Cyber supply chain risk management (C-SCRM) is the process of identifying, assessing, and mitigating cybersecurity risks associated with an organization’s supply chain. Supply chains comprise multiple attack vectors, ranging from procurement tools to suppliers, developers, and third-party services. The complexity of this attack surface warrants a risk management strategy focused on supply chain risks as an extension to an existing third-party risk management program.

The Common UNIX Printing System (CUPS) is a widely used printing system on Unix-like operating systems, but recent vulnerabilities have exposed significant risks. The most critical is CVE-2024-47176, which affects the cups-browsed service by binding to the IP address INADDR_ANY:631. This configuration flaw causes it to trust all incoming packets, leading to potential remote code execution when interacting with malicious printers. This vulnerability is part of a chain of exploits, including.

If you’re on the frontlines of your organization’s cybersecurity department, you’ve likely found yourself burdened by security questionnaires. Whether you’re in charge of evaluating vendor responses or completing questionnaires yourself, it’s no secret these requests can be time-consuming for everyone involved. Well, what if this didn’t have to be the case?

Third-party monitoring is a critical aspect of Third-Party Risk Management as it keeps security teams informed of the organization's evolving third-party risk exposure. To learn the importance of third-party monitoring and why it should be emphasized in your TPRM program, read on.