Blog

Macy’s Breach November 2019

Macy’s is a popular shopping destination and a breach before christmas shopping is a scare. On October 15 it notified customers of a magecart card-skimming device. The unauthorized code on payment page (checkout & wallet) could have accessed name, address, city, phone, email, payment card… Read More »Macy’s Breach November 2019

(Round Table) Shadow IT Risks And Controls : Managing The Unknown Unknowns In Deep & Dark Web

(Round Table) Shadow IT Risks And Controls : Managing The Unknown Unknowns In Deep & Dark Web

We were happy to participate in a community round table organized by CISO Platform Key Discussion Points :  What is Shadow IT? What are the types of Shadow IT? Practical demo using open source tools Controls to manage shadow IT risk Reason Of Risk : … Read More »(Round Table) Shadow IT Risks And Controls : Managing The Unknown Unknowns In Deep & Dark Web

Report-Critical Capabilities For DRP

Download Report – 9 Critical Capabilities For Digital Risk Protection Program

[Report] 9 Critical Capabilities Needed For Digital Risk Protection Digital Risk Protection ( DRP ) is a term possibly popularized or coined by Forrester to describe the market of tools and technologies to protect from the risks posed by externally facing digital assets. As per… Read More »Download Report – 9 Critical Capabilities For Digital Risk Protection Program

American Medical Collection Agency (AMCA) Data Breach : Why It Happened & What Can You Learn? (24 Million Customers Affected)

24 million customers is approximated to be affected through this third party breach.  The data breach experienced by American Medical Collection Agency (AMCA), a third-party bill-collection vendor for the health institutions, affected 17 health institutions including the United States’ biggest lab testing companies, Quest and… Read More »American Medical Collection Agency (AMCA) Data Breach : Why It Happened & What Can You Learn? (24 Million Customers Affected)

Guide to building a third [arty risk management program

Steps To Build An Enterprise Third-Party Risk Management Program

Vendor or enterprise third party risk related breaches are at an all time high. Several of the high profile breaches like Uber, Amazon, British Airways & more has been caused due to 3rd party. Most of the major security related framework, guidelines, compliance and regulations has made 3rd party risk management a mandatory part of overall security program. Following are the key steps for building an effective third party risk management (vendor risk management) program.