Collaborate Disseminate
In this podcast recorded at RSA Conference 2020, Sean Cronin, CEO of ProcessUnity, talks about the importance of third-party risk management and how companies can get started with a proven process that works. Here’s a transcript of the podcast for your… Continue reading How organizations can maintain a third-party risk management program from day one
Hackers are using hidden mobile apps, third-party login and counterfeit gaming videos to target consumers, according to McAfee. Worldwide detections of LeifAccess, 2019 Last year, hackers targeted consumers with a wide variety of methods, from backdoor… Continue reading Hackers using hidden mobile apps and unique distribution methods to target consumers
While cybersecurity professionals are certainly aware of the growing threat posed by sharing data with third parties, many seem to lack the urgency required to address this challenge. If there is one work-related New Year’s resolution I’d like CISOs to… Continue reading CISOs: Make 2020 the year you focus on third-party cyber risk
Many organizations across the globe fall short of effectively managing access for third-party users, exposing them to significant vulnerabilities, breaches and other security risks, One Identity reveals. Most organizations grant third-party users acces… Continue reading Do third-party users follow security best practices and policies?
A growing threat that all merchants and service providers should be aware of is web-based or online skimming. These attacks infect e-commerce websites with malicious code, known as sniffers or JavaScript (JS) sniffers and are very difficult to detect, … Continue reading Online skimming: An emerging threat that requires urgent awareness and attention
50% of large enterprises view third-party partners of any size as a cybersecurity risk, but only 14% have experienced a breach as the result of a small business partner, while 17% have been breached as the result of working with a larger partner, accor… Continue reading How much risk small businesses really pose to supply chain cybersecurity?
US Customs and Border Protection (CBP) announced that a hacker may have stolen sensitive data collected by the agency from a subcontractor’s network. “On May 31, 2019, CBP learned that a subcontractor, in violation of CBP policies and witho… Continue reading US border agency contractor breached, license plate and travelers’ photos stolen
Quest Diagnostics, a US-based company that offers medical testing services, has announced that a third-party billing collections company they use has been hit by a data breach, affecting 11.9 million of Quest’s customers. The potentially compromi… Continue reading Nearly 12 million Quest Diagnostics patients affected by data breach
There is a dramatic increase in IoT-related data breaches specifically due to an unsecured IoT device or application since 2017 – from 15 percent to 26 percent – and the results might actually be greater because most organizations are not aware of ever… Continue reading The IoT threat landscape is expanding rapidly, yet few companies are addressing third party risk factors
In software development, a supply chain attack is typically performed by inserting malicious code into a code dependency or third-party service integration. Unlike typical cyber attacks, supply chain attacks provide two major advantages to attackers. F… Continue reading Supply chain attacks: Mitigation and protection