Only one-third of organizations feel their processes for third-party risk management are effective. The root of the issue lies in visibility and ineffective process.
A threat group known as Barium is exploiting trusted software updates and apps to conduct a wave of supply chain attacks, which could affect more than 1 million users around the world.
Organizations that sleep on third-party risk management could unknowingly expose their systems to remote attacks, access risks and more.
When evaluating cloud providers, it's important to understand who is responsible for cloud security. Since the lines are often blurred, encryption is imperative to keep your data from prying eyes.
Security researchers believe a supply chain attack known as "Operation ShadowHammer" may have distributed a backdoor to more than 1 million users.
Organizations looking to invest in enterprise blockchains to unify and secure transactions and data records should do their homework before trusting a vendor with their most sensitive information.
Researchers speculated that poor supply chain security could be to blame for a new malware campaign that targets insecure USB drives to infect Windows machines.
A July 2018 threat report from IBM X-Force Exchange revealed that threat group Magecart exploited unsecured third-party access to steal credit card details from Ticketmaster customers.
When it comes to vendor security, all the handshakes and paperwork that go into a business deal tend to get in the way of proper audits and thorough vulnerability assessments.
To protect their networks from insider threats, security teams need greater visibility into privileged accounts held by both employees and third-party vendors.