Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

UpGuard

What is Third-Party Risk?

Third-party risk is any risk brought on to an organization by external parties in its ecosystem or supply chain . Such parties may include vendors, suppliers, partners, contractors, or service providers, who have access to internal company or customer data, systems, processes, or other privileged information. While an organization may have strong cybersecurity measures in place and a solid remediation plan, outside parties, such as third-party vendors , may not uphold the same standards.

What is the NYDFS Cybersecurity Regulation? (23 NYCRR 500)

The NYDFS Cybersecurity Regulation (23 NYCRR 500) is a set of regulations from the New York State Department of Financial Services (NYDFS) that places cybersecurity requirements on all Covered Entities (financial institutions and financial services companies). It includes 23 sections outlining requirements for developing and implementing an effective cybersecurity program, requiring Covered Entities to assess their cybersecurity risk and develop a plan to proactively address them.

What is SIEM?

​​In an age of big data and connected devices, security information and event management (SIEM) is one of the key priorities for businesses of all sizes. At a time when data is everywhere, and cyber threats are growing, security information and event management is more important than ever. This is where information management meets security as companies seek to manage their incident response, compliance requirements, security, and analytics.

What is the Digital Supply Chain?

The supply chain for any product has several moving parts. Each activity in the supply chain plays a role in the flow that begins with sourcing a product's raw materials and ends with delivering the finished goods to a customer. As with many other areas of modern business, digital technologies are redefining supply chains. With more technology comes increased cyber risks. This article explains digital supply chains along with their benefits and cybersecurity risks.

A Pie Chart of the Biggest Data Breaches [Revised for 2021]

Below is a pie chart representing the percentage contribution of each data breach victim to the 57 largest data breaches of all time. CAM4 covers the majority of the pie, accounting for almost 50% of all compromised records. If the CAM4 breach is disregarded, the impacts of the other breaches can be better appreciated. The pie chart below represents this updated distribution. Now, it becomes clearer that LinkedIn accounts for the majority of compromised social media records.

What is Doxing? How to protect yourself from internet humiliation.

Doxing is the act of publishing private or identifying information about an individual or organization on the internet. Doxing is short for Dropping Dox (documents), and it only has negative connotations. The intention of doxers is to harass victims by revealing information that's either incriminating, defamatory or just immensely embarrassing. Doxing is sometimes spelled as Doxxing.

What is PGP encryption? How it works and why it's still reliable.

PGP encryption (Pretty Good Encryption) is a data encryption program used to authenticate and provide cryptographic privacy for data transfers. PGP encryption is used to secure all forms of data and digital transmissions. It's capable of encrypting and decrypting: PGP is a quick-to-implement and cost-effective encryption method.

What is HTTPS?

HTTPS (Hypertext Transfer Protocol Secure) is a secured version of HTTP (Hypertext Transfer Protocol). HTTP is a protocol used to transfer data across the Web via a client-server (web browser-web server) model. HTTPS encrypts all data that passes between the browser and server using an encryption protocol called Transport Layer Security (TLS), preceded by Secure Sockets Layer (SSL).