IANS Faculty Jake Williams will discuss the Treasury’s Office of the Comptroller of the Currency (OCC) disclosing to Congress that hackers intercepted 103 bank regulators’ emails for more than a year. Jake will discuss what we know and don’t know about this incident, what steps financial services organizations should be taking and how CISOs should be communicating to their executive teams.

Copilot for Microsoft 365 is coming fast and furious for IANS clients. Integration with the M365 suite of applications poses exciting capability to help with tasks like summarizing lengthy emails, reviewing contract language, creating presentations, etc. It also poses security risk – integration with the Microsoft stack poses inherent risk in Copilot exposing sensitive info (i.e. access to the CEO’s calendar, sensitive HR data, patient records, etc.).

The healthcare industry is well established as a sector where infosec teams have to do more with less. The threat landscape is vast and orgs often have core priorities – like saving lives – that divert resources directly away from cyber spending. With infosec budget growth slowing in the industry, this webinar is designed to help you contextualize your program’s resourcing relative to your peers and justify your spend.

Third-party risk management efforts often hit a wall once orgs get past questionnaires. As third-party supply chains get more complex, it’s time to push through this wall and take actionable steps to manage and mitigate risks created throughout the supply chain.

IANS Faculty Jake Williams and Summer Fowler offer their perspectives on some of the biggest infosec-related news topics from the past few months -- cyber implications of the newly implemented tariffs, third-party risk management lessons from Oracle’s reported incidents and planning for quantum security risks. Jake and Summer will focus on how CISOs should be briefing their boards and executive teams on these topics.

Metrics continue to be a pain point in infosec—both in terms of getting a clear understanding of how the program is functioning and communicating that narrative across lines of business. At the center of this problem is the reality there is no one-size-fits-all solution. The best metrics are specific to your business context. In light of that, this session leans on fundamental best practices to help you pressure test your concepts.

Earlier this month, Oracle suffered what is being called the biggest supply chain hack of 2025 so far. According to several sources, a breach occurred when 6 million records were exfiltrated from Oracle Cloud, affecting more than 140,000 tenants. IANS provides some key next steps to keep your data protected.

Many of IANS’ enterprise clients are actively considering or executing on Zero Trust initiatives, based on the frequency and number of inquiries we’ve observed. These organizations have a very wide variety of maturity levels and degree of progress in their Zero Trust journeys, but they do have one thing consistently in common: a clear need for an organizing structure for their Zero Trust initiatives. While the information security industry has several broadly used maturity models, as well as many types of IT project management frameworks, there is no well-defined approach to Zero Trust. This is a gap—enterprises need a Zero Trust structure that properly captures its breadth, as well as the interdependencies between the key elements of access policies, the tools, technologies, and capabilities which enable them, and their impact on organizational maturity.

This report details the main cyber threats and vulnerabilities faced by organizations in the healthcare sector today and recommends ways to shore up defenses.