Collaborate Disseminate
Despite the fact that third party code in IoT projects has grown 17% in the past five years, only 56% of OEMs have formal policies for testing security, a VDC Research reveals. Meanwhile, when asked to rank the importance of security to current project… Continue reading Commercial third party code creating security blind spots
A computer science engineer at Michigan State University has a word of advice for the millions of bitcoin owners who use smartphone apps to manage their cryptocurrency: don’t. Or at least, be careful. Researchers are developing a mobile app to ac… Continue reading Bitcoin Security Rectifier app aims to make Bitcoin more secure
IT security teams faced unprecedented challenges last year fueled by dramatically expanded work-from-home (WFH) programs, increased bring-your-own-device (BYOD) policy adoptions, and rising internal and third-party risks stemming from the COVID-19 pand… Continue reading IT security teams challenges fueled by record-setting cyberattacks
IT security teams faced unprecedented challenges last year fueled by dramatically expanded work-from-home (WFH) programs, increased BYOD policy adoptions, and rising internal and third-party risks stemming from the COVID-19 pandemic, CyberEdge Group re… Continue reading IT security teams deal with unique challenges fueled by a remote workforce
Most companies are missing key risks at more than one stage of the vendor risk lifecycle, yet few are expanding their TPRM programs to address these risks, according to Prevalent. Increased focus on third-party risk due to COVID-19 COVID-19 was the big… Continue reading Cybersecurity only the tip of the iceberg for third-party risk management
Supply chain attacks target the weakest spot in most every enterprise’s security program: third-party access. The SolarWinds hack was a classic supply chain attack, compromising downstream organizations in order to traverse the victim’s extended enterp… Continue reading 4 things you can do to minimize cyberattacks on supply and value chains
(ISC)² has published the results of an online survey of 303 cybersecurity professionals from around the globe in which respondents compared their perception of the severity of the SolarWinds Orion software breach between when it was first reported and … Continue reading SolarWinds breach severity perception increasing over time
Enterprise third-party risk management (TPRM) programs have been around for a half-decade or longer, and at this point most large organizations run one. However, many of these TPRM programs only provide a thin veneer of cybersecurity assurance. Recent … Continue reading Third-party risk management programs still largely a checkbox exercise
The Administrative Office (AO) of the U.S. Courts has revealed on Wednesday that it is investigating whether sealed U.S. court records had been accessed by the SolarWinds attackers. In related news, SolarWinds has hired former CISA director Chris Krebs… Continue reading Sealed U.S. court records possibly accessed by SolarWinds attackers
Driven by the pandemic, many consumers rely on mobile apps to buy everything from daily essentials to holiday gifts. However, according to a recent analysis, there are some alarming security concerns among some of the top 50 Android retail mobile apps…. Continue reading As holiday mobile commerce breaks records, retail apps display security red flags