Third-Party Vendors - Security Intelligence

Team of professionals discussing third-party risk management in the enterprise

article

The Cybersecurity Industry’s Third-Party Risk Management Problem Is Rooted in Visibility

Only one-third of organizations feel their processes for third-party risk management are effective. The root of the issue lies in visibility and ineffective process.

May 22, 2019 | By Jasmine Henry

article

Woman working on a laptop: supply chain attacks

news

Barium Group Using Backdoors in Trusted Software to Wage Supply Chain Attacks

A threat group known as Barium is exploiting trusted software updates and apps to conduct a wave of supply chain attacks, which could affect more than 1 million users around the world.

May 8, 2019 | By Shane Schick

news

Security team engaging in third-party risk management activities.

article

How to Make Third-Party Risk Management Second Nature

Organizations that sleep on third-party risk management could unknowingly expose their systems to remote attacks, access risks and more.

May 7, 2019 | By Kevin Beaver

article

IT professionals reviewing their cloud security posture

article

Why Encryption Is the Cornerstone of Your Cloud Security

When evaluating cloud providers, it's important to understand who is responsible for cloud security. Since the lines are often blurred, encryption is imperative to keep your data from prying eyes.

April 8, 2019 | By Michael Melore

article

Security professional reacting to a supply chain attack

news

Operation ShadowHammer Supply Chain Attack May Have Distributed Backdoor to 1 Million-Plus Users

Security researchers believe a supply chain attack known as "Operation ShadowHammer" may have distributed a backdoor to more than 1 million users.

March 26, 2019 | By David Bisson

news

A silver chain collapsed into a large pile: enterprise blockchains

article

Why You Should Do Your Homework Before Investing in Enterprise Blockchains

Organizations looking to invest in enterprise blockchains to unify and secure transactions and data records should do their homework before trusting a vendor with their most sensitive information.

August 7, 2018 | By Brett Valentine

article

A person inserting a USB device into a laptop: supply chain security

news

Tick Group Malware Campaign Highlights Need for Stronger Supply Chain Security

Researchers speculated that poor supply chain security could be to blame for a new malware campaign that targets insecure USB drives to infect Windows machines.

July 23, 2018 | By David Bisson

news

A woman submitting credit card information to a website: third-party access

news

Unsecured Third-Party Access Puts Personal Data at Risk

A July 2018 threat report from IBM X-Force Exchange revealed that threat group Magecart exploited unsecured third-party access to steal credit card details from Ticketmaster customers.

July 20, 2018 | By Shane Schick

news

A businesswoman writing in a notebook while using a laptop: vendor security

article

Why It’s Time to Cross Out the Checklist Approach to Vendor Security

When it comes to vendor security, all the handshakes and paperwork that go into a business deal tend to get in the way of proper audits and thorough vulnerability assessments.

July 12, 2018 | By Kevin Beaver

article

A person logging into a smartphone: insider threats

article

Why Privileged Account Management Is Key to Preventing Insider Threats

To protect their networks from insider threats, security teams need greater visibility into privileged accounts held by both employees and third-party vendors.

June 20, 2018 | By Sue Poremba

article

Many of Baltimore’s City Services Still Offline Two Weeks After Ransomware Attack

Hundreds of Thousands of Users Targeted Daily With Would-Be WannaCry Imitators

Phishing Campaign Delivers Multi-Feature, Open-Source Babylon RAT

More Than 100 US Businesses Affected by Ryuk Ransomware Since August 2018, Finds FBI

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

GozNym Closure Comes in the Shape of a Europol and DOJ Arrest Operation

The Decline of Hacktivism: Attacks Drop 95 Percent Since 2015

Published Exploits for Accessing SAP Systems Put Security Teams on Alert

Penetration Testing Versus Red Teaming: Clearing the Confusion

Podcast: Lessons from a Gray Beard: Transitioning From the Military to Cybersecurity

Podcast: Foundations for a Winning Operational Technology (OT) Security Strategy

Podcast: ‘You Can Never Have Too Much Encryption’

Podcast: Automating Cyber Resilience Best Practices With Dr. Larry Ponemon

Webinar: Guardium Tech Talk: An Integrated Approach to Data Risk Management

Webinar: The Debrief: Using Tools and Methods From the Intelligence Community to Stop Threats to Your Organization

Webinar: Operational Technology Security in the Age of Digital Transformation

Webinar: Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on the Cyber Resilient Organization

Tag: Third-Party Vendors

The Cybersecurity Industry’s Third-Party Risk Management Problem Is Rooted in Visibility

Barium Group Using Backdoors in Trusted Software to Wage Supply Chain Attacks

How to Make Third-Party Risk Management Second Nature

Why Encryption Is the Cornerstone of Your Cloud Security

Operation ShadowHammer Supply Chain Attack May Have Distributed Backdoor to 1 Million-Plus Users

Why You Should Do Your Homework Before Investing in Enterprise Blockchains

Tick Group Malware Campaign Highlights Need for Stronger Supply Chain Security

Unsecured Third-Party Access Puts Personal Data at Risk

Why It’s Time to Cross Out the Checklist Approach to Vendor Security

Why Privileged Account Management Is Key to Preventing Insider Threats