Third-party vendors are an important source of strategic advantage, cost savings and expertise. Yet outsourcing is not without cybersecurity risk. As organizations' reliance on third-parties grow, so too does their exposure to third-party risk and fourth-party risk. In fact, a recent HSB survey found nearly half of data breaches in 2017 were caused by a third-party vendor or contractor.
The purpose of a vendor management policy is to identify which vendors put your organization at risk and then define controls to minimize third-party and fourth-party risk. It starts with due diligence and assessing whether a third-party vendor should have access to sensitive data.
Internet Protocol (IP) attribution is the attempt to identify a device ID or individual responsible for a cyber attack (e.g. ransomware or other types of malware) based on the origin of a network packet. An IP address is given to a system for a period of time that enables them to exchange data to and from other devices on networks.
Service Organization Control 2 (SOC 2) is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It is designed to ensure service providers and third-party vendors are protecting sensitive data and personal information from unauthorized access.
Defense in depth is a cyber security strategy that uses a series of layered, redundant defensive measures to protect sensitive data, personally identifiable information (PII) and information technology assets. If one security control fails, the next security layer thwarts the potential cyber attack. This multi-layered approach reduces the cyber threat of a particular vulnerability exploit being successful, improving the security of the system as a whole and greatly reducing cybersecurity risk.
Common Vulnerabilities and Exposures (CVE) is a list of publicly disclosed information security vulnerabilities and exposures. CVE was launched in 1999 by the MITRE corporation to identify and categorize vulnerabilities in software and firmware. CVE provides a free dictionary for organizations to improve their cyber security. MITRE is a nonprofit that operates federally funded research and development centers in the United States.
Email spoofing is the creation of emails with a forged sender address. Because core email protocols lack authentication, phishing attacks and spam emails can spoof the email header to mislead the recipient about the sender of the email. The goal of email spoofing is to get recipients to open, respond and engage with the email message. Email spoofing can greatly increase the effectiveness of phishing and other email-based cyber attacks by tricking the recipient into trusting the email and its sender.
Network security is the process of using physical and software security solutions to protect the underlying network infrastructure from unauthorized access, misuse, malfunction, modification, destruction or improper disclosure, creating a secure platform for computers, users and programs to perform their functions in a secure environment.
Malware, or malicious software, is any program or file that harms a computer or its user. Common types of malware include computer viruses, ransomware, worms, trojan horses and spyware. These malicious programs can steal, encrypt or delete sensitive data, alter or hijack key computing functions and to monitor the victim's computer activity.
Digital forensics or digital forensic science is a branch of forensic science focused on the recovery and investigation of material found in digital devices and cybercrimes. Digital forensics was originally used as a synonym for computer forensics but has expanded to cover the investigation of all devices that store digital data. As society increases reliance on computer systems and cloud computing, digital forensics becomes a crucial aspect of law enforcement agencies and businesses.
