IoT devices are like sausages: They're full of components of varying quality, and it's invariably disturbing to think about their origins. New guidance helps address how to reduce the risk of potentially vulnerable components in connected devices.
The market for IT vendor risk management tools includes products and services that automate processes in the vendor risk management life cycle.
CyberGRX has received the highest score for the second year in a row from Gartner for their VRM Solution with rich assessment data.
Don't just take our word for it, read...
As the healthcare sector prepares for the distribution of COVID-19 vaccines, intensifying the attention to supply chain cybersecurity is critical, says Michael McNeil, senior vice president and CISO of McKesson Corp., which distributes pharmaceuticals and medical supplies.
The Cyber Risk Institute this week is releasing a new version of its "Cyber Profile" risk assessment framework for the financial services industry that includes expanded information on third-party risk and cloud security. Institute founder, Josh Magri, describes the updates.
Businesses must address third party risk or face the loss of hundreds of millions in third party data breaches. While exchanging information with organizations is the lifeblood of business, once data leaves your hands, it takes its own journey through your third parties and their suppliers, and so on. Your data is...
Attackers have been actively exploiting a flaw in Rackspace's hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams, warns IT security testing consultancy 7 Elements. Rackspace tells customers it plans to fix the problem soon.
In some respects, government agencies enter the cybersecurity arena with one hand
already tied behind their backs. It's accepted: They are under great public scrutiny in terms
of their financial spending. They are challenged to recruit and retain qualified staff. And yet
they are still a favored target of...
Managing third-party risks must start with due diligence activities, and technology can play an important role, says Julian Colborne-Baber, forensic partner at Deloitte in the U.K.
The Office of the Comptroller of the Currency has fined Morgan Stanley $60 million for the investment bank's failure to properly oversee the decommissioning of several data centers, putting customer data at risk of exposure.
As organizations increase their dependency on third-party vendors, it is more critical than ever for firms to understand how they can improve the overall effectiveness of their third-party risk (TPR) management programs.
Recently, RiskRecon and the Cyentia Institute surveyed over 150 organizations to understand the...
To function efficiently, complex third-party ecosystems require digital interconnectivity. Data must flow seamlessly from the requirement for goods or services, through procurement and order placement, to implementation or production. Whether it's a consumer goods manufacturer focused on ensuring product consistency...
The world of third-party risk management is rapidly changing. Each day, organizations like yours face new security, privacy, and compliance threats when working with third parties. The good news is there are world-class teams around the world that are paving the way with new best practices for the next generation of...
The world of third-party risk management is rapidly changing. Each day, organizations like yours face new security, privacy, and compliance threats when working with third parties. The good news is there are world-class teams around the world that are paving the way with new best practices for the next generation of...
A hybrid workforce, heightened insider risk, 5G concerns over the expanded attack surface - these are the "more" that people reference when they talk about "doing more with less" in 2021. A CEO/CISO panel discusses how security leaders prioritize budget allocations for these concerns.
Enterprises globally recognize the challenge of third-party cyber risk, but they still struggle with the risk management. Dave Stapleton of CyberGRX discusses the elements of a mature program, including the role of risk ratings.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.