Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Last month, thousands of computers across the world were infected by a strain of ransomware known as WannaCry. Estimates show that this massive attack impacted over 300,000 computers across banks, hospitals, telecommunications services,...
A few months ago, Anubis BitSight Labs researchers discovered that millions of low-cost Android phones, many of them in the United States, were vulnerable to Man-in-the-Middle attacks. The backdoor could be exploited through unregistered...
Any seasoned vendor risk manager will tell you that determining whether a particular third party’s cybersecurity is up to your standards—and deciding how much risk to assume through your relations with your vendors—is not a simple task....
Over the past couple of weeks, a major issue has surfaced affecting numerous companies that use MongoDB to store their data. Those who install MongoDB on a server and use default settings are exposing their data to the internet and...
On February 12, 2013, President Barack Obama issued Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” which called for collaboration between government and the private sector to create a set of standards for...
There is a parallel universe in the cyber world known as the “Dark Web.” It’s a part of the Internet inaccessible via standard browsers or search engines, and it’s where cyber criminals share botnet kits, trade bitcoins, and recruit other...
Vendor security is becoming a focal point of risk management for many organizations. In many ways, this trend started with the Target breach from 2013, which highlighted the extensive financial and reputational impact of a third party...
