Phishing emails and what helps protect from spear phishing

What helps protect from spear phishing emails scam

What is spear phishing? Spear phishing is defined as the fraudulent practice of sending emails ostensibly from a known or trusted sender to induce targeted individuals to reveal confidential information.  As the name would suggest, spear phishing is a type of phishing attack targeted at a small group or individual. Whereas phishing attacks are broad and apply to many people, … Read More

How to define sensitive data and the means of protecting it 

Define sensitive data and how to protect it

What is sensitive data, how do you define it and how to protect it A report revealed that in 2021, sensitive data was the most common target in data breaches. For example, 65% of all sensitive data incidents involve social security numbers (SSN), and 41% of incidents to personal health information because they are valuable targets.   Moreover, most data breaches occur … Read More

Top 3 Ransomware Examples and what can we learn from them

Top 3 Ransomware Examples and what can we learn from them

Ransomware attacks have become a significant threat to businesses worldwide. As organisations adopt remote working models to accommodate WFH, they expose networks to ransomware, creating devastating losses that undermine their reputations.  In fact, the past year has seen ransomware attacks take down massive corporations with sophisticated networks. We will explore some ransomware examples and explain what to do to prevent such … Read More

Understanding the cyber risks of the LDAP protocol

Understanding the cyber risks of the LDAP protocol

The Lightweight Directory Access Protocol (LDAP protocol) is an open, vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network.  LDAP is a client-based lightweight version of Directory Access Protocol (DAP). It operates on both private intranets and public networks, and across multiple directory services which makes it the most convenient for authenticating, … Read More

How to protect personally identifiable information from a cyber breach 

How to protect personally identifiable information

In recent years, personally identifiable information (PII) such as social security numbers, medical history, and banking details have become a high priority target for cybercriminals. For example, There were 1.4 million reported ID theft incidents in 2020, as opposed to 650,000 incidents in 2019.  Driven by the prospect of high prices on the dark web and security vulnerabilities prevalent in … Read More

Looking back at the top data breaches of 2021

shutterstock 1136227238 1 RiskXchange The leader in Third-Party Cyber Risk Management

RiskXchange can help your company avoid becoming one of those affected by costly cyberattacks and ensure your organisation doesn’t make our list of top data breaches.. Cybercriminals flourished in 2021, which is, of course, bad news for businesses right around the globe. The Identity Theft Resource Center (ITCR) reported that by the end of September last year, the number of … Read More

How can you protect your operations from a domain hijacking attack?

RiskXchange How To Prevent Domain Hijacking Attacks RiskXchange The leader in Third-Party Cyber Risk Management

In 2014, the owner of the website domain lost all their traffic and transactions overnight because its domain name was hijacked and all visitors were redirected to a fabricated website.  In addition to lost traffic, they also lost all administrative access to the website—next to nothing could be done to resolve the issue.  While the owner eventually recovered access, … Read More

What is a zero trust security model?

RiskXchange RiskXchange The leader in Third-Party Cyber Risk Management

RiskXchange comes up with innovative solutions to everyday problems experienced at the hands of hackers. Principal Analyst of Forrester Research, John Kindervag founded the zero trust security model in 2010. The model, also known as perimeterless security, describes an approach to the design and implementation of IT systems. The zero trust concept is based around “never trust, always verify,” which means devices should … Read More

What is an attack vector and how can you avoid it?

cyberattack vectors

RiskXchange generates objective and quantitative reporting on a company’s cyber security risk and performance.  Cybercrime is ever evolving, and hackers are changing their tactics daily. Malware is commonplace but ransomware is the biggest threat to organisations in 2021. Some attack vectors – like phishing and credential theft – have been around for quite some time while others have cropped up in recent years causing widespread damage. What is an attack … Read More