This white paper covers the key TPRM metric your team needs to track its effectiveness over time, the processes for gathering these metrics and tips for building a business case for your program.
Third-party risk management (TPRM) teams often have to justify the cost of their programs to executive leadership,...
Vendors are a fact of the modern workplace, but they can bring serious security risk to your organization. To secure your organization, it is necessary to keep tabs on the risk posed by your suppliers, third parties and vendors. Thorough due diligence can significantly minimize the chance that your organization...
The escalating adoption of generative AI has introduced concerns regarding data privacy, fake data and bias amplification. Ashley Casovan, managing director of the IAPP AI Governance Center, discusses the need to develop governance models and standardize AI systems.
Remote desktop application provider AnyDesk acknowledged that hackers recently had gained unauthorized access to the company's production systems in a cyberattack. The firm said it has revoked all security-related certificates as a precaution and is rolling out a new code-signing certificate.
A Texas-based physical and occupational therapy provider is notifying nearly 4 million patients that they have joined the soaring tally of victims of a data theft incident at a Nevada medical transcription vendor last year. The supply chain hack appears to have affected at least 14 million people.
Federal authorities are warning of attacks on healthcare sector firms that use ConnectWise's remote access tool ScreenConnect. Hackers compromised a locally hosted version of the tool used by a large national pharmacy supply chain and managed services provider in 2023.
Supply chain attacks and zero-day exploits surged in 2023, helping to set yet another record for data breaches tracked by the Identity Theft Resource Center. James E. Lee, COO of the group, explained why the number of compromises grew so dramatically - from 1,801 incidents in 2022 to 3,205 in 2023.
Onboarding, offboarding, ongoing assessments - there are many ways in which Generative AI can augment human oversight of third-party risk management. Ed Thomas of ProcessUnity shares real-world examples of how enterprises are deploying Gen AI to improve TPRM efficiency.
This report delves into the challenges and new strategies in managing third-party cyber risks, revealing how traditional methods fall short in the face of evolving threats. It offers case studies from Fortune 1000 companies across various sectors, demonstrating innovative approaches to enhance cybersecurity in an...
The Department of Defense released a 60-page strategy that aims to modernize the defense industrial ecosystem and focuses on four long-term strategic priorities: improving supply chain resilience, enhancing workforce readiness, streamlining acquisitions and refining economic deterrence measures.
A hacking incident at a New Jersey-based vendor of artificial intelligence-enabled population health management services that involved a network server has affected more than a dozen of its healthcare clients across the country and nearly 4.5 million of their patients.
Sharan Hiremath, senior product manager at JFrog, delved into the escalating challenge of supply chain attacks. With a focus on the surge in open-source vulnerabilities, he outlined key factors contributing to the rise of attacks and offered insights into threat mitigation strategies.
In conjunction with a new report from CyberEd.io, Information Security Media Group asked some of the industry's leading cybersecurity and privacy experts about 10 top trends to watch in 2024. Ransomware, emerging AI technology and nation-state campaigns are among the top threats.
This week, a breach at real estate firm Wealth Network exposed 1.5 billion records, Corewell Health patients were hit by a second breach, data of 1.3M LoanCare mortgage customers was exposed, and Yakult Australia admitted to experiencing a "cybersecurity incident" that exposed 95 gigabytes of data.
Hacks on healthcare sector entities reached record levels in 2023 in terms of data breaches. But the impact of hacks on hospital chains, doctors' offices and other medical providers - or their critical vendors - goes much deeper than the exposure of millions of health records.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.