Anyone involved in the cyber protection of businesses knows that worrying about future trends must be balanced against tackling what is already here. When the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and other global agencies jointly published a list of the most commonly exploited vulnerabilities last year, the striking feature was how old these…
LEARN MOREPrivacy is celebrated globally each year on January 28th to commemorate the signing of the first legally binding international treaty dealing with privacy and data protection. This year, companies across the globe are participating in a full week-long initiative to drive a campaign for Data Privacy Week that respects privacy, safeguards data, and enables trust. Data…
LEARN MOREJanuary 24 – 28 is Data Privacy Week providing a focal point to the importance of respecting privacy, safeguarding data and enabling trust between data subjects and those who store, process and use their data. In support of Data Protection Week the web site www.staysafeonline.org provides a suite of useful tools that aim to create a…
LEARN MOREIn this third annual report, the Black Kite Research team examined the impact of third-party breaches that occurred in 2021. The focus remains on understanding emerging vulnerabilities seized by cybercriminals, as well as target industries falling victim to breaches, stemming from a lack of due diligence. Black Kite Research analyzed 81 individual third-party incidents, which…
LEARN MOREThe Shared Assessments Program has further endorsed DVV Solutions’ credentials as a leader in Third-Party Risk Management with it latest “Guided by SCA 2022” certification. Shared Assessments SCA Guidelines are intended for use by organisations and third party risk practitioners to ensure consistency related to the execution and reporting of results from third party risk…
LEARN MOREOnline shopping has quickly become one of the most popular online activities. While the pandemic sparked a significant uptick in global e-commerce activity, annual retail sales are expected to continue on a steady growth trajectory. The shift to e-commerce inherently poses its own set of cybersecurity risks–many of which pertain to investments retailers have made to satisfy…
LEARN MORELate last week, Apache released yet another update to mitigate the Log4j vulnerability and further flaws discovered as the incident has progressed. The newest update is version 2.17.0, which works to patch a denial of service, or DOS, vulnerability, known as CVE-2021-45105. It is important to update to 2.17.0 immediately, and continue to update with each future release of…
LEARN MOREAs an industry, government, and technology partners work to identify the key elements required to make blockchain mainstream (sovereign identity agreements, improved safety, and related regulations, interoperability and functionality, open and transparent commercial availability), the time to focus on risk in relation to DLT is now, even if it is not on your immediate horizon….
LEARN MOREAligning Internal Cybersecurity Practices with Third-Party Risk Management With the recent increase in cyber attacks and new regulations on cybersecurity, you may be wondering how your organisation can bolster its cybersecurity efforts. As the threat landscape grows, so does your organisation’s need to develop a robust, cross-functional cybersecurity program. But where should you start? To…
LEARN MOREEverywhere you look, people seem to be talking about it. No, we don’t mean Squid Game, we mean the supply chain. In the U.S. consumers (and many businesses) were long accustomed to taking the supply chain for granted. It seemed to work flawlessly in the background, ensuring items we want and need got onto shelves…
LEARN MORE