Why You Should Tier Your Vendors
Security teams are struggling to contend with the expanding third-party attack surface which is fueled by the pernicious cycle of poor vendor risk management.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Microsoft Power Apps Data Leak // Webinar
Learn about the Microsoft PowerApps data leaks that affected over 47 businesses across the globe. In our latest published research, UpGuard analysts discuss a systemic problem with the Microsoft PowerApps product that led to 38 million records becoming exposed through data leaks. The types of data included personal information used for COVID-19 contact tracing, COVID-19 vaccination appointments, social security numbers for job applicants, employee IDs, and millions of names and email addresses.
What is the Digital Operational Resilience Act (DORA)?
The Digital Operations Resilience Act (DORA) is the European Union’s attempt to streamline the third-party risk management process across financial institutions. A draft of DORA was published by the European Commission on 24 September 2020. Without this act, there isn't an objective Information and Communication Technology (ICT) risk management standard in Europe.
5 Step Guide: How to Perform a Cyber Risk Analysis in 2021
No organization is impervious to cyberattacks. But what separates resilient businesses from data breach victims is superior risk management. Resilience is achieved through the meticulous calculation of all potential risks and the application of necessary control measures to mitigate them. In this post, we present a 4-step framework for a reliable risk management plan.
Security Posture of the ASX 200 // Webinar
Are Australian businesses prepared for cyberattacks? We assess the security posture of the ASX 200. In our latest research, we assessed the scale of cyber risk in Australia by examining the ASX 200, the index of the top 200 public companies in Australia by market capitalization. Join Greg Pollock, VP Cyber Research, and Josh Kiff, VP Sales, as we explore the eye-opening findings.
What is SAML? Definition + How it Works
SAML (Security Assertion Markup Language) is an open standard that enables users to access numerous web applications or web services using the same login credentials through identity federation. SAML relies upon two parties - an identity provider (IDP) and a service provider (SP). The IDP provides authentication information about the user to the SP. The SP uses this information to provide authorization to the user.
What's new in UpGuard // August 2021 // Cyber Security Product Releases
Check out the latest releases from UpGuard!
What is Vendor Tiering? Boost Your Vendor Risk Management
Vendor tiering is a method of classifying vendors based on the level of security risk they introduce to an organization. The level of security criticality decreases with each subsequent level. The number of tiering levels depends on personal preference. The basic vendor tiering structure consists of three levels - Tier 1, Tier 2, Tier 3, where Tier 1 represents high-risk vendors. Each vendor could be assigned to a tier manually, or the process could be based on a security questionnaire scoring system.
What is a Botnet? You Might Be Infected Right Now
A botnet is a network of malware-infected devices used to launch coordinated attacks either against a single target, like during a DDoS attack, or multiple targets like during email phishing attacks. All infected machines in a botnet are remotely controlled by a single cyber attacker that could be located anywhere in the world.
Announcement Summary: UpGuard Summit August 2021
UpGuard Summit is UpGuard’s quarterly virtual event where we discuss the future of cybersecurity with security leaders across the globe. During the latest UpGuard Summit, on August 18, 2021, some exciting announcements were made about new and upcoming features. The details are summarized below.