Risk Management

Get Started with SOC 2 for Vendor Risk Management

May 8, 2023 By Sabrina Pagnotta In BitSight

SOC 2 reports evaluate internal controls to see how well a company identifies, assesses, mitigates, and monitors risks. In the context of third-party risk management (TPRM), a SOC 2 can give you confidence that your critical vendors are following best practices to protect your data. If you’re getting started with SOC 2 for third-party risk management or need an update, this blog has got you covered.

Read Post

BitSight

Read more about Get Started with SOC 2 for Vendor Risk Management

How to Build a Cyber Resilient Framework

May 8, 2023 By Kaitlyn Graham In BitSight

Cyber attacks aren’t just on the rise; they are skyrocketing. Incidents of ransomware alone nearly doubled last year. A new study by CrowdStrike finds that ransomware-related data leaks increased by 82% in 2021. Furthermore, ransom demands now average $6.1 million per incident, a 36% increase from 2020. Clearly, reacting to and remediating security threats when they arise is not going to cut it anymore.

Read Post

BitSight

Read more about How to Build a Cyber Resilient Framework

Don't Manage Third-Party Risk Alone

May 5, 2023 By SecurityScorecard In SecurityScorecard

New research from the Cyentia Institute found that 98% of organizations do business with a third party that has suffered a breach. The report also found that the average firm has 11 third-party relationships and hundreds of indirect fourth- and nth-party relationships. Bottom line: an expanding attack surface makes companies more prone to cyberattacks.

Read Post

SecurityScorecard

Read more about Don't Manage Third-Party Risk Alone

What is Zero Trust? Everything You Need to Know to Secure Vendor Access

May 5, 2023 By Sabrina Pagnotta In BitSight

Zero trust is a cybersecurity approach that restricts network access so only the right people are accessing the specific information they need —and nothing more. Here’s everything you need to know about the basic principles of Zero Trust and how to apply them to your third-party risk management program (TPRM) to create more secure remote access connections.

Read Post

BitSight

Read more about What is Zero Trust? Everything You Need to Know to Secure Vendor Access

Advantages of End-to-End Security

May 5, 2023 By RiskOptics In RiskOptics

End-to-end security is critical for businesses to navigate today’s digital age. The more consumers and businesses communicate, and transfer their information online, the more vital it is to keep that shared data confidential and secure. Leaving your endpoints (and the communication traveling between them) unsecure increases the risk that confidential data may land in the hands of malicious actors.

Read Post

RiskOptics

Read more about Advantages of End-to-End Security

Obrela at Delphi Forum || Panel Discussion

May 4, 2023 By Obrela In Obrela

George S Daglas, Vice President, Chief of Strategy & Customer Success Officer, at Obrela participated on 28 April in the panel discussion on #cybersecurity in Greece powered by the findings of a brand new research by Metron Analysis S.A. at Delphi Forum with the kind support of Vodafone. We had the opportunity to discuss the key concerns about the security of #data and #cybersecuritytrends both in Greece and abroad deriving from our international experience and how to best action next steps for businesses and users.

View Video

Obrela

Read more about Obrela at Delphi Forum || Panel Discussion

Risk Management is a Team Sport with Emilio Escobar

May 4, 2023 By Datadog In Datadog

Datadog's Chief Information Security Officer, Emilio Escobar, discusses how organizations are reducing silos between devops and security teams in order to effectively manage security risks. In order to provide secure defaults, decentralized security, and rapid response to security events with deep context, Datadog embeds security at all different levels and scales its program by utilizing security ambassadors and engineers.

View Video

Datadog

Read more about Risk Management is a Team Sport with Emilio Escobar

Password Security: How To Protect Credentials Across Your Supply Chain

May 4, 2023 By Sabrina Pagnotta In BitSight

Many major stories about cyberattacks or data breaches have one weak link in common: passwords. Oftentimes, the simple alphanumeric password that acts as gatekeeper to our personal phones and email accounts is the same one that protects enterprise businesses’ servers. And passwords are only as strong as we make them. Unfortunately, though, most employees—76 percent of Americans, according to research we conducted in 2022—never change their passwords, or only do so when forced to.

Read Post

BitSight

Read more about Password Security: How To Protect Credentials Across Your Supply Chain

How cybersecurity's "5 Percent Rule" could help you avoid the next cyber attack

May 4, 2023 By Noah Stone In BitSight

It’s not easy being a cybersecurity leader these days. Security vulnerabilities in software, hardware, and devices are rising in number and severity, bringing with them risk of ransomware, breach, and other dangerous cybersecurity incidents. The risks presented by vulnerabilities are rising fast: Here’s the important question: With cyber vulnerabilities rising and presenting increasingly serious risks, are organizations doing enough to fight back? The answer might surprise you.

Read Post

BitSight

Read more about How cybersecurity's "5 Percent Rule" could help you avoid the next cyber attack

Shine a Light on Shadow IT: Vanta Launches Category-First Vendor Risk Management Solution

May 3, 2023 By Vanta In Vanta

Delivering a single platform to assess vendor risk, automate security reviews and remediate issues. Supercharged Access Reviews ensure the right users have access to the right systems. AI-powered Questionnaire Automation increases accuracy and reduces time-intensive tasks.

Read Post