Software integrations, open APIs, and data sharing between different businesses are a staple of the modern digital organization. Unfortunately, as organizations increase their digital footprint across numerous third-party and fourth-party relationships, their risk of downstream data breaches multiplies. These ripple...
Certain types of attacks are straightforward and easy to understand. Email phishing tries to trick users into opening a link or entering their credentials. DDoS attacks flood websites with so much traffic that the real communications can't get through.
Other network attacks are more difficult to understand. The...
Bad actors are constantly looking for ways to hack into organizations. They hunt for vulnerabilities on websites, exposed data servers in the cloud, and systems that are connected directly to the Internet with little or no protection. Organizations need to understand their attack surface - all of the ways that their...
With record breaches, regulatory action and GDPR fines in the news almost weekly now, security needs to be at the forefront of all digital business projects. However, a recent IDG study found that only 42% of CISOs are involved in those projects from the very beginning.
Watch this OnDemand webinar and learn...
Your organization is only as secure as your least secure supplier. You must continuously monitor your suppliers' security posture and have a shared governance model for operationalizing policies to remove blind spots on your suppliers' networks that could expose your organization to business disruption or a...
Digital transformation continues to reshape the modern enterprise. Savvy organizations that understand and drive forward digital innovation ultimately win the within an organization. However, securing the technologies that enable digital transformation becomes its own challenge.
This panel brings together three...
Not that long ago, many infosec leaders were asking, "What is zero trust and why should I care?" Today, it's more often, "How do I get my business owners to properly support and resource our transition to a zero trust architecture/posture?"
Media production, marketing and delivery is a complex journey that...
For financial institutions, every new customer heralds an opportunity - but if the organization doesn't know enough about that customer there may be risks as well. Using know your client (KYC) and customer due diligence (CDD) checks as an initial first line of defense in reducing the risk of money laundering and...
When it comes to supply chain risk, many organizations overlook how dependent they are on those critical relationships, says Matt Kraning of Expanse. As a result, they are minimizing serious security vulnerabilities. Kraning offers insights on rethinking that dynamic.
Really good third-party cybersecurity risk management is essential to enterprise success. Done well it enables an organization to realize at the speed of business the benefits of outsourced systems and services. Done poorly it results in the business missing out on strategically important opportunities or, even worse,...
Multi-sourcing gives an organization access to the innovations offered by different best-of-breed providers, or the value of 'as-a-service' solutions, within a tightly connected and integrated IT model.
However, organizations must understand that their IT service providers can introduce risks into their carefully...
The old demarcation lines of cybersecurity responsibility have been erased. In this new landscape, risk surface is the unforeseen undercurrent of high velocity digital business.
"Risk Surface Management" is a revolutionary shift in third-party risk management. It's an approach to self-reporting on third-party risk...
One important outcome of digital transformation is an explosion of interconnectivity between organizations and the wide availability of third-party capabilities.
But this transformation is not completely without cost. Third parties (and even fourth parties) can become dependencies for critical business functions....
"How secure is your supply chain?" It's a question that can strike terror into the heart of a CISO - even one who's in charge of a mature security organization.
Download this guide on assessing third-party risk and learn how to:
Be realistic about who chooses who you do business with;
Create a questionnaire and...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing securityintelligence.inforisktoday.com, you agree to our use of cookies.
