Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The General Data Protection Regulation (GDPR) is a comprehensive data protection law covering the European Union (EU) and is widely regarded as one of the world’s strictest privacy regulations. The GDPR unifies data regulation within the EU and provides individuals control over their personal data. The GDPR includes information about Data Protection Officers (DPOs).

As organizations and businesses undergo digital transformations, so do criminals and other nefarious actors. In today’s modern era, criminal activity frequently occurs online through digital communication channels, providing avenues for phishing, data loss, and security breaches.

Smart homes, connected cars, and smart watches: these are examples of consumer-focused devices in the Internet of Things (IoT). But the Internet of Things extends beyond consumer use as new technologies are implemented in industrial settings and critical infrastructure. With the continuing development of the Internet of Things come new attack surfaces and cybersecurity risk directly related to the IoT.

A vendor risk assessment is a critical element of performing due diligence, helping you vet potential vendors effectively and efficiently during the procurement process and throughout the vendor lifecycle. A thorough risk assessment should help you identify, mitigate, and manage the risks associated with your vendors to ensure you remain compliant, maintain a strong security posture, and avoid a costly third-party data breach.

The United States Department of Veterans Affairs (VA) is a federal agency that provides comprehensive healthcare services, benefits, and support to military veterans and their families. The VA operates a nationwide system of hospitals, clinics, and benefits offices focused on ensuring the health, welfare, and dignity of those who served in the United States armed forces.

The telecommunications sector provides critical infrastructure for many countries, enabling the exchange of information across various industries. Due to the widespread use of digital information in telecommunications, the sector has become a prime target for cyber threats from hackers, state actors, and cyber criminals. In 2023, telecommunications experienced higher credential stuffing rates than other sections, according to F5.

Despite best efforts to accommodate third-party risk management (TPRM) processes that correspond with increased use of third-party vendors, incident outcomes seem to grow as well. The 2023 global average cost of a data breach was USD $4.45M, a 2.3% year over year increase. In the United States, the average cost of a breach is higher at USD $9.48M.

The rise of remote learning has motivated cybercriminals to advance their assault on the education sector. In 2022, cybercriminals deployed more than 2200 attacks against higher education institutions every week, a 44% increase compared to 2021 (Check Point, 2022). Risk professionals attribute this increase to various factors, including the structure of remote learning environments.