Other Archive

Major Third-Party Data Breaches Revealed in November 2019

A recent survey conducted by the Ponemon Institute reveals that 59% of companies have experienced a third-party breach in 2018, which is an increase of 3% compared to the previous year. Data breaches caused by third parties cost millions of dollars to large companies and devastating to small businesses. Third-parties are those companies that support […]

Using the FAIR Model to Quantify Third-Party Cyber Risk

By Bob Maley In a mature risk management program, risk is usually defined in business terms (financial impact) and then measured against factors such as risk appetite (the defined dollar figure of risk that a company is willing to accept) and risk tolerance (the percent beyond the defined dollar amount that a company is willing […]

Major Third-Party Data Breaches Revealed in October 2019

A recent survey conducted by the Ponemon Institute reveals that 59% of companies have experienced a third-party breach in 2018, which is an increase of 3% compared to the previous year. Data breaches caused by third parties cost millions of dollars to large companies and devastating to small businesses. Third-parties are those companies that support […]

Misconfigured Server by the Third Party Vendor Exposed 2.8 Million Customer Records

A security incident accidentally exposed 2.8 million customer information of CenturyLink due to a misconfigured MongoDB database affiliated with a third-party vendor. The name of the third-party vendor is not disclosed but it is a notification platform used by CenturyLink. The exposed data may include possibly including names, addresses, phone numbers, email addresses, and CenturyLink […]

Open Banking and Cyber Security in 10 Questions

1.  What is Open Banking? Open Banking is a system that shares financial institutions’ data, capabilities and/or processes to ensure the secure accession and availability of financial information to the users via third parties including fintech firms, technology providers, and other institutions by using Application Programming Interfaces (APIs). Your financial information is yours, and if […]
Health Institutions Suffer Third-Party Data Breaches Exposing Millions of Patient Records: How Can You Protect Against Another Breach?

Health Institutions Suffer Third-Party Data Breaches Exposing Millions of Patient Records: How Can You Protect Against Another Breach?

The data breach experienced by American Medical Collection Agency (AMCA), a third-party bill-collection vendor for the health institutions, affected 17 health institutions including the United States’ biggest lab testing companies, Quest and LabCorps. The incident came to light in early June. Hackers exploited a vulnerability in AMCA’s web payment portal, the company’s database filled with […]
Rapid Cyber Risk Scorecard

NormShield Launches Industry-First Rapid Cyber Risk Scorecard

New Offering Generates Report-Card Style, Third-Party Cyber Risk Analytics in 60 Seconds Mclean, Va., April 01, 2019 – NormShield, provider of on-demand cyber risk scorecards for enterprises, has launched its industry-first Rapid Cyber Risk Scorecard, the only risk assessment solution that delivers detailed, accurate data on any company’s security vulnerabilities in 60 seconds or less. […]