to underpin extensive and unrivalled business acumen.' Michael Pitts, Group Internal Audit & Risk Director of Dulsco Group commented: 'Dulsco Group is a diverse corporation with an extensive heritage of business excellence in region which is it now rolling out globally. I am looking forward to collaborating with the leaders within the group, who have created an enterprise of this calibre and size, as we approach 100 years of operation and increase our global footprint serving diverse business verticals from agriculture, aviation and retail to renewables, healthcare and manufacturing. Michael holds professional credentials, including Fellow of the Association of Chartered Certified Accountants (FCCA), Certified Information Systems Auditor (CISA), and Certified Internal Auditor (CIA). With more than 23,000 employees, spanning operations which are led from the UAE, KSA, UK, USA, and Guyana, and stretch into more than 70 countries, Dulsco Group is marking 90 years of operations in 2025. About Dulsco Group Dulsco Group is a UAE-born integrated solutions provider with a portfolio of businesses comprising: Dulsco People, Dulsco Environment, Parisima and Advance Global Recruitment (AGR). Launched in 1935 as a workforce solutions provider, Dulsco Group has evolved to become a leader in People Solutions, Environmental Solutions, Talent Solutions, and Energy Recruitment Solutions servicing over 3,700 clients across a range of sectors. Contact Info: prteam@
Yahoo
a day ago
- Business
- Yahoo
Skanska CEO says its selective strategy reduces risk
This story was originally published on Construction Dive. To receive daily news and insights, subscribe to our free daily Construction Dive newsletter. Remaining selective and planning for risk have been key to Skanska's profitability. CEO Anders Danielsson said the firm has been more discerning about only taking on projects and clients in sectors where it has seen success in the past. 'We took important strategic positions some years ago to be more selective,' Danielsson told Construction Dive. 'We have the right team in place.' The chief of the Stockholm-based contractor spoke to analysts during a second quarter earnings call July 18, where the results showed that U.S. construction has continued to be the anchor of the firm's success. However, continued changes around tariffs have raised questions on pricing for materials, and that uncertainty has impacted project timelines and the ability for contractors to break ground. Danielsson said Skanska has seen minimal impact from the tariff policy thus far, and remained bullish for the future. In part, that success is due to sourcing U.S. materials, he said, noting he hasn't seen increased competition for those domestic products. headshot of Anders Danielsson 'We haven't seen a lot of [impact from tariffs], but we are careful to not to end up in a situation where we suffer from, like price increases,' Danielsson told Construction Dive after the call. 'And so we are very careful before we bid for a project, we secure the prices from our suppliers.' When price hikes do arise, Danielsson said Skanska has had success passing the difference back onto the client. As an example, he cited the firm successfully doing so when construction costs spiked during the COVID-19 pandemic. Priority sectors Within construction, the U.S. civil market remains one of the major success areas for Skanska. Danielsson anticipates 'strong demand for traditional infrastructure' in the states. He cited confidence for public funding to continue to flow to critical sectors such as schools, hospitals, airports and data centers. In recent earnings reports, a sticking point for the firm has been commercial property development, especially as workers in the U.S. largely continued to work from home following the pandemic. Though the firm's outlook on commercial development for the next 12 months remains weak, Danielsson said a shift to quality, where companies target nicer offices in more attractive areas, continues to show promise. 'I'm sure most companies want their employees back to office,' Danielsson said. 'So that trend will continue.'
Yahoo
a day ago
- Business
- Yahoo
Resecurity, Braly Insurance partner to strengthen cyber risk management
Cybersecurity specialist Resecurity has partnered with Braly Insurance Group to enhance cybersecurity and insurance risk management. The partnership will combine Resecurity's capabilities in identifying cyber threats with Braly's experience in risk management to facilitate a 'data-driven' approach to help companies mitigate cyber risks. Resecurity CEO Gene Yoo said: 'We are excited to work with Braly Insurance Group because they truly understand the business impact of cybersecurity. 'This partnership opens the door to more productive conversations between security teams, business leaders, and insurers. It is about building a bridge between technical excellence and financial decision making.' As part of the agreement, Braly will provide Resecurity with industry data and feedback from the market and help the company make connections within the insurance sector. Braly Insurance Group business development vice-president Caden Braly stated: 'This partnership allows us to take a more sophisticated approach to cyber risk by integrating real-world security insights into our client advisory and placement process. It is a strategic step toward offering smarter, more adaptive risk solutions.' Texas-based Braly operates across the US and internationally, providing services in areas such as property and casualty, employee benefits and financial services. Founded in 2016, Resecurity offers a platform that integrates endpoint protection, risk management and threat intelligence. This month, the company expanded its presence to Brazil, speeding up compliance with the Brazilian General Data Protection Law, while improving cyber resilience across the region. "Resecurity, Braly Insurance partner to strengthen cyber risk management " was originally created and published by Life Insurance International, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site.
Bloomberg
a day ago
- Business
- Bloomberg
UBS Reviewing Role of Six Bankers Behind Swiss Client FX Losses
UBS Group AG is reviewing the role of six relationship managers who sold complex currency derivatives to Swiss clients who didn't fully understand the risk, according to people familiar with the matter. Some of the bankers have already departed the bank, said one of the people, who like the others asked for anonymity to discuss the private information. The situation of the remaining advisers is still being assessed, the people said.
