As COVID-19 spread in the spring of 2020, organizations around the world have scrambled to enable a remote workforce, acting in "firefighting" mode and laser-focused on business continuity. But as the new normal settles in, digital transformation is rising as a critical - if altered - priority, and security teams need...
Federal government agencies face unique cybersecurity risks, and as a result they often place tight restrictions on mobile devices in the workplace. But perhaps it's time to loosen these restrictions because they are negatively impacting missions, recruitment and retention.
There are consequences of cutting back or...
It's crucial for companies to assess and monitor the security of their vendors, suppliers and business partners.
Companies must carefully check their vendors' cyber posture, and the initial vetting of any third party typically begins with a comprehensive security questionnaire. But these can be a headache, because...
Organizations can no longer simply hire vendors without proof of a strong cyber posture, and a comprehensive questionnaire can demonstrate that vendors' internal security policies are up to par.
Yet not all questionnaires are the same. The benefits of automated questionnaires can vary, depending on the...
The process of onboarding vendors has become complicated because of concerns about cybersecurity. To prevent data breaches caused by a third party vendor, security professionals demand that vendors demonstrate and maintain a strong cyber posture.
Effectively checking vendors' cyber posture can be extremely...
Cryptomining malware has exploded on the threat landscape, becoming one of the most common malware attacks and posing a significant risk to your IT assets.
In this whitepaper learn everything you need to know about cryptomining including:
What it does
How it gets in
How to recognize and prevent it
Back when the world was introduced to WannaCry, a potent strain of ransomware code that infected and paralyzed 230,000 computers across 150 countries.
In what would become a troubling theme, WannaCry, and subsequent strains of ransomware, could have been prevented from becoming a public nuisance had proper...
Enterprises globally recognize the challenge of third-party cyber risk, but they still struggle with the risk management. Dave Stapleton of CyberGRX discusses the elements of a mature program, including the role of risk ratings.
The new California Consumer Privacy Act (CCPA), which entered into force on January 1, 2020, gives individuals the right to learn about the personal data collected and shared about them over the past 12 months, and requires companies to not only provide timely responses to Data Subject Requests (DSRs), but to also...
You know you need a third-party cyber risk management (TPCRM) solution. Learn how to assess your current program maturity, key considerations for selecting technology, and how to make your case to the c-suite.
Download this guide to better understand the options for TPCRM, whether you are looking to advance your...
Increased business reliance on vendors and third parties means attack surfaces are growing. With greater attack surfaces comes greater risk, and thus the need for an effective third-party cyber risk management program.
Download this guide to learn how to get buy-in from key stakeholders, common roadblocks, and more.
As a technology company interacting with sensitive healthcare data, ClearDATA understands the importance working with trustworthy and compliant third-parties that hold with their customers' information. With critical data housed across three major public cloud providers, ClearDATA needed a centralized software...
You already have some sort of third party security program in place - perhaps you've built a security questionnaire based on internal policies or an industry standard such as ISO or NIST. You may have even "right-sized" your questionnaire specifically for different types of supplier relationships and developed a few...
Your vendors often handle your most sensitive data. This presents new challenges as third-party risk, security, privacy, legal and IT teams struggle to vet and manage the vendors they rely on most. We'll discuss emerging vendor management trends and breakdown how risk exchanges are key to more efficient business...
Security teams are dealing with more vulnerabilities than they can handle. Spreading these limited resources too thin can quickly lead to inefficiency and burnout. Don't waste precious time re-mediating vulnerabilities that pose little to no risk.
With risk-based vulnerability management, you'll know exactly which...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.
