What proactive cybersecurity measures you can take to protect your supply chain To understand why is cybersecurity important, we have to take a look at a recent survey, conducted by Gartner. During a recent Executive Advisory Board meeting at Gartner, highly-acclaimed research and advisory firm specialising in cybersecurity amongst other things, one of its members highlighted that while their team is quite … Read More
Okta cyber security attack: Supply chain attacks on the rise
Analysing Okta cyber attack and what you should do if your business has been affected Organisations that use Okta to provide access to their networks have been affected by a cyberattack conducted by the hacking group Lapsus$. Okta said that in a worst-case scenario, 366 of its clients had been compromised and their “data may have been viewed or acted … Read More
How a cyber ecosystem works – your protection against a supply chain attack
A cyber ecosystem is very much like a physical ecosystem. Within a cyber ecosystem, individuals, organisations, and external parties interact with one another to form one digital functioning unit. Your organisation remains at the heart of this ecosystem and will be joined by other entities surrounding it, such as suppliers, vendors, and third or fourth parties. But in case of a supply chain … Read More
How to use NIST SP 800-61 guide to be better prepared for third-party risk
As your business grows, so does its third-party ecosystem. But with growth comes a greater sense of responsibility which entails increasing cybersecurity measures and protecting your company against cyberattacks. Ensuring your organisation’s cyber defences are at an optimal level is paramount in today’s digital age to protect against technology outages, credential and data exposures, denial-of-service attacks, ransomware, and other threats. Here … Read More
New vendor risk assessment with SIG questionnaire in 2022
The Standard Information Gathering (SIG) questionnaire is a configurable tool to enable the scoping of a diverse vendor risk assessment using a comprehensive set of questions to assess third-party or vendor risk. It is updated every year to keep up-to-date with the ever-changing risk environment and priorities. Developed by Shared Assessments, the SIG questionnaire allows organisations to build, customise, analyse, and … Read More
Strategies for effective third-party risk management
As corporate and government stakeholders realise the value of vendor security, your cybersecurity team has to devise a more effective third party risk management programme. With organisations working with hundreds of third-party and fourth-party vendors, enforcing effective vendor risk management strategies is critical for the ongoing stability of your business. That said, managing vendor risk is far more complex than … Read More
How to select an effective third-party risk management framework
RiskXchange can help your business monitor and mitigate third-party risks to prevent unnecessary exposures. Third-party technology and service providers can offer huge strategic advantages to businesses. But at the same time they can cause huge headaches for cybersecurity teams. Although third-party technology allows organisations to focus on their highest value activities, security risks often crop up with each new partnership. … Read More
Cyber supply chain risk management (C-SCRM) best practices for 2022
RiskXchange fights cyber threats by providing instant risk ratings for any company across the globe. Cyber supply chain risk management (C-SCRM) is the process of identifying, understanding, and mitigating cyber risks that threaten your organisation’s extended supply chain. Managing cyber risk within your supply chain includes taking precautionary measures to secure your organisation against attacks, as well as mitigating the … Read More
What to consider when selecting a third party risk management framework
In March 2021, the Volkswagen Group of America learnt that one of its vendors left unsecured data online, exposing contact information and social security numbers of over 3.3 million customers. The attack severely damaged the brand’s reputation because over 97% of the victims were Audi customers and interested buyers. The cyberattack encapsulates the problem most companies face today—discerning which vendors … Read More