Vendor risk tiering and 3 Reasons to use it for effective vendor risk management

Vendor Risk Tiering for effective Vendor risk management

A survey revealed that only 34% of companies are confident that they can track vendor logins, while over 37% can track the vendors accessing their system—an indication that vendor security standards are fluctuating. What role does the vendor risk tiering play in all that? Given that businesses interact with over 180 vendors a week, it is understandable that organisations may have … Read More

Fourth-party risk management: What do you need to know?

Riskxchange RiskXchange The leader in Third-Party Cyber Risk Management

As organisations rely more and more on third parties to complete certain operational activities, a business’ vendors often contract their own suppliers to provide specific services, creating an unprecedentedly larger, more fragmented supply chain. While you may not work directly with these fourth-party organisations, they play an integral role in your vendor security. Studies show that the number of supply … Read More

Reduce cyber exposure of your company in a digital ecosystem

RiskXchange Reduce your companys cyber exposure RiskXchange The leader in Third-Party Cyber Risk Management

RiskXchange uses data-driven insights to prevent breaches and reduce an attack surface. Cyber exposure – the vulnerabilities created when we use computers or network technology – grows and expands over time. It’s not static. And as the number of cyberattacks increase, it’s never been as important as it is now to stay on top of your organisation’s cybersecurity posture. According … Read More

Social engineering attacks: What is a whaling attack?

RiskXchange Protecting Your Company From A Whaling Attack RiskXchange The leader in Third-Party Cyber Risk Management

In 2016, FACC CEO Walter Stephen fell victim to a whaling attack where fraudsters used his credentials to authorise a substantial cash transfer that cost the corporation over $56 million.  In the same year, a prominent Seagate executive suffered a similar data breach, exposing employees’ W-2 forms. Over 10,000 current and former Seagate workers had sensitive information, such as their … Read More

PrintNightmare: Understanding the Windows Print Spooler vulnerability

RiskXchnage PrintNightmare Understanding the Windows Print Spooler vulnerability RiskXchange The leader in Third-Party Cyber Risk Management

RiskXchange provides full visibility over your eco-systems’ entire attack surface in near real-time to avoid vulnerabilities like PrintNightmare. Researchers at Sangfor Technologies accidentally published a proof-of-concept (PoC) exploit recently for a new and unpatched vulnerability affecting the Print Spooler service on newer versions of Windows. Although the PoC was deleted soon after its publication, the damage was already widespread. The … Read More

How can you protect your operations from a domain hijacking attack?

RiskXchange How To Prevent Domain Hijacking Attacks RiskXchange The leader in Third-Party Cyber Risk Management

In 2014, the owner of the website domain MLA.com lost all their traffic and transactions overnight because its domain name was hijacked and all visitors were redirected to a fabricated website.  In addition to lost traffic, they also lost all administrative access to the website—next to nothing could be done to resolve the issue.  While the owner eventually recovered access, … Read More

What should you cover during a cloud security audit?

RiskXchange What should you cover during a cloud security audit RiskXchange The leader in Third-Party Cyber Risk Management

RiskXchange generates objective and quantitative reporting on a company’s cyber security risk and performance for your cloud security audit. The 2021 Verizon Data Breach Investigations Report (DBIR) highlights that 73 percent of cyberattacks involved cloud assets during 2020, which is a dramatic increase from the 27 percent recorded in 2019. Not only does this show that cloud security incidents and … Read More