third party compromise
How organizations can maintain a third-party risk management program from day one
In this podcast recorded at RSA Conference 2020, Sean Cronin, CEO of ProcessUnity, talks about the importance of third-party risk management and how companies can get started …
Hackers using hidden mobile apps and unique distribution methods to target consumers
Hackers are using hidden mobile apps, third-party login and counterfeit gaming videos to target consumers, according to McAfee. Worldwide detections of LeifAccess, 2019 Last …
CISOs: Make 2020 the year you focus on third-party cyber risk
While cybersecurity professionals are certainly aware of the growing threat posed by sharing data with third parties, many seem to lack the urgency required to address this …
Do third-party users follow security best practices and policies?
Many organizations across the globe fall short of effectively managing access for third-party users, exposing them to significant vulnerabilities, breaches and other security …
Online skimming: An emerging threat that requires urgent awareness and attention
A growing threat that all merchants and service providers should be aware of is web-based or online skimming. These attacks infect e-commerce websites with malicious code, …
How much risk small businesses really pose to supply chain cybersecurity?
50% of large enterprises view third-party partners of any size as a cybersecurity risk, but only 14% have experienced a breach as the result of a small business partner, while …
US border agency contractor breached, license plate and travelers’ photos stolen
US Customs and Border Protection (CBP) announced that a hacker may have stolen sensitive data collected by the agency from a subcontractor’s network. “On May 31, …
Nearly 12 million Quest Diagnostics patients affected by data breach
Quest Diagnostics, a US-based company that offers medical testing services, has announced that a third-party billing collections company they use has been hit by a data …
The IoT threat landscape is expanding rapidly, yet few companies are addressing third party risk factors
There is a dramatic increase in IoT-related data breaches specifically due to an unsecured IoT device or application since 2017 – from 15 percent to 26 percent – and the …
Supply chain attacks: Mitigation and protection
In software development, a supply chain attack is typically performed by inserting malicious code into a code dependency or third-party service integration. Unlike typical …
Nearly half of firms suffer data breaches at hands of vendors
As trusted partners, third-party vendors often become the overlooked or unwitting accomplice in criminal activities. As privacy laws and cybersecurity regulations continue to …
Third-party cyber risk management is a burden on human and financial resources
Organizations and third parties see their third-party cyber risk management (TPCRM) practices as important but ineffective. There are four major takeaways for key decision …