Third Party Risk

Find below interesting blogs on third party risk management

Security Breach Report June 2020

Monthly Breach Report June 2020

This report summarizes the top breaches between mid May to June 2020 accounting for the major breaches the world has seen. This helps you in keeping track of the latest hacks and safeguarding your organization by looking at the trends. We share insights to the breach 1.“Bank Of America (BofA) Data Breach” Bank Of America… Read More »Monthly Breach Report June 2020

(Recording) 5 Shocking Results From The Hidden Internet

Shocking Results From Hidden Internet – Exposed Database,Leaked Passwords, Code Leaks & more

In recent past there have been some major breaches and some key reasons responsible for the breach were Shadow IT, Leaked Credentials, 3rd Party/Vendor Risks. Major breaches like American Express, Uber, Dropbox, Dunkin Donuts, British Airways & many more. This research was in line with this to continuosly monitor the web (surface,deep,dark) to understand the leaked credentials,… Read More »Shocking Results From Hidden Internet – Exposed Database,Leaked Passwords, Code Leaks & more

Free 3rd Party Information Security Assessment Guideline

This free document is on Free 3rd Party Information Security Assessment Guideline (Courtesy Cybersecurity Malaysia). Cybersecurity Malaysia has made this great document with authors Nor’azuwa Muhamad Pahri and Noor Aida Idris Third Party Information Assessment Guideline Includes –  Pre-Assessment Roles & Responsibilities for Organisations Develop Assessment Requirements Plan and Allocate Resources Evaluate 3rd Party Assessor… Read More »Free 3rd Party Information Security Assessment Guideline

Third Party Risk

How Missing Continuous Monitoring Makes Third-Party Risk Management Programs Ineffective

Many organizations have hundreds of vendors and the Third-Party risk exposure is one of the biggest threats. Most of the organizations depend upon partners, vendors, suppliers, contractors and other third-parties for day-to-day operations. Each of them presents some potential risk to the organization. Third-Party Risk Management programs helps in assessing the cybersecurity of vendors/3rd parties that… Read More »How Missing Continuous Monitoring Makes Third-Party Risk Management Programs Ineffective

Managing Shadow IT

6 Must-Know Facts About Shadow IT

Shadow IT refers to IT applications and infrastructure that are managed and utilized without the knowledge of the enterprise’s IT department. Shadow IT risks exists in most organizations but most IT leaders and CISOs underestimate about its reach. In this blog, we will uncover the important facts that every business leader should understand about Shadow… Read More »6 Must-Know Facts About Shadow IT

Third Party Risk

Third-Parties: Risks & Threats Associated With Them

Third-Party risks are more as the Third-Party breaches continue to dominate and these breaches are expensive to organizations. Third-parties are those companies that you directly work with such as data management companies, law firms, e-mail providers, web hosting companies, subsidiaries, vendors, sub-contractors. Third-Parties are  basically any organization, whose employees or systems have access to your… Read More »Third-Parties: Risks & Threats Associated With Them

ways ro prevent & identify sub-domain takeover vulnerability

2 Ways to Identify & Prevent Subdomain Takeover Vulnerability

Subdomain Takeover is a type of vulnerability which appears when a DNS entry (subdomain) of an organization points to an External Service (ex. Heroku, Github, Bitbucket, Desk, Squarespace, Shopify, etc) but the service is no longer utilized. In this article, we have identified top 2 ways to identify and prevent subdomain takeover risk. Subdomain Takeover (Simple Definition):… Read More »2 Ways to Identify & Prevent Subdomain Takeover Vulnerability

Shadow IT Risks

Shadow IT Risks – 4 Ways To Reduce Them

Shadow IT refers to IT applications and infrastructure that are managed and utilized without the knowledge of the enterprise’s IT department. Shadow IT risks exists in most organizations but most IT leaders and CISOs underestimate about its reach. Problems: Shadow IT will open up to many security risks of business such as enterprise security risks, data privacy… Read More »Shadow IT Risks – 4 Ways To Reduce Them

Understanding Key Attack Surface Dimensions

Understanding Key Attack Surface Dimensions

We will discuss a few key areas in the vast attack surface today. With increasing technology advancement and its intervention into the enterprise world makes the scope of cyber defense enormously large. It reminds me of depth-first and breadth-first search algorithms to cover scopes in varied situations. The security landscape is so widely expanding, the change… Read More »Understanding Key Attack Surface Dimensions