NormShield Blog

Supply chain

Managing Risk in a Supply Chain

This blog takes a unique perspective into the topic of supply chain risks and how a risk assessment is critical to goods and services in a supply chain with the evolving risk landscape. What is a “supply chain”? A supply chain is a network between a company and its third parties that produces and distributes […]

Major Third-Party Data Breaches Revealed in July 2020

Data breaches caused by third parties cost millions of dollars to large companies and are often devastating to small businesses. A recent survey conducted by the Ponemon Institute reveals that 59% of organizations have experienced one or more data breaches caused by a third party, costing an average of $7.5 million to remediate.  Third-parties are […]

Why Patch Management Matters

The Rising Trend of Vulnerabilities Vulnerabilities within Microsoft, Oracle , Citrix, Juniper Networks, Palo Alto Networks and Cisco are on the rise with remote-work, causing IT teams to either apply patches or apply work-arounds to evade any critical attacks to their systems. Reduced budgets are also not always allowing for an upgrade to improved versions. […]

What You Need to Know Today About the Cyber Posture of Remote Collaboration Tools

Takeaways and Steps to Remediate The new work-from-anywhere model has increased attention to third-party SAAS, in which businesses leverage more than ever before. In this blog, NormShield reveals vulnerabilities associated with commonly-used remote collaboration platforms based on their commercially facing domains and digital footprints. A Primer into Remote Collaboration Platforms A remote collaboration platform is […]

Twitter hack

Twitter Cyber Attack

On July 15th, confusion stirred on the popular social media platform Twitter, as large companies such as Apple, Uber, and many big-name CEOs such as Elon Musk, Jeff Bezos, and Bill Gates posted “giving away free bitcoins”. Even though cryptocurrency scams targeting the microblogging giant are not new, and usually performed by hijacking verified accounts […]

Why Transparent Grading Matters in Security Rating Services?

Business assets become more visible and vulnerable to the outside world as they transcend into the digital world. Not only the assets, but the relationships with other businesses transform as well. As new links and relationships are established each day, businesses ask themselves: How do I look in the digital world?  What is my (security) […]

Major Third-Party Data Breaches Revealed in June 2020

Data breaches caused by third parties cost millions of dollars to large companies and are often devastating to small businesses. A recent survey conducted by the Ponemon Institute reveals that 59% of organizations have experienced one or more data breaches caused by a third party, costing an average of $7.5 million to remediate.  Third-parties are […]

A Guide to fix your Cyber Rating? Here’s the NormShield Strategy Report

We all know effective risk management starts with an effective risk model. An effective model helps clearly express risks and enables you to take action. Risk management professionals frequently find themselves struggling with risk parameters, risk prioritization and mitigation issues.  With classification-based risk scores, and financial risk models, is it clear to risk professionals where […]

Ticketing System

Why a Ticketing System is Critical to Third-Party Risk Management

Businesses strive to be more organized, focused and efficient. This productivity has a direct impact on costs, revenues, brand reputation and third-party relationships. Ticketing systems are useful means in guiding businesses to address alerts and issues both in an organization and in a third party. As the only in-house cyber risk ticketing platform, NormShield ticketing […]

GDPR

The Breach, The Fine & More: A Third-Party Perspective into GDPR

Articles on GDPR delving into definitions, clarifications on security issues, territorial scope, increased fines and so on are written daily. No one can deny the global effect of GDPR. With GDPR, citizens know their rights, they have control over their personal data, and now – GDPR has to be well-communicated by data controllers to company […]