Boards of Directors constantly need to be educated about and aware of their organizations’ cybersecurity posture. Regulations hold them responsible for decision-making and governance. Meanwhile, increased ransomware attacks pose a financial risk to their shareholders. To enhance the risk analysis, questions like these can provide visibility into the company’s strategy.
Threat intelligence feeds enable organizations to stay informed about indicators of compromise (IoCs) related to various threats that could adversely affect the network. These feeds also help to inform tools like SecurityScorecard’s Security Data by providing a source of information to collect, analyze and share with customers.
Rizal Commercial Banking Corporation (RCBC) begun as a small development bank in the Philippines and has grown to encompass a wide range of financial services and branches in the U.S., Europe, Australia and New Zealand. Like any financial institution, it must comply with a host of regulations and is a prime target for malicious actors.
The healthcare industry has always been an appealing target for cybercriminals. From high-value patient data to a low tolerance for downtime that could disrupt patient care, cybercriminals continue to find ways to take advantage of healthcare cybersecurity practices. In recent years, the healthcare industry has seen a 55% increase in cybersecurity threats, turning attacks on healthcare providers into a $13.2 billion industry and making it a gold mine for cybercriminals.
The escalation of cyberattacks since early 2020 is requiring many companies to strengthen their security operations. Adversaries are taking advantage of new attack vectors – like IoT devices, insecure remote access mechanisms, and the multiple personal and work devices users now move between. They’re also leveraging human vulnerabilities, impersonating trusted colleagues and third parties to infiltrate organizations.
On August 27, 2021, the US House Homeland Security Committee released a draft bill that would update the Homeland Security Act of 2002. This proposed bill seeks to establish a Cyber Incident Review Office and publish an interim rule that would outline procedures for reporting cybersecurity incidents.
Cloud computing has revolutionized the business and technological landscape of the last decade. More organizations are turning to cloud services to better manage massive volumes of both structured and unstructured data on a daily basis. As organizations move more and more information and applications to the cloud, there are growing concerns for data security and regulatory compliance.
News of ransomware attacks disrupting supply chains has increased recently. As threat actors disrupt businesses and critical infrastructure, they may appear to be working harder. However, cybercriminals treat ransomware as a business, enabling an underground industry. Ransomware-as-a-Service (RaaS) is a growing underground industry that continues to place sensitive information at risk.
Vendor tiering is the key to a more resilient and sustainable third-party risk management strategy. But like all cybersecurity controls, it must be supported by the proper framework. To learn how to optimize your Vendor Risk Management program to greater efficiency through best vendor tiering practices, read on.
Security teams are struggling to contend with the expanding third-party attack surface which is fueled by the pernicious cycle of poor vendor risk management.
