Did you know that 69% of businesses are still relying on manual processes to manage vendor risk? With ever-expanding third-party networks, it's time to take your program to the next level.
In order to manage hundreds of vendors as effectively as you manage ten, automation is the key to continuously detect, monitor...
BlueVoyant has strengthened its ability to monitor the remediation of supply chain issues and integrate that with questionnaire activity, CEO Jim Rosenthal says. Existing supply chain tools tend to generate lots of risk information but then put the burden on the client to interact with suppliers.
Shields Health Care Group, a Massachusetts-based medical imaging services provider, is facing two class action lawsuits filed this week - a consolidated federal case and a similar, separate case filed in state court - both in the wake of the same 2022 data breach affecting 2 million individuals.
To help U.S. healthcare sector organizations better tackle some of the top challenges involving vendor risk management, a coalition of CISOs has launched the Health3PT Council. Members John Houston of UMPC and Omar Khawaja, former CISO of Highmark Health, describe the effort.
Third-party risk is becoming increasingly expansive as organizations rely on a burgeoning network of external vendors to operate. Read about some of the regulations emerging to combat this issue, how organizations ranked third-party risk concerns in the International Data Corporation (IDC)’s Future of Trust Survey,...
From the cyberwar in Ukraine to ongoing ransomware threats and emerging global data regulations, 2022 has been a taxing year for CISOs. And they can expect more of the same in 2023, says Rodman Ramezanian of Skyhigh Security. He offers predictions and advice for the new year.
Ride-hailing app maker Uber says a data breach at a third party is responsible for the appearance on a hacking forum of internal data. The data is unrelated to the September incident Uber experienced after a hacker affiliated with Lapsus$ penetrated the company network, an Uber spokesperson says.
Cyber risk quantification (CRQ) is the measure of an organization’s cyber risk expressed in monetary terms, like dollars. CRQ has many benefits, but few security professionals understand how to implement it.
Join Paul Kelly, former head of risk at HSBC, and Chris Griffith, chief product officer at Balbix, as they...
A server misconfiguration at Kentucky-based CorrectCare Integrated Health Inc., a firm that provides medical claims processing for correctional facilities, has exposed sensitive information of nearly 600,000 inmates who received medical care during the last decade while incarcerated.
Sonatype’s eighth annual State of the Software Supply Chain Report blends a broad set of public and proprietary data and analysis, including dependency update patterns for more than 131 billion Maven Central downloads and thousands of open source projects, survey results from 662 engineering professionals, and the...
A hacking incident at a New York-based administrative management services firm has so far resulted in 20 anesthesiology practices reporting to federal and state regulators breaches affecting a total of about 430,000 individuals.
It has never been more vital to secure your supply chain, with governments also recognizing the urgency by increasingly calling for Software Bills of Materials (SBOMs) and the implementation of effective third-party security risk management (TPRSM) to stem the surge in ransomware and other cyberattacks.
It’s not...
Federal regulators are urging healthcare sector entities to identify all instances of OpenSSL in their infrastructures and to test and deploy a patch issued to fix certain severe vulnerabilities in the software as soon as possible.
As budgets tighten in anticipation of economic hardships, cybersecurity threats only continue to grow. Bill Bernard, CISSP of Deepwatch, advises security leaders to consider how senior management and the board view cybersecurity and then adjust how you prioritize people, technology and managed services.
In this...
A PSA is the central hub for any MSP or ITSP - it must integrate with all of the critical applications that an MSP needs to run their business, providing full visibility into customers, internal operations, and profitability.
The PSA solution should be purpose-built for MSPs and have a user experience that is...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.