Too many organizations around the world take a "bare minimum" approach to third-party risk management, says Jonathan Ehret, founder of the Third Party Risk Association, who offers risk mitigation insights.
Hackers have repeatedly stolen valuable data - including launch codes and flight trajectories for spacecraft - from NASA's Jet Propulsion Laboratory in recent years, according to a new inspector general audit, which describes weak security practices.
Third-party risk has emerged as one of 2019's top security challenges, and the topic was the focus of a recent roundtable dinner in Charlotte. RSA's Patrick Potter attended that dinner and shares insight on how security leaders are approaching this aspect of digital risk management.
An essential component of a vendor risk management program is to understand how an organization's risk posture changes when a new vendor is added - especially if they have subcontractors, says Jagdeep Singh, CISO at InstaRem, a Singapore-based fintech company.
License plate and traveler photos collected at the U.S. border have been compromised after a federal government subcontractor was hacked. While Customs and Border Protection officials claim the image data hasn't been seen online, security experts say it's already available for download via a darknet site.
The complete digital ecosystem of an organization, including third parties and the supply chain, need to fall within the scope of digital risk, says RSA's Ganesh Prasad.
Key vendor risk management steps include determining upfront how much the vendor will interact with various stakeholders and interact with the news media in case of a breach, says Satyavathi Divadari of Cognizant.
How big will the American Medical Collection Agency data breach get? LabCorp has now revealed that data on 7.7 million of the patients it serves was potentially compromised in the breach. Earlier, Quest Diagnostics said nearly 12 million of its clients were affected. Two U.S. senators are demanding answers.
All companies must follow certain guiding principles when it comes to managing thousands of IoT devices, says security specialist Minatee Mishra of Philips HealthTech India.
Despite multiple government agencies being formed to fight cybercrime, efforts need to be made for better coordination between them, said Lt Gen (retd) Rajesh Pant, the newly appointed national cybersecurity coordinator, PM Office, Government of India.
Many organizations are launching ambitious digital initiatives. But they must identify, assess and mitigate the risks that emerge. And developing a comprehensive strategy is a major task as organizations face multiple dimensions of risk when it comes to digital expansion.
This session explores the approaches,...
After the Trump administration last week blacklisted Huawei amid rising trade tensions, Google says it has canceled the Chinese smartphone giant's Android license. Many chipmakers and other technology firms have also said they will cease or at least pause the sharing of software, hardware and services.
Managing risks are part of a robust information security program. Our organizations have come to depend on a complex network of third-party relationships. Reliance on third-parties can drive performance, but also pose significant risks. Many organizations are still struggling to effectively manage their third-party...
The latest edition of the ISMG Security Report describes a discussion among "Five Eyes" intelligence agencies at the recent CyberUK conference. Plus, an update on a Huawei 'backdoor' allegation and new research on managing third-party risk.
Vodafone is disputing a Bloomberg report that security vulnerabilities and backdoors within Huawei networking equipment could have allowed unauthorized access to its fixed-line carrier network in Italy. The report comes as Huawei continues to face concerns over its engineering practices and government ties.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.
