Hello. The most underappreciated risk for corporate leaders is the confluence of risk, says Vincent Tizzio, chief executive of insurer Axis Capital.

Cyber, climate, energy resilience and increased scrutiny of companies together are underestimated, said Tizzio, speaking Tuesday with WSJ Leadership Institute's Alan Murray at the World Economic Forum in Davos. So is the understanding of how different insurance products work together, he said.

Also today: 

• DOGE might have misused Social Security data, court filing admits
• Second tech executive leaves Marks & Spencer after hack
• Crypto heist at law firm 
• Justice Department's cyber fraud settlements top $52 million

Stepping down: Josie Smith is resigning as Marks & Spencer's chief technology officer about one year after a ransomware attack disrupted operations for weeks. Smith had joined the U.K. retailer about six months before the hack from telecom provider BT Group. Rachel Higham left M&S as chief digital and technology officer in October. (Sky News)

• Further reading from WSJ: Marks & Spencer Profits Plummet on Cyberattack

Critical infrastructure operators in the European Union plan to remove high-risk tech from their networks, citing the risk of espionage. The EU directive doesn't name companies or countries targeted. China's Huawei Technologies, which makes telecom, AI and other technology, said the move "violates the EU's basic legal principles of fairness, non-discrimination, and proportionality." (Reuters)

• U.K. cyber officials warned Tuesday that Russia-linked hackers are working to disrupt infrastructure providers and local government networks. (Cybersecurity Dive)
• Since Jan. 1, the U.S. Cybersecurity and Infrastructure Security Agency has issued 18 alerts about vulnerabilities in industrial tech from providers Rockwell Automation, Schneider Electric, Siemens and others. 

Crypto heist at law firm: Hackers stole $4 million in cryptocurrency from Maryland law firm Greenberg & Liberman, which had set up crypto wallets to hold escrow funds for clients. The firm has filed for an emergency injunction to freeze the assets it traced to exchange Bitget. (Law.com)

The WSJ Pro Cybersecurity team is Deputy Bureau Chief Kim S. Nash and reporters Angus Loten and James Rundle. Follow us on X @WSJCyber. Reach the team by replying to any newsletter you receive or by emailing Kim at kim.nash@wsj.com.