Working with third parties introduces new business risks, making it crucial to design a third-party risk management (TPRM) program that enables privacy compliance. What steps can you take to build a TPRM program that aligns with your privacy goals?
Download this checklist for help with:
Understanding what to...
When vendors or contractors don't deliver, the impact can be devastating and long-lasting without a proper third-party risk management program in place. See the path to managing third-party risk effectively with a checklist that outlines the six steps for a sound TPRM program.
Download this whitepaper to learn how...
Third parties present risks that can have significant negative impacts on your organization, including data breaches, reputational damage, regulatory violations, and financial losses. Assessing and monitoring these risks is complex, time consuming, and resource intensive, often leaving you with significant gaps in...
It's been nearly 18 months since ChatGPT paved the way for rapid generative AI adoption, but enterprises are just beginning to implement basic cybersecurity strategies and use blocking controls, DLP tools and live coaching to mitigate gen AI risks, according to security firm Netskope.
A judge Thursday dismissed most of the claims federal regulators made against SolarWinds related to allegedly misleading investors about the company's cybersecurity practices and risks. The SEC can proceed only with claims related to the security statement issued by SolarWinds before the 2020 hack.
Healthcare groups should consider several key points about a recent Texas federal court ruling and its impact on the use of online tracker technology on the healthcare websites of HIPAA-regulated organizations, said privacy attorney Iliana Peters of the law firm Polsinelli.
What will it take for victims of ransomware, extortion and other types of cybercrime to stop directly funding their attackers? The latest breached business to pay a ransom to its attackers appears to be AT&T, which reportedly paid Shiny Hunters over $350,000 for a promise to delete stolen data.
Hacks and vendor incidents continue to dominate major health data breach trends in 2024, but a handful of large incidents involving "unauthorized access or disclosure" also top the list of major health data breaches reported to federal regulators so far this year. How are trends shifting?
CISOs Shefali Mookencherry and Kenneth Townsend examine the implications of AI for copyright infringement and consent. They discuss the need for clear governance and responsible use of data and the evolving landscape of AI privacy issues in both the healthcare and non-healthcare sectors.
The U.S. Cybersecurity and Infrastructure Security Agency provided details on Monday about a framework it's currently developing to measure and evaluate the trustworthiness of open-source software security, including funding a new open-source tool to make the framework scalable and implementable.
Accenture's Daniel Kendzior and Palo Alto Networks' Rich Campagna discuss the need to implement robust AI security measures. They highlight the importance of controlling third-party AI access, safeguarding AI infrastructure and evolving cybersecurity strategies to counter AI-driven attacks.
HealthEquity, which administers healthcare benefits plans for employers, has notified the U.S. Securities and Exchange Commission of a data exfiltration breach involving the compromised credentials of a third-party vendor. The incident did not disrupt IT systems or processes.
Erik Decker, CISO, Intermountain Health, and Erik Hart, CISO, Cushman & Wakefield, discuss how proactive risk management strategies safeguard business continuity, enhance resilience and help mitigate cyberthreats effectively.
The U.S. Department of Health and Human Services has hit a Pennsylvania-based healthcare system with a $950,000 settlement for potential HIPAA violations found during an investigation into a 2017 ransomware attack involving NotPetya. It's HHS' third enforcement action in a ransomware case.
Two weeks ago, Change Healthcare began notifying thousands of medical practices about a massive data breach affecting millions of patients. The healthcare software firm says it will handle breach notifications, but industry groups want to ensure the government will go along with that plan.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.