Vendor Due Diligence Checklist: 5 Steps to Selecting a Third-Party

Third-party vendors can open the doors to growth and competitiveness, but they can also introduce operational, cyber, or financial risks. Whether you’re starting out or an established business, the process of selecting and onboarding a new vendor is a critical juncture that requires careful due diligence. But what information should you collect from your vendors, and how can you verify that it’s accurate?

Transforming AEC's Digital Future with Autodesk and Egnyte's Solutions

The AEC industry has come a long way from traditional paper-based processes. With advancements in technology over the past three decades, there’s been a remarkable transformation towards a digital future. It began with Computer-aided Design (CAD), then Building Information Modeling (BIM), and eventually capabilities such as modeling, visualization, simulation, analysis, automation, generative design, and even AI.

How Well Do You Know Your Attack Surface? Five Tips to Reduce the Risk of Exposure

In an increasingly connected digital landscape, the security of your organization’s data and publicly facing assets is more critical than ever. According to the CrowdStrike 2023 Threat Hunting Report, more than 20% of all interactive intrusions are associated with the exploitation of public-facing applications. As an organization’s attack surface expands and cyberthreats proliferate, it is imperative IT and security teams take a proactive approach to safeguarding their digital footprint.

Cyber Attack on Merck | Cyber Insurance

This case concerns a cyber attack on the pharmaceutical company, Merck, which, while not part of the national infrastructure, plays a crucial role in the healthcare ecosystem. The argument arises about whether they should be considered as critical as hospitals, as they supply medications and treatments, essentially acting as wizards in the healthcare industry.

CVE-2023-38545: High Severity cURL Vulnerability Detection

On October 11 a new version of curl (8.4.0) was released, where a couple of new vulnerabilities were fixed (CVE-2023-38545 with severity HIGH and CVE-2023-38546 with severity LOW). These issues were previously announced in the project’s discussion. At the time of this blog, there have been several proof of concepts released for CVE-2023-38545 which result in crashes, but not exploitation.

Patient Privacy: Preventing Data Leakage in Healthcare

The healthcare industry has rapidly embraced digital technologies to enhance patient care, streamline operations, and improve communication. However, this digital transformation brings with it a significant challenge: protecting patient data. One often overlooked risk comes from tracking pixels, which can lead to (accidental) data leakage and privacy breaches.

Business Email Compromise Attempts Skyrocket in the Last Year

Threat actors launched 156,000 business email compromise (BEC) attempts per day between April 2022 and April 2023, according to Microsoft’s latest Digital Defense Report. While most of these attempts go unanswered, criminals can receive massive payouts when they succeed.