third party compromise
File upload security best practices rarely implemented to protect web applications
Despite a marked increase in concerns around malware attacks and third-party risk, only 8% of organizations with web applications for file uploads have fully implemented the …
Reliance on third party workers making companies more vulnerable to cyberattacks
A survey from SecZetta revealed 83% of respondents agree that because organizations increasingly rely on contractors, freelancers, and other third party workers, their data …
How do I select a third-party risk management solution for my business?
COVID-19 has increased organizational focus on third-party risk management (TPRM) for 83% of companies, a recent study reveals. Yet, only 40% of organizations report expanding …
Mitigating third-party risks with effective cyber risk management
Third-party engagement has steadily become an essential part of business operations for many organizations, enlisted for all kinds of products and services across nearly all …
Commercial third party code creating security blind spots
Despite the fact that third party code in IoT projects has grown 17% in the past five years, only 56% of OEMs have formal policies for testing security, a VDC Research …
Bitcoin Security Rectifier app aims to make Bitcoin more secure
A computer science engineer at Michigan State University has a word of advice for the millions of bitcoin owners who use smartphone apps to manage their cryptocurrency: …
IT security teams challenges fueled by record-setting cyberattacks
IT security teams faced unprecedented challenges last year fueled by dramatically expanded work-from-home (WFH) programs, increased bring-your-own-device (BYOD) policy …
IT security teams deal with unique challenges fueled by a remote workforce
IT security teams faced unprecedented challenges last year fueled by dramatically expanded work-from-home (WFH) programs, increased BYOD policy adoptions, and rising internal …
Cybersecurity only the tip of the iceberg for third-party risk management
Most companies are missing key risks at more than one stage of the vendor risk lifecycle, yet few are expanding their TPRM programs to address these risks, according to …
4 things you can do to minimize cyberattacks on supply and value chains
Supply chain attacks target the weakest spot in most every enterprise’s security program: third-party access. The SolarWinds hack was a classic supply chain attack, …
SolarWinds breach severity perception increasing over time
(ISC)² has published the results of an online survey of 303 cybersecurity professionals from around the globe in which respondents compared their perception of the severity of …
Third-party risk management programs still largely a checkbox exercise
Enterprise third-party risk management (TPRM) programs have been around for a half-decade or longer, and at this point most large organizations run one. However, many of these …