You already have some sort of third party security program in place - perhaps you've built a security questionnaire based on internal policies or an industry standard such as ISO or NIST. You may have even "right-sized" your questionnaire specifically for different types of supplier relationships and developed a few...
Your vendors often handle your most sensitive data. This presents new challenges as third-party risk, security, privacy, legal and IT teams struggle to vet and manage the vendors they rely on most. We'll discuss emerging vendor management trends and breakdown how risk exchanges are key to more efficient business...
The cybersecurity outlook for 2020 and the new decade will be characterized by more advanced, targeted and coordinated attack vectors designed to exploit the cybersecurity skills shortage, along with congenitally poor security fundamentals and hygiene.
Third-party vendors accessing your most critical systems and networks can also bring in security incidents along with all those wonderful things they promised in the sales presentation.
How does one make cloud a prominent part of enterprise security strategy? Is the cloud inherently more secure than on-prem? These were among the discussion points of a recent Dallas executive roundtable. Alex Pitigoi of Nominet shares her takeaways from the event.
Your best bet to avoiding the potentially exorbitant costs of a vendor hack is to not have one in the first place. A solid vendor risk management program, backed up by technology, policies, and procedures is the best protection. Good review and audit processes can catch any vendor-related problems before they become...
Software integrations, open APIs, and data sharing between different businesses are a staple of the modern digital organization. Unfortunately, as organizations increase their digital footprint across numerous third-party and fourth-party relationships, their risk of downstream data breaches multiplies. These ripple...
63% of data breaches are caused by third-party, yet most organizations treat their vendors like internal employees when it comes to remote access. Because of this, the average organization spends endless hours and resources investigating incidents and pulling together reports, which only compounds the problem. Data...
Certain types of attacks are straightforward and easy to understand. Email phishing tries to trick users into opening a link or entering their credentials. DDoS attacks flood websites with so much traffic that the real communications can't get through.
Other network attacks are more difficult to understand. The...
Bad actors are constantly looking for ways to hack into organizations. They hunt for vulnerabilities on websites, exposed data servers in the cloud, and systems that are connected directly to the Internet with little or no protection. Organizations need to understand their attack surface - all of the ways that their...
With record breaches, regulatory action and GDPR fines in the news almost weekly now, security needs to be at the forefront of all digital business projects. However, a recent IDG study found that only 42% of CISOs are involved in those projects from the very beginning.
Watch this OnDemand webinar and learn...
Your organization is only as secure as your least secure supplier. You must continuously monitor your suppliers' security posture and have a shared governance model for operationalizing policies to remove blind spots on your suppliers' networks that could expose your organization to business disruption or a...
In today's shifting security and regulatory environment, ongoing third-party monitoring is crucial to compliance success. But how do you keep up with a constantly changing and growing list of vendors?
This session will outline the keys to third-party risk management success through a modern approach to monitoring...
When privileged account management (PAM) software is simple to use it gives you the agility and control you need to achieve your goals. Instead of forcing dependency on external experts or professional services engagements, simple software empowers you and your team to make decisions and customize as you need. Most...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing gdpr.inforisktoday.com, you agree to our use of cookies.
