The market for IT vendor risk management tools includes products and services that automate processes in the vendor risk management life cycle.
CyberGRX has received the highest score for the second year in a row from Gartner for their VRM Solution with rich assessment data.
Don't just take our word for it, read...
As the healthcare sector prepares for the distribution of COVID-19 vaccines, intensifying the attention to supply chain cybersecurity is critical, says Michael McNeil, senior vice president and CISO of McKesson Corp., which distributes pharmaceuticals and medical supplies.
The Cyber Risk Institute this week is releasing a new version of its "Cyber Profile" risk assessment framework for the financial services industry that includes expanded information on third-party risk and cloud security. Institute founder, Josh Magri, describes the updates.
Businesses must address third party risk or face the loss of hundreds of millions in third party data breaches. While exchanging information with organizations is the lifeblood of business, once data leaves your hands, it takes its own journey through your third parties and their suppliers, and so on. Your data is...
Attackers have been actively exploiting a flaw in Rackspace's hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams, warns IT security testing consultancy 7 Elements. Rackspace tells customers it plans to fix the problem soon.
Newly updated Food and Drug Administration guidelines will help experts to more accurately score and communicate the criticality of security vulnerabilities identified in medical devices, says Elad Luz, head of security research at CyberMDX.
In some respects, government agencies enter the cybersecurity arena with one hand
already tied behind their backs. It's accepted: They are under great public scrutiny in terms
of their financial spending. They are challenged to recruit and retain qualified staff. And yet
they are still a favored target of...
As the use of telehealth continues to surge during the COVID-19 crisis, healthcare entities and their vendors must take critical steps to keep patient data private and secure, says attorney Janine Anthony Bowen.
Many healthcare organizations are failing to address shortcomings in security risk management for their supply chains, says former healthcare CIO David Finn, describing findings of a recent study assessing the state of cybersecurity in the sector.
The Office of the Comptroller of the Currency has fined Morgan Stanley $60 million for the investment bank's failure to properly oversee the decommissioning of several data centers, putting customer data at risk of exposure.
As organizations increase their dependency on third-party vendors, it is more critical than ever for firms to understand how they can improve the overall effectiveness of their third-party risk (TPR) management programs.
Recently, RiskRecon and the Cyentia Institute surveyed over 150 organizations to understand the...
Using intrusive technologies to check staff behavior in an effort to fight against supply chain fraud is ineffective, says Richard Dailly, managing director in Hong Kong at the security firm Kroll, who explains why.
To function efficiently, complex third-party ecosystems require digital interconnectivity. Data must flow seamlessly from the requirement for goods or services, through procurement and order placement, to implementation or production. Whether it's a consumer goods manufacturer focused on ensuring product consistency...
The world of third-party risk management is rapidly changing. Each day, organizations like yours face new security, privacy, and compliance threats when working with third parties. The good news is there are world-class teams around the world that are paving the way with new best practices for the next generation of...