%term

AI-powered assessments: A new era in TPRM

Mar 7, 2025 By UpGuard In UpGuard

UpGuard's Vendor Risk is a third-party risk management tool that delivers instant vendor insights, 360-degree assessments, and time-saving workflows—all in a centralized platform. Conduct vendor assessments at scale with an AI-powered security profile that scans vendor evidence to uncover control gaps and risks in minutes. Streamline risk management with actionable insights that help you prioritize, remediate, and track risks with precision. Generate AI-powered, point-in-time risk assessments in under 60 seconds to scale your program efficiently.

View Video

UpGuard

Read more about AI-powered assessments: A new era in TPRM

The Top 7 Cybersecurity Frameworks

Mar 6, 2025 By Eric Cisternelli In BitSight

In today’s ever evolving threat landscape, protecting an organization's digital assets is no longer optional—it's a critical business imperative. Security ratings can provide a snapshot of your organization's cyber health, but to demonstrate a robust, long-term commitment to cybersecurity, it’s essential to align with recognized industry and regulatory best practices. This is where cybersecurity frameworks come into play.

Read Post

BitSight

Read more about The Top 7 Cybersecurity Frameworks

Vendor Responsiveness Solved: Soothing Your Third-Party Aches

Mar 6, 2025 By Nicholas Sollitto In UpGuard

Inefficiencies, like slow vendor responses, often plague security teams like a persistent headache. At first, it’s just a dull throb in the background. Yes, it’s annoying, but analysts often accept it as the way things are, pushing through the pain and getting the job done. However, over time, this headache intensifies.

Read Post

UpGuard

Read more about Vendor Responsiveness Solved: Soothing Your Third-Party Aches

What is a hash value and hash function in cyber security?

Mar 6, 2025 By Obrela In Obrela

Strong cybersecurity relies on robust mechanisms to safeguard sensitive information. One of the foundational tools in this landscape is the hash function, a mathematical process that plays a crucial role in securing data, verifying integrity and preventing cyber threats. Understanding how hash values function within security protocols is essential for organizations striving to protect their systems against evolving cyber risks.

Read Post

Obrela

Read more about What is a hash value and hash function in cyber security?

Detect cross-account access risks in AWS with Datadog

Mar 5, 2025 By Mallory Mooney In Datadog

Managing access across multiple AWS accounts is a popular approach to isolating workloads and data. While it provides several benefits to organizing the various operational requirements for the environment, it introduces additional complexity for managing IAM policies and workload permissions. A primary concern is assigning too many permissions to any one source, which increases the risk of an attacker moving within the environment undetected.

Read Post

Datadog

Read more about Detect cross-account access risks in AWS with Datadog

Why Vendor Risk Management Can't Be a One-Time Task

Mar 5, 2025 By Leah Sadoian In UpGuard

Organizations across nearly every industry have become reliant on third-party relationships to accomplish their business operations. You’d be hard-pressed to find an organization that doesn’t partner with at least one third-party vendor. However, this growing reliance on vendors has also created an evolving threat landscape—vendors are now prime targets for cyberattacks.

Read Post

UpGuard

Read more about Why Vendor Risk Management Can't Be a One-Time Task

From Reactive to Resilient: A New Mindset for Supply Chain Cybersecurity

Mar 5, 2025 By SecurityScorecard In SecurityScorecard

Supply chain security is no longer just an IT issue, it’s a critical business concern. As recent high-profile breaches like the MOVEit vulnerability have shown, a single vulnerability in a vendor’s system can have a cascading effect, disrupting operations and damaging reputations across the entire supply chain. This shift in the threat landscape demands a new approach to cybersecurity that prioritizes collaboration, resilience, and a proactive defense strategy.

Read Post

SecurityScorecard

Read more about From Reactive to Resilient: A New Mindset for Supply Chain Cybersecurity

Trouble Brewing: Dissecting a fake homebrew update that stole user data

Mar 5, 2025 By Oliver Simonnet In CultureAI

A few weeks ago, a malware campaign that leveraged Google Ads to promote a fake Homebrew website caught my attention. It tricked users into running an installer command that downloaded and executed a malicious binary resulting in an info stealer being introduced to the user’s machine.

Read Post

CultureAI

Read more about Trouble Brewing: Dissecting a fake homebrew update that stole user data

Is Enterprise Risk Posture Better or Worse Today?

Mar 4, 2025 By Corey Tomlinson In Nucleus

Measuring enterprise risk posture—its overall security readiness and resilience—is a complex challenge. Advanced security solutions, such as automated vulnerability management tools and unified risk dashboards, enable organizations to defend their networks with unprecedented efficiency. The rapid expansion of cloud environments and the intricacies of modern IT infrastructures, however, present an increasingly dynamic attack surface.

Read Post

Nucleus

Read more about Is Enterprise Risk Posture Better or Worse Today?

Prioritizing Critical Third-Party Assets to Protect Your Extended Attack Surface

Mar 4, 2025 By Amanda Ravanesi In BitSight

The enterprise attack surface now extends well beyond the network firewall. As a result, Third Party Risk Management Teams are increasingly becoming an extension of Security Operations Centers, responding in times of crisis to questions of who, what, and more urgently, how and when. The line between ‘their exposure’ and ‘our risk’ is almost non-existent. But bridging the gap between data and platforms can be challenging.

Read Post