Security News
To select a suitable third-party risk management solution for your business, you need to think about a variety of factors. Third-party risk managers should review the goods or services their business provides, how third parties support different functions of the business, what processes they're involved in and what data they touch.
Even with more businesses rolling out staff security awareness training programs to combat evolving cyber threats, over 90% of data breaches still stem from human error. Training courses are wrongly seen as a silver bullet - Regular training is vital for helping employees strengthen their security behaviour, but computer-based courses are just one tool for tackling human cyber risk.
Despite the 49% of organizations in the report who said they are completing an initial risk assessment before granting access to third parties, these assessments are typically focused on the security controls the organization has in place or the organizational risk score. A third-party organization may pass a risk assessment and be in compliance one day, but an unexpected threat to business operations may push it out of compliance the next.
A third party could present a softer target, creating an opportunity for threat actors to move from that network to their primary target. A third party can actually become the primary target if it holds the sensitive data that threat actors want.
Cyber risk management solutions provider Brinqa this week announced that it received $110 million in growth capital from private equity firm Insight Partners. Bootstrapped and founder-backed since 2009, the company helps organizations gain a better view of cyber risk across their resources, through the seamless integration of security sources into a unified knowledge graph.
Fusion Risk Management announced it has appointed Clifford Chiu and Jeffery J. Weaver to its Board of Directors. "Fusion's ongoing mission is to help our clients remain resilient and deliver on their brand promises. We are thrilled to welcome two leaders of Clifford and Jeffery's caliber to our team as we continue to revolutionize the operational resilience sector," said Michael Campbell, Chief Executive Officer, Fusion.
COVID-19's disruption has stretched risk management infrastructures to the brink, forcing banks to recalibrate their data, models and processes for stress testing, impact assessments, scenario analyses and more. A global risk management survey by SAS and Longitude examines how banks are adapting their risk frameworks in response.
Mandiant Cyber Risk Management Services are designed to address critical business and security requirements to equip executives, boards of directors, and security and cross-functional leaders with risk-based data and advice to build effective and balanced security programs. "When developing a corporate security strategy and program, it is imperative to identify the areas and assets with the highest business value and those with the most significant threats and vulnerabilities. Mandiant Cyber Risk Management Services are designed to balance business and technical considerations and provide executives with risk-based decision support," said Jurgen Kutscher, Executive Vice President, Service Delivery, Mandiant Consulting.
According to a recent study conducted by Forrester Consulting, insider risk management is of greater concern now for 74% of companies than it was before the pandemic. The research explores how companies are currently treating insider risk management and the changes being adopted to pursue a more holistic approach to data risk management as part of zero trust strategies.
Fusion Risk Management announced that it has further strengthened its offerings to help financial institutions meet and exceed new Bank of England, PRA, and FCA regulatory requirements which take effect in early 2022, in addition to the recently formalized guidance shared by the Basel Committee. Fusion's collaborative ENGAGE customer community fosters a common understanding and best practices between those working toward greater operational resilience in financial services.