Jari Pirhonen
@japi.bsky.social
Security leader, risk professional, business enabler, lifelong learner.
"The Association of British Insurers latest figures show £197 million was paid out to help businesses recover from cyber incidents in 2024 - a 230% year-on-year increase from 2023. Malware and ransomware accounted for 51% of all claims."
www.abi.org.uk/news/news-ar... #cybersecurity
www.abi.org.uk/news/news-ar... #cybersecurity
Nearly £200 million paid in cyber claims to help UK businesses recover | ABI
You do not have JavaScript enabled.
www.abi.org.uk
November 12, 2025 at 7:54 PM
"The Association of British Insurers latest figures show £197 million was paid out to help businesses recover from cyber incidents in 2024 - a 230% year-on-year increase from 2023. Malware and ransomware accounted for 51% of all claims."
www.abi.org.uk/news/news-ar... #cybersecurity
www.abi.org.uk/news/news-ar... #cybersecurity
"The Knownsec data breach would be one of the most damaging leaks of Chinese cyber-espionage tools and intelligence priorities in modern history."
botcrawl.com/knownsec-dat... #cybersecurity
botcrawl.com/knownsec-dat... #cybersecurity
Knownsec Data Breach Exposes Chinese Cyber Weapons and Target Lists
The Knownsec data breach leaked 12,000 files including Chinese cyber weapons, internal tools, and target lists naming Japan, Vietnam, and India.
botcrawl.com
November 12, 2025 at 7:03 AM
"The Knownsec data breach would be one of the most damaging leaks of Chinese cyber-espionage tools and intelligence priorities in modern history."
botcrawl.com/knownsec-dat... #cybersecurity
botcrawl.com/knownsec-dat... #cybersecurity
"OWASP's first major Top 10 update since 2021 and is notable for its emphasis on supply chain risks and systemic design weakness rather than just common software coding errors."
www.darkreading.com/application-... #infosec #cybersecurity #appsec
www.darkreading.com/application-... #infosec #cybersecurity #appsec
OWASP Highlights Supply Chain Risks in New Top 10
Security misconfiguration jumped to second place as organizations improve defenses against traditional coding flaws.
www.darkreading.com
November 12, 2025 at 6:59 AM
"OWASP's first major Top 10 update since 2021 and is notable for its emphasis on supply chain risks and systemic design weakness rather than just common software coding errors."
www.darkreading.com/application-... #infosec #cybersecurity #appsec
www.darkreading.com/application-... #infosec #cybersecurity #appsec
"A list of key control indicators (KCIs) compiled by the #CISO #Metrics Working Group, comprised of CISOs from large multinational corporations"
www.microsoft.com/en-us/securi... #cybersecurity
www.microsoft.com/en-us/securi... #cybersecurity
Securing critical infrastructure: Why Europe’s risk-based regulations matter | Microsoft Security Blog
Learn how CISOs can use new European Union legislation to strengthen their cybersecurity measures.
www.microsoft.com
November 11, 2025 at 6:00 PM
"A list of key control indicators (KCIs) compiled by the #CISO #Metrics Working Group, comprised of CISOs from large multinational corporations"
www.microsoft.com/en-us/securi... #cybersecurity
www.microsoft.com/en-us/securi... #cybersecurity
"At the most basic level, threat intelligence is about understanding threats outside the organization, while threat hunting is the active pursuit of threats already within an organization’s network or systems."
www.recordedfuture.com/blog/threat-... #cybersecurity
www.recordedfuture.com/blog/threat-... #cybersecurity
Threat Hunting vs. Threat Intelligence
Understand the difference between threat hunting vs. threat intelligence, why both matter for security, and how Recorded Future empowers proactive cyber defense.
www.recordedfuture.com
November 11, 2025 at 5:57 PM
"At the most basic level, threat intelligence is about understanding threats outside the organization, while threat hunting is the active pursuit of threats already within an organization’s network or systems."
www.recordedfuture.com/blog/threat-... #cybersecurity
www.recordedfuture.com/blog/threat-... #cybersecurity
"As gradually leaked the last days by various news outlets, the EU Commission has secretly set in motion a potentially massive reform of the #GDPR"
noyb.eu/en/eu-commis... @noyb.eu #privacy
noyb.eu/en/eu-commis... @noyb.eu #privacy
EU Commission about to wreck core principles of the GDPR
The EU Commission has secretly set in motion a potentially massive reform of the GDPR. noybs first overview of the proposed changes.
noyb.eu
November 10, 2025 at 7:22 PM
"As gradually leaked the last days by various news outlets, the EU Commission has secretly set in motion a potentially massive reform of the #GDPR"
noyb.eu/en/eu-commis... @noyb.eu #privacy
noyb.eu/en/eu-commis... @noyb.eu #privacy
"The Bank of England (BoE) has cited the cyberattack on Jaguar Land Rover (JLR) as one of the reasons for the country's slower-than-expected GDP growth in its latest rates decision."
www.theregister.com/2025/11/07/b...
www.theregister.com/2025/11/07/b...
Bank of England says JLR's cyberattack damaged UK GDP growth
: This kind of material economic impact from online crooks thought to be a UK-first
www.theregister.com
November 10, 2025 at 7:17 PM
"The Bank of England (BoE) has cited the cyberattack on Jaguar Land Rover (JLR) as one of the reasons for the country's slower-than-expected GDP growth in its latest rates decision."
www.theregister.com/2025/11/07/b...
www.theregister.com/2025/11/07/b...
High Conflict (Amanda Ripley): "The biggest problem in communication is the illusion that it has taken place. First, we think we have conveyed our intentions and desires clearly when we haven’t. And second, we don’t really know what our intentions and desires are." #book #quote
November 8, 2025 at 4:56 PM
"Meta internally projected late last year that it would earn about 10% of its overall annual revenue – or $16 billion – from running advertising for scams and banned goods, internal company documents show."
www.reuters.com/investigatio...
www.reuters.com/investigatio...
www.reuters.com
November 8, 2025 at 10:12 AM
"Meta internally projected late last year that it would earn about 10% of its overall annual revenue – or $16 billion – from running advertising for scams and banned goods, internal company documents show."
www.reuters.com/investigatio...
www.reuters.com/investigatio...
"If people couldn’t write well, George Orwell famously said, they couldn’t think well. And if they couldn’t think well, others would do the thinking for them."
themindcollection.com/orwells-writ...
themindcollection.com/orwells-writ...
Orwell’s Writing Rules: How to Write With Clarity
A reflection on George Orwell's writing rules; six informal guidelines to think clearly and avoid producing meaningless drivel.
themindcollection.com
November 8, 2025 at 10:09 AM
"If people couldn’t write well, George Orwell famously said, they couldn’t think well. And if they couldn’t think well, others would do the thinking for them."
themindcollection.com/orwells-writ...
themindcollection.com/orwells-writ...
"The after action report from Nevada's technology office about what happened during and after a ransomware attack detected Aug. 24 that disrupted 60 state agencies, some for 28 days"
gov.nv.gov/uploadedFile... (pdf) #cybersecurity #breach
gov.nv.gov/uploadedFile... (pdf) #cybersecurity #breach
gov.nv.gov
November 7, 2025 at 6:04 PM
"The after action report from Nevada's technology office about what happened during and after a ransomware attack detected Aug. 24 that disrupted 60 state agencies, some for 28 days"
gov.nv.gov/uploadedFile... (pdf) #cybersecurity #breach
gov.nv.gov/uploadedFile... (pdf) #cybersecurity #breach
November 7, 2025 at 5:47 PM
"Marks & Spencer says its April cyberattack will cost around £136 million ($177.2 million) in total."
www.theregister.com/2025/11/05/m... #cybersecurity #crime #ransomware
www.theregister.com/2025/11/05/m... #cybersecurity #crime #ransomware
M&S pegs cyber cleanup costs at £136M, profits tumble
: Retailer's tech systems aren’t down anymore, but the same can’t be said for its rocky financials
www.theregister.com
November 7, 2025 at 6:33 AM
"Marks & Spencer says its April cyberattack will cost around £136 million ($177.2 million) in total."
www.theregister.com/2025/11/05/m... #cybersecurity #crime #ransomware
www.theregister.com/2025/11/05/m... #cybersecurity #crime #ransomware
"1,957,476,021 unique email addresses. Oh - and 1.3 billion unique passwords, 625 million of which we'd never seen before either. It's the most extensive corpus of data we've ever processed, by a significant margin."
www.troyhunt.com/2-billion-em...
www.troyhunt.com/2-billion-em...
2 Billion Email Addresses Were Exposed, and We Indexed Them All in Have I Been Pwned
I hate hyperbolic news headlines about data breaches, but for the "2 Billion Email Addresses" headline to be hyperbolic, it'd need to be exaggerated or overstated - and it isn't. It's rounded up from…
www.troyhunt.com
November 7, 2025 at 6:29 AM
"1,957,476,021 unique email addresses. Oh - and 1.3 billion unique passwords, 625 million of which we'd never seen before either. It's the most extensive corpus of data we've ever processed, by a significant margin."
www.troyhunt.com/2-billion-em...
www.troyhunt.com/2-billion-em...
"MAESTRO (Multi-Agent Environment, Security, Threat, Risk, and Outcome), a novel threat modeling framework designed specifically for the unique challenges of Agentic #AI."
cloudsecurityalliance.org/blog/2025/02... #cybersecurity
cloudsecurityalliance.org/blog/2025/02... #cybersecurity
Agentic AI Threat Modeling Framework: MAESTRO | CSA
MAESTRO (Multi-Agent Environment, Security, Threat, Risk, & Outcome) is a novel threat modeling framework for Agentic AI. Assess risks across the AI lifecycle.
cloudsecurityalliance.org
November 7, 2025 at 6:25 AM
"MAESTRO (Multi-Agent Environment, Security, Threat, Risk, and Outcome), a novel threat modeling framework designed specifically for the unique challenges of Agentic #AI."
cloudsecurityalliance.org/blog/2025/02... #cybersecurity
cloudsecurityalliance.org/blog/2025/02... #cybersecurity
"Ukraine has launched at least 58 attacks on key Russian energy sites since the start of August, sending drones as far as about 2,000 km into Russian territory"
www.reuters.com/graphics/UKR...
www.reuters.com/graphics/UKR...
Inside Ukraine's drone campaign to blitz Russia’s energy industry
Ukraine has used long-range drone strikes against Russian energy infrastructure to undercut Russia’s economy and try to bring Moscow to the negotiating table.
www.reuters.com
November 4, 2025 at 7:36 PM
"Ukraine has launched at least 58 attacks on key Russian energy sites since the start of August, sending drones as far as about 2,000 km into Russian territory"
www.reuters.com/graphics/UKR...
www.reuters.com/graphics/UKR...
"Russia’s kinetic campaign—bombings, arson, assassination plots—should be seen as both punishment for Europe’s support to Ukraine and preparation for potential wider conflict."
www.globsec.org/what-we-do/p... #security #safety
www.globsec.org/what-we-do/p... #security #safety
www.globsec.org
November 4, 2025 at 5:45 PM
"Russia’s kinetic campaign—bombings, arson, assassination plots—should be seen as both punishment for Europe’s support to Ukraine and preparation for potential wider conflict."
www.globsec.org/what-we-do/p... #security #safety
www.globsec.org/what-we-do/p... #security #safety
"A #ransomware negotiator and an incident response manager at two separate cybersecurity firms have been indicted for allegedly carrying out ransomware attacks of their own."
www.theregister.com/2025/11/03/r...
www.theregister.com/2025/11/03/r...
Rogue ransomware negotiators accused of extortion attacks
: Rogues committed extortion while working for infosec firms
www.theregister.com
November 4, 2025 at 5:41 PM
"A #ransomware negotiator and an incident response manager at two separate cybersecurity firms have been indicted for allegedly carrying out ransomware attacks of their own."
www.theregister.com/2025/11/03/r...
www.theregister.com/2025/11/03/r...
"US Department of Homeland Security formalized what had been years in the making: a full-scale system to photograph and track every non-citizen who enters or leaves the U.S. For non-citizens, those images can be retained for up to 75 years"
www.biometricupdate.com/202510/dhs-e... #privacy
www.biometricupdate.com/202510/dhs-e... #privacy
DHS expands biometric entry-exit, CBP to photograph all noncitizens at US borders | Biometric Update
The measure takes effect December 26 and authorizes CBP to photograph “all aliens” at all ports of entry and departure, and “any other point of departure.”
www.biometricupdate.com
November 4, 2025 at 5:40 PM
"US Department of Homeland Security formalized what had been years in the making: a full-scale system to photograph and track every non-citizen who enters or leaves the U.S. For non-citizens, those images can be retained for up to 75 years"
www.biometricupdate.com/202510/dhs-e... #privacy
www.biometricupdate.com/202510/dhs-e... #privacy
#Security risk, operational complexity, and data inaccuracy are top barriers to using #GenAI
knowledge.wharton.upenn.edu/special-repo... #AI #cybersecurity
knowledge.wharton.upenn.edu/special-repo... #AI #cybersecurity
2025 AI Adoption Report: Gen AI Fast-Tracks Into the Enterprise
Now in its third year, this unique, year-over-year, cross-sectional study shows where the common use cases are, where returns are emerging, and which people- and process-levers could convert…
knowledge.wharton.upenn.edu
November 4, 2025 at 5:33 PM
#Security risk, operational complexity, and data inaccuracy are top barriers to using #GenAI
knowledge.wharton.upenn.edu/special-repo... #AI #cybersecurity
knowledge.wharton.upenn.edu/special-repo... #AI #cybersecurity
"It is time for a new Nordic trend. Luckily, Finland has just the thing: #sisu—a personality trait or philosophy combining inner strength, perseverance and a can-do attitude towards adversity" #grit
www.economist.com/europe/2025/...
www.economist.com/europe/2025/...
The Finnish lifestyle philosophy that could save Europe
Sisu, or grit in the face of adversity, is just what the continent needs
www.economist.com
November 2, 2025 at 9:15 PM
"It is time for a new Nordic trend. Luckily, Finland has just the thing: #sisu—a personality trait or philosophy combining inner strength, perseverance and a can-do attitude towards adversity" #grit
www.economist.com/europe/2025/...
www.economist.com/europe/2025/...
"Jaguar Land Rover is thought to have been victim to the most economically damaging cyberattack in British history. It marks the third such high-profile case in the U.K. this year, raising concerns over the country’s cyber reslience."
www.cnbc.com/2025/10/29/j... #cybersecurity
www.cnbc.com/2025/10/29/j... #cybersecurity
Jaguar Land Rover’s cyberattack holds an ominous lesson for British businesses
The attack on Jaguar Land Rover could be the most economically damaging in UK history. Now, attention turns to what happens next.
www.cnbc.com
November 2, 2025 at 5:22 PM
"Jaguar Land Rover is thought to have been victim to the most economically damaging cyberattack in British history. It marks the third such high-profile case in the U.K. this year, raising concerns over the country’s cyber reslience."
www.cnbc.com/2025/10/29/j... #cybersecurity
www.cnbc.com/2025/10/29/j... #cybersecurity
"how Large Language Models work, from scratch — assuming only that you know how to add and multiply two numbers"
medium.com/data-science... #AI #LLM #GenAI
medium.com/data-science... #AI #LLM #GenAI
Understanding LLMs from Scratch Using Middle School Math
In this article, we talk about how LLMs work, from scratch — assuming only that you know how to add and multiply two numbers. The article…
medium.com
November 2, 2025 at 11:30 AM
"how Large Language Models work, from scratch — assuming only that you know how to add and multiply two numbers"
medium.com/data-science... #AI #LLM #GenAI
medium.com/data-science... #AI #LLM #GenAI
"The 2026 Tech Trends & Priorities Pulse Poll by ISACA finds regulatory compliance, business continuity and resilience, and managing AI-related risk are top focus areas for the coming year"
www.isaca.org/about-us/new... #infosec #cybersecuriy #AI
www.isaca.org/about-us/new... #infosec #cybersecuriy #AI
Press Releases 2025 New ISACA Research Identifies What Will Keep Tech Pros Up at Night in 2026
The 2026 Tech Trends & Priorities Pulse Poll finds regulatory compliance, business continuity and resilience, and managing AI-related risk are top focus areas for the coming year.
www.isaca.org
October 31, 2025 at 7:07 AM
"The 2026 Tech Trends & Priorities Pulse Poll by ISACA finds regulatory compliance, business continuity and resilience, and managing AI-related risk are top focus areas for the coming year"
www.isaca.org/about-us/new... #infosec #cybersecuriy #AI
www.isaca.org/about-us/new... #infosec #cybersecuriy #AI