惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
W
WeLiveSecurity
O
OpenAI News
N
News and Events Feed by Topic
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Webroot Blog
Webroot Blog
Google Online Security Blog
Google Online Security Blog
云风的 BLOG
云风的 BLOG
N
News | PayPal Newsroom
H
Hacker News: Front Page
博客园_首页
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
The Last Watchdog
The Last Watchdog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
H
Heimdal Security Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
S
Schneier on Security
宝玉的分享
宝玉的分享
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Y
Y Combinator Blog
Cyberwarzone
Cyberwarzone
Microsoft Security Blog
Microsoft Security Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
GbyAI
GbyAI
Cloudbric
Cloudbric
TaoSecurity Blog
TaoSecurity Blog
人人都是产品经理
人人都是产品经理
P
Palo Alto Networks Blog
M
MIT News - Artificial intelligence
G
GRAHAM CLULEY
C
Check Point Blog
Apple Machine Learning Research
Apple Machine Learning Research
Last Week in AI
Last Week in AI
T
Troy Hunt's Blog
L
Lohrmann on Cybersecurity
www.infosecurity-magazine.com
www.infosecurity-magazine.com
P
Proofpoint News Feed
Blog — PlanetScale
Blog — PlanetScale
量子位
博客园 - 聂微东
S
Securelist
博客园 - 三生石上(FineUI控件)
F
Full Disclosure
G
Google Developers Blog
L
LINUX DO - 热门话题
P
Proofpoint News Feed
AI
AI
PCI Perspectives
PCI Perspectives

Enterprise – Silicon Republic

Commission refers Ireland to CJEU for failing to enact cyber rules Cloudflare to block AI crawlers from ad-supported webpages by default Google ordered to pay Klarna nearly $2bn in abuse-of-power row Upcoming iPhone 18 model leaked in Tata Electronics hack Data breaches going unreported – Irish compliance survey Cybersecurity warning for Irish businesses ahead of EU Presidency Dublin's TensorX to partner with Solstice on sovereign European AI Irish Internet Hotline named Trusted Flagger under EU Digital Services Act Don't panic, prepare: A cyber expert's advice on the Mythos hype Day-to-day cyber incidents driving loss for SMEs, finds report Anthropic to reassess Claude Fable 5 AI development restrictions after backlash Anthropic rolls out ‘Mythos-like’ AI model Claude Fable 5 EMEA firms underestimating 'routine risks', finds cyber report More than 20,000 Instagram accounts hacked using Meta AI bug Report: Irish firms cut cybersecurity spend despite rising risks TCS launches sovereign cloud offering in Europe ECB urging action on AI from lenders’ IT departments Hackers access GitHub, download codebase in Grafana Labs breach Europe's public sector deploying AI faster than it can manage – report UK watchdog probes Microsoft over interoperability issues Foxconn confirms cyberattack on North American facilities Clear gap between AI expectations and preparedness, finds report Canvas parent settles with hacker group that stole user data ShinyHunters demands ransom after Canvas hack EU agrees to simpler AI rules and complete ‘nudification’ ban What’s the difference between IT and OT security? Opinion: Why ISO 27001 alone won't save your data from itself Report: Medical device cyberattacks on the rise AI race intensifies with Google's new agent management platform Anthropic probing reported Mythos leak on Discord Nearly 75pc of AI’s economic value captured by just 20pc of companies Anthropic’s Mythos to bolster cybersecurity at UK banks The death of ETL: Is zero-copy a ‘liberation’ for data teams? After Anthropic, OpenAI launches cyber-specific AI model The Interview: Dentons' Carlo Salizzo on three forces defining digital law Anthropic's Mythos a game-changer, NCSC chief tells Oireachtas Mythos just first of power models to come: Anthropic co-founder New XP95 hacker group targets Dublin recruitment platform Healthdaq OpenAI apps for MacOS exposed by threat Mythos testing begins as governments raise cyber concerns Anthropic's Glasswing project employs Mythos to prevent AI cyberattacks Is your data integrity framework just a fancy spreadsheet? Ireland begins digital wallet testing and consultation How is Australia working to make data centres more sustainable? China's DeepSeek suffers rare outage lasting several hours ShinyHunters claims responsibility for European Commission breach Security first: Why cybersecurity needs to adapt in the age of AI iOS hacking tool 'DarkSword' leaked on GitHub China’s Alibaba could launch Qwen for enterprise this week Stryker's Cork site hit by global cyberattack Office.eu and the hope for a digitally sovereign Europe How fully homomorphic encryption is reshaping secure AI Major phishing operation disrupted in joint Europol action Hacking tool with possible US origins targets outdated iPhones Pure Storage, now Everpure, to acquire 1touch Hacker used commercial AI to breach 600 firewalls: AWS Why cloud strategies are pivoting from reaction to precision ‘In cyber, bridging the gap between the server room and boardroom is crucial’ AWS expanding in Belgium, Netherlands and Portugal, amid sovereign cloud launch
‘Complexity is where cyber risk tends to grow’
silicon · 2026-01-23 · via Enterprise – Silicon Republic

ISACA’s Chris Dimitriadis talks about the Cybersecurity Maturity Model Certification, the cyber complexity of transatlantic operations and his predictions for the threat landscape in 2026.

Last month, the Information Systems Audit and Control Association (ISACA) announced that it had been appointed to lead the global credentialing programme for the US Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC).

The CMMC, according to ISACA’s chief global strategy officer Chris Dimitriadis, is “designed to protect sensitive information across the defence industrial base and its supply chain”.

“What makes it different is that it sets out very specific cybersecurity requirements and a maturity-based assessment model, demonstrating both self-awareness and a continuous improvement journey.”

According to December’s announcement, the appointment has positioned ISACA – an IT governance organisation that provides education, training, guidance and credentials to companies worldwide – as the exclusive CMMC Assessor and Instructor Certification Organization, which makes it responsible for training, examining and certifying professionals, assessors and instructors across the CMMC ecosystem.

But while the CMMC appears to be of primary importance to the US, Dimitriadis tells SiliconRepublic.com that the certification is also quite relevant to European companies, including many that operate out of Ireland.

“If you are part of the DoD supply chain supporting US defence-related programmes, CMMC will become mandatory, regardless of where you are located,” he says. “That’s why it matters. It’s not only a best practice conversation, it becomes a market access issue.”

Dimitriadis also explains that the CMMC highlights something that he says ISACA has been focused on for decades: “cybersecurity at scale depends on people”.

“Building the workforce that understands the controls, the assessment model and how to implement maturity is essential for companies on both sides of the Atlantic.”

‘In practice, security is about progress, discipline and repeatability’

Transatlantic trickiness

Dimitriadis says that the nature of transatlantic operations heightens cyber risk for the organisations involved.

“Transatlantic operations almost always increase complexity, and complexity is where cyber risk tends to grow,” he says. “The first major issue is supply chain exposure. Attackers rarely go after the strongest link, they look for the most vulnerable one.

“In global ecosystems, that can be a smaller supplier, a service provider or a subcontractor.”

The second issue, he says, is the “nature” of the data and the systems that are involved.

“When defence-related information, controlled technical data, or sensitive operational systems are in play, the impact of compromise is simply much higher. That requires stronger access controls, better identity governance, and more disciplined incident response.”

The third and final issue that Dimitriadis highlights is “multi-jurisdiction reality”.

He explains that companies need to navigate different requirements, obligations and reporting expectations across regions, adding that if governance and security operations aren’t aligned, “you create gaps, and those gaps are exactly what threat actors exploit”.

Cyber in 2026

With the fear of advanced cyberattacks rising across the threat landscape, preparedness and cyber maturity has become increasingly important for organisations – a belief shared by Dimitriadis.

“Cyber maturity matters because cybersecurity is not a ‘one-time’ achievement,” he says. “It’s a capability that has to improve continuously.

“Too often, organisations see security as a binary state: secure or insecure, compliant or non-compliant. But in practice, security is about progress, discipline and repeatability.”

Looking to the year ahead, he emphasises that cyber maturity will be “critical” because the threat landscape is expanding, the attack surface is growing and organisations are under increasing pressure to “prove resilience, not just claim it”.

Dimitriadis also believes that 2026 will be a year where “cyber compliance becomes more evidence-driven and more workforce-dependent”, as evidenced by regulations such as NIS2 and DORA.

“What organisations need to recognise is that compliance isn’t something you can handle in silos,” he says. “Most requirements overlap – incident response, access control, governance, monitoring – and companies need a holistic approach to bring those obligations together efficiently.”

But the most important factor, according to Dimitriadis, is “capability”.

“The biggest risk for organisations won’t only be budget or tooling, it will be whether they have enough trained professionals to implement controls properly, assess maturity and sustain improvement over time,” he says.

“Without the people, compliance becomes unrealistic, and cybersecurity and consequently trust becomes harder to deliver.”

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.