A post-data breach questionnaire is essential for evaluating the impact of a third-party breach on your organization. This due diligence also ensures complaints with expanding data breach protection standards sweeping across government regulations. This post outlines a template to inspire the design of your security questionnaire for vendors that have suffered a data breach or similar security incident. Learn how UpGuard streamlines Vendor Risk Management >

Welcome to our comprehensive guide on ‘Conducting an ISO 27001 Risk Assessment’. This blog is designed to equip you with effective strategies for a successful risk assessment, incorporating the principles of ISO 31000 risk management. Risk assessment is a vital component of a robust information security framework and is in alignment with ISO 31000.

Working with third-party service providers is part of doing business. Even before the digital revolution, entrepreneurs enlisted logistics and shipping providers, payment processing services, and other outsourced companies to help them streamline operations and reduce costs. ‍ Today's marketplace is no different, although the available third parties have evolved to fit organizations' growing digital needs.

Whether you're expanding use cases, adding new vendors, or scaling the scope of your offerings, you need to keep apprised of potential security risks impacting your organization. UpGuard has added the SIG Lite questionnaire to our Questionnaire Library, making SIG available to help UpGuard customers evaluate third-party risks and potential vulnerabilities in your vendors' security policies.

Cybercrime is on the rise. By 2025, the cost of cybercrime around the world is estimated to escalate to $10.5 trillion, based on a year-over-year increase of 15%. This number represents the potential for the largest transfer of economic wealth in history and exceeds even the total global profits from the illegal drug trade.

Riscosity has joined forces with SecurityScorecard! This new partnership enables SecurityScorecard and Riscosity users to scale their business using only trusted vendors and ensuring that the right data is going to the right place. Together we’re helping compliance and security teams scale their programs, and significantly reduce their applications' attack surface.

Cooperation is the key to success, so working with third parties helps your organization increase efficiency, offer better products and services, employ highly qualified experts, and cut costs. But all these benefits come at the price of additional cybersecurity risks. Minor flaws in your third-party vendor’s security and privacy routines may lead to a breach in your organization’s cybersecurity.

The traditional enterprise risk model is a thing of the past. Cybersecurity risk cascades into almost every part of an organization, triggering legal fallout, technology risk, compliance issues, and more. Bottom line, third-party cyber risk is a material business risk. A recent report found that 80% of organizations experienced at least one data breach caused by a third party last year.

SecurityScorecard is proud to announce that it has achieved the Ready Designation under the Federal Risk and Authorization Management Program (FedRAMP). This designation demonstrates SecurityScorecard’s commitment to the rigorous security standards required by the U.S. government for cloud service providers, and it will enable the company to meet growing demand from U.S. federal agencies for its Third-Party Cyber Risk Management Platform. U.S.