The Gaming Boardroom

Where the gambling industry comes to think

Adapting to new threats with proactive risk management

Steve Tyler Exec Content

Adapting to new threats with proactive risk management

Summary

This sponsored piece from MIT Technology Review Insights (in partnership with Hitachi Vantara) argues that as digital systems become more interconnected and attackers get smarter, businesses must move from reactive security to business-wide, proactive cyber resilience.

The article uses high-profile incidents to show the cost of complacency: a botched CrowdStrike update in July 2024 knocked out about 8 million Windows systems and caused billions in direct losses; Delta Air Lines reported severe disruption and half-a-billion dollars in impact. Other 2024 ransomware incidents—Change Healthcare and CDK Global—exposed vast amounts of data and resulted in lengthy outages with large economic losses. The piece warns that rapid adoption of technologies such as AI is enlarging attack surfaces and enabling more sophisticated, AI-driven threats.

Its central recommendation is a shift from detection-after-the-fact to preventative, intelligence-led resilience: design systems and business processes to absorb shocks, reduce unplanned downtime, and protect customer data and trust.

Key Points

  • The July 2024 CrowdStrike update outage affected millions of systems and highlighted systemic fragility; direct losses exceeded $5bn, with Delta reporting c.$500m and thousands of cancelled flights.
  • Unplanned downtime is expensive—Global 2000 firms face average losses of about $200m per year from outages.
  • 2024 ransomware attacks (Change Healthcare and CDK Global) showed the scale of data exposure and long-term disruption: ~190 million records exposed and ~ $1bn in dealer losses respectively.
  • Growing interconnection and rapid adoption of AI increase the attack surface and enable more damaging, AI-driven attacks and malware-as-a-service options for threat actors.
  • Organisations should adopt a preventative, intelligence-led approach to cyber resilience—hardening systems, planning for continuity, and reducing recovery time rather than relying solely on post-incident detection.
  • The content is produced by MIT Technology Review Insights in partnership with Hitachi Vantara and includes a downloadable report with further guidance.

Why should I read this?

Short version: if your organisation relies on digital systems (so, all of them), this is worth five minutes. It collects recent expensive screw-ups and shows why the old ‘find it after it breaks’ approach won’t cut it any more. Handy if you need ammunition to push for resilience fixes and smarter, preventative security investment.

Source

Source: https://www.technologyreview.com/2025/09/09/1123083/adapting-to-new-threats-with-proactive-risk-management/