Vendor risk tiering and 3 Reasons to use it for effective vendor risk management

Vendor Risk Tiering for effective Vendor risk management

A survey revealed that only 34% of companies are confident that they can track vendor logins, while over 37% can track the vendors accessing their system—an indication that vendor security standards are fluctuating. What role does the vendor risk tiering play in all that? Given that businesses interact with over 180 vendors a week, it is understandable that organisations may have … Read More

Fourth-party risk management: What do you need to know?

Riskxchange RiskXchange The leader in Third-Party Cyber Risk Management

As organisations rely more and more on third parties to complete certain operational activities, a business’ vendors often contract their own suppliers to provide specific services, creating an unprecedentedly larger, more fragmented supply chain. While you may not work directly with these fourth-party organisations, they play an integral role in your vendor security. Studies show that the number of supply … Read More

The relevance of continuous attack surface management across the supply chain

RiskXchange Why Use Continuous Attack Surface Management RiskXchange The leader in Third-Party Cyber Risk Management

While supply chain attacks have always undermined the stability and reliability of businesses, in the past few years, we’ve witnessed a disconcerting spike in these incidents, creating a greater level of disruption than previously anticipated. This has been confirmed in a recent study by the European Union Cybersecurity Agency, which revealed that the number of attacks on the supply chain … Read More

Vendor due diligence best practices we can expect to see in 2022

RiskXchange Vendor Due Diligence Best Practices In 2022 RiskXchange The leader in Third-Party Cyber Risk Management

Throughout 2020 and 2021, we saw threats to cybersecurity increase by a significant margin. This led to disastrous cyberattacks all across the world, such as the SolarWinds attack, which undermined company profitability and credibility. Social engineering attacks proved to be particularly devastating with multiple reports revealing that ransomware and phishing attacks were particularly successful in this timeframe. In 2022, we … Read More

How has supplier due diligence responded to modern threats to supply chain

RiskXchange How has supplier due diligence responded to modern supply chain threats RiskXchange The leader in Third-Party Cyber Risk Management

On 2nd July 2021, Kaseya found their data stolen and held for ransom. Those who perpetrated the ransomware attack demanded over $70 million in payment to release the data, but the exposure of over 1500 of their clients to a potential ransomware attack was even more concerning for Kaseya.  An investigation into the attack revealed that there was a vulnerability … Read More

The security trends transforming vendor risk management

Riskxchange The security trends transforming vendor risk management RiskXchange The leader in Third-Party Cyber Risk Management

Third-party data breaches continue to grow at an alarming rate. A survey conducted by the SecureLink and Ponemon Institute revealed that over 44% of organisations suffered a third-party breach in the past 12 months. Out of the organisations that suffered a breach, 74% said that the cause was access given to third parties.  The growing incidences of third-party breaches explain … Read More

Third-party vendor management best practices for your security posture

Third-party vendor management

Businesses today are no longer singular entities that operate in silo; regardless of the size and scale of operations, almost every organisation depends on various third parties to carry out their activities without disruption. This also means means the importance of third-party vendor management has increased. To really benefit from outsourcing or specialisation, procurement teams have had to transfer a … Read More

How to ensure vendor security in a hybrid working environment

vendor security in a hybrid working environment

The pandemic has seen our lives shift from the office to home, bringing new nightmares for IT security heads. The work-from-home culture has created new challenges for businesses as they see their attack surface expand and their cybersecurity needs intensify. How do you ensure your vendor security in a hybrid working environment is still intact? According to the World Economic Forum’s Global Risk Report, in 2020, cybercrime … Read More

The role of CISOs in mitigating supply chain cyber risk

Supply chain cyber risk

RiskXchange is a respected provider of cybersecurity ratings and can fully assess potential threats to ensure businesses are protected on all fronts.  CISOs (Chief Information Security Officer) are crucial when it comes to mitigating supply chain cyber risk in any medium to large-sized organisation. The infamous 2020 SolarWinds attack underlined the need for CISOs to adopt tighter security measures within corporations right … Read More