After the Trump administration last week blacklisted Huawei amid rising trade tensions, Google says it has canceled the Chinese smartphone giant's Android license. Many chipmakers and other technology firms have also said they will cease or at least pause the sharing of software, hardware and services.
The latest edition of the ISMG Security Report describes a discussion among "Five Eyes" intelligence agencies at the recent CyberUK conference. Plus, an update on a Huawei 'backdoor' allegation and new research on managing third-party risk.
How far does an organization's risk surface extend, and who are the custodians of all that data? A new research report aims to answer those questions. In a joint interview, Kelly White, of RiskRecon and Wade Baker of the Cyentia Institute offer an analysis.
Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
When a company plans to make an acquisition, it should conduct a "compromise assessment" to assess whether the organization being purchased has had an undiscovered breach, says Steve Ledzian, CTO for Asia Pacific at FireEye.
For many, cost-effective scalability usually means outsourcing some or all of your business functions to a complex web of third-party vendors.
The Third-Party Risk to the Nth Degree whitepaper provides quantitative and contextual measures by which your organization can compare current practices and investment to help...
An incident involving a third-party vendor migrating a server containing archived email of a medical device provider has resulted in a reported health data breach impacting more than 277,000 individuals. What went wrong?
According to some researchers, up to 61 percent of recent data breaches were a result of a third-party vulnerability. Matan Or-El, CEO of Panorays, discusses the weakest links of supply chain security and how to strengthen them with automated tools.
The risks posed to enterprises managing third parties have evolved. Increasing reliance on third-party vendors, new privacy regulations, shifting cybersecurity threats, and frequent data breaches have upended the third-party risk landscape. As a result, modern risk solutions must adapt to solve both security and...
Five years ago, rating the cybersecurity posture of organizations to help reduce risk and improve their security posture was a new idea. Since then, the concept has been expanded to include everything from threat management to cyber insurance premiums, says Sam Kassoumeh, COO of SecurityScorecard.
More than ever before, companies are investing heavily in their organization's security. But as the threat landscape changes, how do you know that these investments in security are paying off - and how can you determine that you are investing the appropriate amount of security spending in the areas that matter most to...
What are some of the hottest issues that will be discussed at this year's RSA Conference, to be held March 4-8 in San Francisco? Britta Glade, content director for the world's largest data security event, says DevSecOps - as well as third-party risk and cloud-related issues - are emerging as key themes.