An inspector general's memo that highlights three significant information security deficiencies that have plagued the U.S. Department of Labor for the past five years points out problems that most federal agencies confront.
Relationships with vendors are vital for many organizations, but the more data you share, the more risk you acquire. And mitigating this risk requires a degree of visibility into vendor systems that most organizations are hard-pressed to achieve.
Download this guide to explore:
Five of the most impactful...
There is no denying that the attack methods for stealing your organization's data are continuing to expand with third party vendors - which is the most invisible risk in your partner and supplier ecosystem.
Regulators in many industries, including financial services and healthcare, are tightening their grip on...
Mumbai-based Meru Cabs, which offers online and mobile-app cab bookings, has been inadvertently exposing customer data to the Internet. How did the exposure occur, and what is Meru doing to address the flaw?
New NIST guidance is aimed at helping organizations to better understand the risks associated with the information and communications technology supply chain, says Jon Boyens, a NIST senior adviser.
Target is the high-profile example, but many organizations have been breached through third-party vulnerabilities. Where are the security gaps, and how can they be filled? BitSight's Stephen Boyer offers insight.
As cyber attacks via third parties become more commonplace, IT decision makers have focused much of their energy on the cyber security of their vendors. It can be a challenge to manage so many different partnerships. Due to the desire for more data-driven decisions, those IT professionals are looking for an automated...
Retailers cannot avoid innovation. Yet, cybercriminals thrive when retailers innovate. What, then, can retailers do to stop cybercriminals from breaching their defenses? Here are three key questions to answer.
The point-of-sale vendor behind the Jimmy John's breach has stepped forward, saying that, along with the 216 impacted Jimmy John's eateries, an additional 108 different restaurants have been compromised.
The Office of Personnel Management's decision to stop using U.S. Investigations Services for certain security clearance services, which came a month after a breach of company computers, could be as much a reflection on OPM as it is on USIS.
Federal authorities say the successful prosecution of a member of an international cybercrime ring proves progress is being made in shuttering ATM cash-out schemes. But some experts say processors and prepaid cards will continue to be targeted by attackers.
With many organizations pushing outsourcing to its limits, regulators and standards bodies (e.g., MAS, OCC, BaFin, FCA, FedRAMP, BITS, NERC, NEI, ISO, PCI Security Council, AICPA, and Cloud Security Alliance) are increasingly putting an emphasis on having a strong and effective supplier risk management framework....
To help prevent data breaches involving business associates, healthcare organizations need to develop vendor management programs with razor-sharp requirements, says risk management expert Rocco Grillo.
Manufacturers of a wide variety of devices that link to the Internet can improve security by turning to processes IT has used for nearly a generation, says Tony Sager of the Council on Cybersecurity.
Mobility has driven the rise of containerization as a security strategy for employee-owned devices. But what about for contractors? Kimber Spradlin of Moka 5 discusses how to mitigate third-party risks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
