Managing cyber risk is no longer a technical necessity but also a strategic imperative in global business. As companies are more interconnected and reliant on artificial intelligence (AI), the Internet of Things, and the rest of the digital ecosystem, they are exposed to greater opportunities and risks.
In this video, Senior Managing Director and cybersecurity expert Denis Calderone shares topics covered in the 2025 J.S. Held Global Risk Report focused on managing cyber risk in the year ahead.
The global regulatory landscape is evolving rapidly in response to the increasing severity of cyber threats. Governments and regulatory bodies, including the U.S. Securities and Exchange Commission (SEC), the European Union (EU), and the U.S. Transportation Security Administration (TSA), have introduced cybersecurity mandates that require businesses to strengthen their defenses, improve incident reporting, and ensure compliance with new industry standards. The 2025 Global Risk Report by J.S. Held provides perspectives on these regulatory shifts, helping businesses navigate the complexities of cyber risk and compliance.
The growing frequency and severity of cyberattacks are reshaping how businesses approach risk management. The J.S. Held 2025 Global Risk Report explores key issues facing business today, including:
Business Interruption from Cyber Incidents: High-profile cases like Change Healthcare’s 2024 breach demonstrate how cyberattacks can halt operations, lead to regulatory scrutiny, and result in massive financial losses.
Reputational and Legal Fallout: Cyber incidents can trigger lawsuits and damage a company’s reputation, often leading to prolonged trust recovery periods with customers and investors.
Loss of Sensitive Data: Data breaches can expose critical information, including personal, financial, and proprietary data, amplifying risks of identity theft and fraud.
Tightening Regulatory Landscape: New cybersecurity laws, such as the EU’s NIS2 Directive and Cyber Resilience Act, alongside the US SEC’s disclosure rules, demand stricter compliance from businesses in key sectors.
Complexities in Cyber Insurance: Many companies lack clarity on whether their policies cover ransomware or meet legal and operational needs, leaving them exposed to potential financial risks.
Ransomware Dilemmas and Legal Risks: Paying a ransom may violate international sanctions, creating additional legal complications for organizations already dealing with cyberattacks.
Proactive Cybersecurity Enhancements: Companies implementing advanced cybersecurity measures like MFA, EDR, and immutable backup systems improve their defenses and reduce risks of disruption.
AI-Powered Threat Detection: Artificial intelligence enables companies to identify fraud and cyberattacks faster by analyzing patterns and anomalies in real time, minimizing damage, and reducing costs.
Increased Demand for Cyber Insurance: As companies across industries seek better coverage, insurers have opportunities to innovate new products, though exclusionary clauses are becoming more common.
Business Continuity and Resilience: Organizations with strong cyber hygiene, incident response plans, and dependency mapping are better prepared for attacks and may benefit from reduced insurance premiums.
Cybersecurity risk is just one of the five key areas analyzed in the J.S. Held 2025 Global Risk Report. Other topics include sustainability, supply chain, cryptocurrency and digital assets, AI and data regulations.
If you have any questions or would like to further discuss the risks and opportunities outlined in the report, email GlobalRiskReport@jsheld.com.
To connect with Denis Calderone simply click on his icon now.
For any other media inquiries - contact :
Kristi L. Stathis, J.S. Held
+1 786 833 4864
Kristi.Stathis@JSHeld.com
