third party compromise
Sealed U.S. court records possibly accessed by SolarWinds attackers
The Administrative Office (AO) of the U.S. Courts has revealed on Wednesday that it is investigating whether sealed U.S. court records had been accessed by the SolarWinds …
As holiday mobile commerce breaks records, retail apps display security red flags
Driven by the pandemic, many consumers rely on mobile apps to buy everything from daily essentials to holiday gifts. However, according to a recent analysis, there are some …
Third-party online assets a growing security risk for retailers
83% of the top U.S. retailers have connections to a vulnerable third-party asset, and 43% have vulnerabilities that pose an immediate cybersecurity risk, Cyberpion reveals. In …
How to reduce the risk of third-party SaaS apps
Third-party SaaS apps (and extensions) can significantly extend the functionality and capabilities of an organization’s public cloud environment, but they can also …
The current state of third-party risk management
Third-party risk management (TPRM) professionals increasingly do not trust that security questionnaires provide sufficient information to properly understand and act on their …
Challenges organizations face in combating third-party cyber risk
A CyberGRX report reveals trends and challenges organizations of all sizes face in combating third-party cyber risk today. Each insight was gleaned from proprietary assessment …
Enterprise IT security teams continue to struggle
CyberEdge conducted a web-based survey of 600 enterprise IT security professionals from seven countries and 19 industries in August 2020 in an effort to understand how the …
Large vendor ecosystems and low visibility increase third-party cyber risk
80% of organizations experienced a cybersecurity breach that originated from vulnerabilities in their vendor ecosystem in the past 12 months, and the average organization had …
Organizations with poor privacy practices 80% more likely to suffer data breach
There’s a predictive relationship between responsible privacy practices and security outcomes, according to Osano. Companies with inadequate data privacy practices are …
Debunking myths related to client-side security and Magecart attacks
The client-side landscape has been overrun by third-party script attacks executed by malicious attackers utilizing formjacking or other methods made famous by the Magecart …
Third-party compliance risk could become a bigger problem
Since the onset of COVID-19, more than half of legal and compliance leaders believe that cybersecurity and data breach is the most-increased third-party risk their …
Third-party risk is broken, businesses unprepared for supply chain disruptions
Many companies are not dedicating proper resources to assess third-party risks, and those that are still lack confidence in their programs, according to Prevalent. Supply …