What's new in UpGuard // Cyber Vendor Risk Management Product Releases
Check out the latest product releases from UpGuard!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
UpGuard
What's new in UpGuard // Cyber Vendor Risk Management Product Releases
Check out the latest product releases from UpGuard!
How to Meet the Third-party Risk Requirements of NIST CSF
The National Institute of Standards and Technology (NIST) has issued special publications focused on improving Third-Party Risk Management (TPRM) and Supply Chain Risk Management (SCRM). The NIST Cyber Security Framework (NIST CSF) special publication has become a popular option for its unique applicability to all industries with critical infrastructures. NIST CSF isn’t a light read.
How to Meet Third-party Risk Requirements of NIST 800-161
The National Institute of Standards and Technology (NIST) has produced several publications addressing the different components of information technology security within the NIST 800 computer security series. Compliance across this entire NIST 800 series is expected for all internal and external service providers of government entities - such as the DoD federal agencies.
The Biggest Security Risks in Your Supply Chain in 2022
The SolarWinds supply chain attack highlighted how vulnerable supply chains are to cyberattacks. Supply chain risk mitigation has since become an essential component of risk management strategies and information security programs. To support the success of this effort, we’ve listed the top 4 supply chain security risks you need to be aware of in 2022.
How to Meet Third-party Risk Requirements in NIST 800-53
The National Institute of Standards and Technology (NIST) has responded to the increased prevalence of third-party risks by specifying industry standards for securing the supply chain attack surface - the attack surface most vulnerable to third-party risks.
How to Create a Business Continuity Plan
To remain competitive in today's market, businesses in all industries must maintain strict production regulations to decrease downtime and critical errors that could negatively impact their reputations. Organizations can't afford to wait until an event occurs to devise a problem-solving strategy. Your business provides critical products or services to its customers. Any interruption in that service could mean that your customers will seek ways to meet their needs elsewhere.
SEC's Proposed Disclosure Amendments: Are You Impacted?
On March 9, 2022, the Securities and Exchange Commission (SEC) announced proposed rules and amendments to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting. These proposed amendments impact all public companies subject to the reporting requirements of the Security Exchange Act of 1934. To summarize this proposal and learn how to successfully prepare for them, read on.
Australia and the Risk of a Russian Cyber Attack: Are You Ready?
Given Russia's reputation for highly-sophisticated cyberattacks, the country's invasion of Ukraine has sparked justified fears of an imminent global cyberwar. While, for the time being, Putin’s cyber efforts against Ukraine are surprisingly restrained, this may not be the case for other countries.
Meeting ISO 27001 Third-Party Risk Requirements
ISO 27001 compliance provides greater assurance that an organization is adequately managing its cybersecurity practices, such as protecting personal data and other types of sensitive data. Third-party risk management (TPRM) programs can benefit immensely from implementing the relevant ISO 270001 controls to mitigate the risk of significant security incidents and data breaches.