Third-party risk is any risk brought on to an organization by external parties in its ecosystem or supply chain . Such parties may include vendors, suppliers, partners, contractors, or service providers, who have access to internal company or customer data, systems, processes, or other privileged information. While an organization may have strong cybersecurity measures in place and a solid remediation plan, outside parties, such as third-party vendors , may not uphold the same standards.

The NYDFS Cybersecurity Regulation (23 NYCRR 500) is a set of regulations from the New York State Department of Financial Services (NYDFS) that places cybersecurity requirements on all Covered Entities (financial institutions and financial services companies). It includes 23 sections outlining requirements for developing and implementing an effective cybersecurity program, requiring Covered Entities to assess their cybersecurity risk and develop a plan to proactively address them.

​​In an age of big data and connected devices, security information and event management (SIEM) is one of the key priorities for businesses of all sizes. At a time when data is everywhere, and cyber threats are growing, security information and event management is more important than ever. This is where information management meets security as companies seek to manage their incident response, compliance requirements, security, and analytics.

The supply chain for any product has several moving parts. Each activity in the supply chain plays a role in the flow that begins with sourcing a product's raw materials and ends with delivering the finished goods to a customer. As with many other areas of modern business, digital technologies are redefining supply chains. With more technology comes increased cyber risks. This article explains digital supply chains along with their benefits and cybersecurity risks.

Below is a pie chart representing the percentage contribution of each data breach victim to the 57 largest data breaches of all time. CAM4 covers the majority of the pie, accounting for almost 50% of all compromised records. If the CAM4 breach is disregarded, the impacts of the other breaches can be better appreciated. The pie chart below represents this updated distribution. Now, it becomes clearer that LinkedIn accounts for the majority of compromised social media records.

If you’re looking for a free network discovery tool, you’ve probably heard of Nmap. Nmap, short for Network Mapper, is a multi-purpose tool commonly used for penetration testing to give you a granular view of your network’s security. Its capabilities extend to collecting information and enumeration and detect vulnerabilities and security loopholes.

Doxing is the act of publishing private or identifying information about an individual or organization on the internet. Doxing is short for Dropping Dox (documents), and it only has negative connotations. The intention of doxers is to harass victims by revealing information that's either incriminating, defamatory or just immensely embarrassing. Doxing is sometimes spelled as Doxxing.

PGP encryption (Pretty Good Encryption) is a data encryption program used to authenticate and provide cryptographic privacy for data transfers. PGP encryption is used to secure all forms of data and digital transmissions. It's capable of encrypting and decrypting: PGP is a quick-to-implement and cost-effective encryption method.

HTTPS (Hypertext Transfer Protocol Secure) is a secured version of HTTP (Hypertext Transfer Protocol). HTTP is a protocol used to transfer data across the Web via a client-server (web browser-web server) model. HTTPS encrypts all data that passes between the browser and server using an encryption protocol called Transport Layer Security (TLS), preceded by Secure Sockets Layer (SSL).

The recent flurry of supply chain attacks has left a trail of carnage spanning across the globe Because supply chain attacks compromise a higher number of victims with less effort, cybercriminals are unlikely to forgo this efficient attack method without a fight.