Israel-based Yehuda Lindell, a cryptography professor, describes how to use secure multiparty computation technology to protect cryptographic keys and describes other potential security applications.
Testing an incident response plan for use when a vendor has a security incident is an essential component of risk management, says Phil Curran, CISO at Cooper University Health Care.
Why is ramping up vendor risk management such a critical component of compliance with the EU's General Data Protection Regulation? Attorney Steven Teppler provides insights.
Third-party contractors are often overlooked when it comes to cyber risk. The risks they can present include malware, malicious activity, or human error.
Download this brief and learn contract risk mitigation strategies such as:
Contractor security policies;
Network segmentation and entitlement...
The latest version of the NIST Cybersecurity Framework - Version 1.1 - includes more information on supply chain risk management, authentication, authorization, identity proofing and self-assessing cybersecurity risk management, says Matthew Barrett of the National Institute of Standards and Technology.
North Carolina-based Atrium Health is notifying 2.65 million individuals of a data breach involving a cyberattack on databases hosted by a third-party billing vendor. The incident is the largest U.S. health data breach revealed so far in 2018.
An analysis of China's surging hack attacks as part of an economic espionage campaign leads the latest edition of the ISMG Security Report. Also: Choosing the right MSSP, plus an analysis of the recent hijacking of Google traffic.
As of March 1, 2019, the two-year transition comes to an end, and covered entities are required to be in compliance with the New York Department of Financial Services Cybersecurity Regulation Section 500.11, the Third Party Service Provider Security Policy. What are the key requirements of this section, and how might...
Breaches and other cyber incidents involving business associates and other vendors can have a devastating impact. What can healthcare sector entities do to reduce and better manage those risks? Our panel of CISOs and other experts will explore:
The growing risks posed by vendors
Challenges involving cloud vendors...
How can organizations get the most out of partnering with managed security services providers and avoid common pitfalls? Cybersecurity consultant Vito Sardanopoli, an experienced CISO, offers top tips.
As ransomware and other cyberattacks continues to proliferate, organizations must improve vendor risk management so they have a plan in place in case a business associate falls victim, says Mitch Parker, CISO of Indiana University Health System, who will speak at ISMG's Healthcare Security Summit in New York.
An Iowa eye clinic and its affiliated surgery center recently recovered from a ransomware attack on their common systems within one day and without paying a ransom. This case offers important reminders to other healthcare entities and their vendors about advance planning.
Malicious bots and botnets are becoming increasingly common and sophisticated, and enterprises need to address them in their risk assessments and security frameworks, says Akamai's Aseem Ahmed.
Many third-party risk management (TPRM) programs rely on tools and processes that are expensive, non-scalable, and ineffective at reducing risk. Additionally, some TPRM professionals (and the individuals who approve their budgets) are relying on subjective, outdated information to make decisions - and that information...
With growing numbers of data breaches being traced to third parties with lax security controls and processes, organizations need to implement "always-on" vendor risk management programs.
Download this report and learn why:
Third-party data breaches are so common and damaging;
Third-party risk management programs...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.