#third-party-risk

[ follow ]
fromChannelPro
4 days ago

Data at risk: helping your customers close gaps in their supply chain

You can't outsource accountability, but many organizations are doing just that, often without even realizing it. This is especially the case when it comes to data. As businesses rely more heavily on third-party suppliers to store, move, and manage their data, the risk of something going wrong multiplies. Whether that's compliance, the ability to restore lost data, or susceptibility to cyber attack.
EU data protection
fromSecuritymagazine
6 days ago

60% of Security Leaders Say Threat Actors Are Evolving Too Quickly

The report found that 68% of security leaders are concerned about the risks of third-party software tools and components introduced across their tech stacks. Seventy-three percent reported receiving at least one notification of a software supply chain vulnerability or incident in the past year. According to the report, 60% believe attackers are evolving too quickly to maintain a truly resilient security posture and 46% are uneasy about AI-driven features and large language models.
Information security
Privacy professionals
fromSecuritymagazine
1 week ago

Cyber Risks Can Be Legal Risks: How to Protect the Organization

Third-party relationships, AI adoption, and BYOD practices increase cyber risks that can create significant legal liabilities requiring proactive risk management and compliance.
#data-breach
Information security
fromIT Pro
2 weeks ago

Cybersecurity leaders must stop seeing resilience as a "tick box exercise" to achieve meaningful protection, says Gartner expert

Businesses need business-function level BIAs, cross-team collaboration, and full asset and third-party visibility to embed effective cyber resilience.
fromComputerWeekly.com
2 weeks ago

Harrods hackers start contacting customers | Computer Weekly

"We are aware that some e-commerce customers have been directly contacted by someone purporting to have taken some personal data from one of our third-party providers' systems," a Harrods spokesperson told Computer Weekly. "We have notified all relevant authorities, including the National Cyber Security Centre and the Metropolitan Police Cyber Crime unit, and they are actively investigating. "Negotiating with cyber criminals does not result in any guarantees as to what they may do with the information they have accessed," the spokesperson said.
Information security
fromBusiness Matters
2 weeks ago

How Copla Helps UK Firms Navigate DORA Directive Compliance

Cloud platforms, outsourced IT, and digital trading systems power day-to-day operations - but they also introduce serious risks. Cyberattacks, system failures, and supplier disruptions can trigger regulatory breaches, financial losses, and reputational damage. To strengthen the resilience of Europe's financial system, the EU introduced the Digital Operational Resilience Act (DORA), often called the DORA Directive. Although the UK is no longer part of the EU, DORA still applies to many UK firms.
Miscellaneous
#cyberattack
Information security
fromEntrepreneur
4 weeks ago

The Shocking Cost of Vendor Data Breaches | Entrepreneur

Digital supply-chain interdependencies create cascading vendor-related outages and breaches that require companies to manage supplier and third-party data risks proactively.
#data-breaches
fromIT Pro
1 month ago
Privacy technologies

Lack of visibility creates "cascade" of security risk, says Kiteworks

fromIT Pro
1 month ago
Privacy technologies

Lack of visibility creates "cascade" of security risk, says Kiteworks

fromSecuritymagazine
1 month ago

Security Leaders Respond to Workday Cyber Incident

More than 19,300 individuals are employed at Workplace across North America, EMEA and APJ. The client list contains more than 11,000 companies across a range of sectors, including almost two-thirds of the Fortune 500 companies. According to the organization's on the incident, Workday was targeted by a social engineering campaign. The post stated, "In this campaign, threat actors contact employees by text or phone pretending to be from human resources or IT. Their goal is to trick employees into giving up account access or their personal information."
Information security
#cybersecurity
fromSecuritymagazine
2 months ago
Privacy professionals

Security Leaders Discuss Qantas Breach

Qantas experienced a significant cyberattack impacting customer data, with expectations of extensive information theft.
fromSecuritymagazine
4 months ago
Information security

Securing Healthcare: Safeguarding Patient Care and Privacy Through Agile Cyber Strategies

Healthcare organizations are increasingly targeted by cyber attackers due to sensitive data and high operational costs of breaches.
Ransomware attacks have surged, with healthcare suffering a 128% increase in 2023.
Information security
fromSecuritymagazine
4 months ago

Securing Healthcare: Safeguarding Patient Care and Privacy Through Agile Cyber Strategies

Healthcare organizations are increasingly targeted by cyber attackers due to sensitive data and high operational costs of breaches.
Ransomware attacks have surged, with healthcare suffering a 128% increase in 2023.
fromSecuritymagazine
3 months ago

Product Spotlight on Risk Monitoring

CyberStrong is designed for enterprise-level cyber risk management, enabling quick identification and quantification of cyber risks while prioritizing controls using financial metrics.
Information security
Information security
fromSecuritymagazine
4 months ago

More than 40% of Fintech Breaches Linked to Third-Party Vendors

Fintech companies show strong cybersecurity scores but face significant vulnerabilities from third-party risk.
Application security weaknesses are prevalent in the fintech sector, exposing firms to breaches.
fromCSO Online
4 months ago

If you use OneDrive to upload files to ChatGPT or Zoom, don't

Sensitive secrets required for this access are often stored in an insecure manner by default," Schwake said. "This situation presents a key API security challenge for security teams, and with services like ChatGPT heavily depending on APIs to access and handle user data, this poses an even greater risk.
Privacy technologies
[ Load more ]