Few Indian businesses are included in the ever-increasing list of major data breaches. But data suggests that this streak of luck could soon be reaching its end. Increasing third-party security risks and a deficiency of security controls addressing them create the perfect conditions for a large-scale global supply chain attack facilitated by breached Indian business.

Managing individual business risks is difficult when silos exist. An enterprise risk management (ERM) framework consolidates risk management strategy across an entire organization, enabling better visibility, measurement, and management of business objectives. With a unified focus on addressing risk, compliance teams can universally improve regulatory compliance, governance, and risk management processes.

Keeping up with ever-changing regulatory requirements for cybersecurity can prove difficult for many organizations, which may unknowingly become non-compliant if they fail to adapt to new laws and regulations. Healthcare organizations and financial services must be even more vigilant with compliance. Both sectors are subject to even stricter requirements due to the large quantities of personally identifiable information (PII) they manage.

Cybersecurity starts with the ability to recognize your cyber risk. We will explore several topics related to taking a practical approach to managing risk and achieving cyber resilience. This is a blog series with collective thoughts from Bindu Sundaresan, Director AT&T Cybersecurity, and Nick Simmons, AVP, Cybersecurity. Cybercrime has become increasingly frequent, complex, and costly, posing a risk to all businesses regardless of size. How do you plan to respond when falling victim to a breach?

2023 might be a really important year for real-time payments (RTP) development in North America. FedNow, a real-time payments service, is on track to go operational in 2023 in the USA, while the Real-Time Rail (RTR) payment system will be fully launched in Canada, also in 2023. Currently, in their test phases, these payment systems will go mainstream next year, making faster payments more accessible to smaller financial institutions and businesses.

Vendor security questionnaires are frustrating, both to the organizations sending them and the vendors receiving them. While these frustrations remain unaddressed, they will only continue to impede the efficiency of vendor risk management programs. Fortunately, suffering through security assessments isn’t an unavoidable by-product of a Vendor Risk Management program. With the correct strategies, you can streamline the entire assessment questionnaire lifecycle. Read on to learn how.

According to a Gartner report, 60 percent of organizations work with more than 1,000 third parties that connect to their internal systems, and nearly 58 percent of organizations believe they have incurred a vendor-related breach. Many third parties require more access to organization data assets and are increasingly working with their own third parties, further multiplying the size and complexity of the third-party network.

Governance, Risk, and Compliance (GRC) is a broad organizational strategy that aims to align an entire organization’s focus on the achievement of business objectives, the management of business risks, and regulatory compliance. A solid foundational framework enables your organization to continue strengthening and refining its GRC strategy over time. It ensures each department’s objectives align with the business as a whole.

The concept of storing sensitive data in the cloud was once seen as ludicrous. Now, businesses are moving into cloud security at an exponential rate with the promise of larger storage space, lower costs, and improved performance. However, with such great benefits come severe risks.

In Spring 2022, Lincoln College announced that it would permanently close on May 13 and noted that a December 2021 ransomware attack had contributed to its closure.

Ask any security professional how to effectively measure risk and many will give a simple answer…

When most people think about the origin of a cyberattack, the image is that of a hacker using some kind of exploit against software or hardware in order to gain unauthorized access to systems. The hacker is seeking data to exfiltrate and monetize, either through re-sale on the darknet or extortion through ransomware.

On August 4, the Institute for Security and Technology’s (IST) Ransomware Task Force (RTF) announced the release of its Blueprint for Ransomware Defense - a clear, actionable framework for ransomware mitigation, response, and recovery aimed at helping organizations navigate the growing frequency of attacks.

Section 889 of the John S. McCain National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2019 prohibits the procurement or use of Huawei, ZTE, Hytera, Hikvision, or Dahua telecommunication and video surveillance products and services by federal agencies, government contractors, and the recipients of any federal grants or loans (this latter category includes many state and local governments).

In 2022, a lot of crime involves a digital element. The digital element can be anything from text messages to complex cyber attacks on organizational networks. If you're prosecuting, a digital forensics expert can help you build a stronger case by gathering and documenting evidence and testifying in court on their findings.

On June 8, an explosion took place at Freeport LNG’s liquefied natural gas (LNG) export facility in Quintana, Texas. The company later explained that the explosion resulted from a rupture in an over-pressurized pipeline, but did not comment as to how the pressure built up enough to cause such a rupture. In the wake of the explosion, Freeport reported that the outage resulting from it would persist until September, after which the facility would only resume partial operations.

The internet of things (IoT) is a system of interconnected computers, devices, digital machines, and objects, all marked with unique identifiers (UIDs) and enabled to transfer and share data over a network. It was first coined by Kevin Ashton in 1999 when he envisioned a future where things communicated with each other, apart from human interaction With the evolution of web-enabled smart homes and smart devices in nearly every corner of life, IoT attack surfaces begin to emerge.