BlueVoyant has strengthened its ability to monitor the remediation of supply chain issues and integrate that with questionnaire activity, CEO Jim Rosenthal says. Existing supply chain tools tend to generate lots of risk information but then put the burden on the client to interact with suppliers.
Shields Health Care Group, a Massachusetts-based medical imaging services provider, is facing two class action lawsuits filed this week - a consolidated federal case and a similar, separate case filed in state court - both in the wake of the same 2022 data breach affecting 2 million individuals.
To help U.S. healthcare sector organizations better tackle some of the top challenges involving vendor risk management, a coalition of CISOs has launched the Health3PT Council. Members John Houston of UMPC and Omar Khawaja, former CISO of Highmark Health, describe the effort.
Ride-hailing app maker Uber says a data breach at a third party is responsible for the appearance on a hacking forum of internal data. The data is unrelated to the September incident Uber experienced after a hacker affiliated with Lapsus$ penetrated the company network, an Uber spokesperson says.
Cyber risk quantification (CRQ) is the measure of an organization’s cyber risk expressed in monetary terms, like dollars. CRQ has many benefits, but few security professionals understand how to implement it.
Join Paul Kelly, former head of risk at HSBC, and Chris Griffith, chief product officer at Balbix, as they...
A server misconfiguration at Kentucky-based CorrectCare Integrated Health Inc., a firm that provides medical claims processing for correctional facilities, has exposed sensitive information of nearly 600,000 inmates who received medical care during the last decade while incarcerated.
A hacking incident at a New York-based administrative management services firm has so far resulted in 20 anesthesiology practices reporting to federal and state regulators breaches affecting a total of about 430,000 individuals.
It has never been more vital to secure your supply chain, with governments also recognizing the urgency by increasingly calling for Software Bills of Materials (SBOMs) and the implementation of effective third-party security risk management (TPRSM) to stem the surge in ransomware and other cyberattacks.
Federal regulators are urging healthcare sector entities to identify all instances of OpenSSL in their infrastructures and to test and deploy a patch issued to fix certain severe vulnerabilities in the software as soon as possible.
From SolarWinds to Kaseya, Accellion, Log4j,
or Okta, third-party security breaches are
among the most devastating for organizations
Defense against third-party risk is
a top-tier risk register item, and it is not a one-off either – you need
continuous monitoring to evaluate the security stance of...
InfoSec, IT risk and digital supply chain management professionals know the key to minimizing the risk of third-party breaches is to implement a comprehensive and efficient third-party security risk management (TPRSM) process.
Join this webinar where Dov Goldman discusses the increasing challenges surrounding...