GRC Report Staff

The second day of Risk-!n Zurich had a different character from the first. Day one was largely about visibility and how organizations can see risk clearly enough in environments shaped by artificial intelligence, cyber acceleration, operational complexity, climate exposure and emerging technologies. Day two moved the discussion one step further. If organizations can see more, faster and with greater precision, what exactly are they supposed to do with that visibility?

Axiom GRC has made its first move into Canada, acquiring Calgary-based assurance firm MHM as it continues a steady expansion across North America. The deal brings a specialized cybersecurity assurance practice into Axiom's portfolio and extends the company's reach into a market where demand for independent compliance attestations, cybersecurity audits, and AI governance certifications has been growing rapidly.

More than half of Malaysian banks' lending is concentrated in sectors that depend heavily on nature. That finding sits near the beginning of a new report released Thursday by Bank Negara Malaysia, the World Bank Group, and the United Nations Development Program's Biodiversity Finance Initiative (UNDP BIOFIN). It is also the statistic most likely to linger.

Brazil's antitrust authority has fined Japanese automotive supplier Denso Corporation approximately $19.5 million (100.8 million reais), concluding a case that traces back more than a decade and centers on allegations of coordinated conduct in the market for wire harnesses and other automotive electrical components.

Norway's data protection authority has imposed a €1.7 million (NOK 20 million) administrative fine on Elkjøp after finding multiple violations of the General Data Protection Regulation (GDPR) related to the retailer's customer club, a program used by millions of consumers across the Nordic region.

The Italian Competition Authority has fined Philip Morris €7 million after finding that the company's advertising for combustion-free tobacco products misled consumers into believing the products were harmless to health or less harmful than other tobacco products.

A software flaw in ServiceNow's cloud platform allowed unauthorized access to customer data stored in certain enterprise environments, prompting the company to issue a patch and notify affected customers after security researchers uncovered the vulnerability. The issue involved a bug that enabled unauthenticated users to access data in some customer instances without providing credentials. According to a ServiceNow article shared publicly by users after being placed behind a customer login wall, the company deployed fixes on June 5 to address a flaw that allowed users to gain greater access to ServiceNow-hosted data than intended.