Choice Hotels says about 700,000 guest records were exposed after one of its vendors copied data from its systems. Fraudsters discovered the unsecured database and tried to hold the hotel chain to ransom, which it ignored.
Organizations going through a digital transformation need to make sure they develop a sound third-party risk management strategy, says RSA's Holly Rollo, who discusses best practices.
For financial institutions, every new customer heralds an opportunity - but if the organization doesn't know enough about that customer there may be risks as well. Using know your client (KYC) and customer due diligence (CDD) checks as an initial first line of defense in reducing the risk of money laundering and...
The U.S. Department of Defense has purchased IT gear known to have significant cybersecurity vulnerabilities, according to a new inspector general audit, which also highlights concerns about the use of equipment manufactured in China.
The cause of Capital One's breach is known. But experts say the incident still raises questions over why Capital One held onto personal data so long and if the bank was adequately monitoring administrator accounts.
When it comes to supply chain risk, many organizations overlook how dependent they are on those critical relationships, says Matt Kraning of Expanse. As a result, they are minimizing serious security vulnerabilities. Kraning offers insights on re-thinking that dynamic.
"Key, critical company operations materially...
The Capital One data breach is in early stages of remediation. Art Coviello, former chair of RSA, which was breached in 2011, shares first-hand insight on steps the breached institution and its CEO should be taking now.
When it comes to supply chain risk, many organizations overlook how dependent they are on those critical relationships, says Matt Kraning of Expanse. As a result, they are minimizing serious security vulnerabilities. Kraning offers insights on re-thinking that dynamic.
A powerful parliamentary committee has called on Britain's new prime minister - be it Boris Johnson or Jeremy Hunt - to make a decision "as a matter of priority" about the extent to which telecommunications gear built by Huawei should be used in the nation's 5G network.
After a long privacy investigation, the U.S. Federal Trade Commission voted to levy a $5 billion fine against Facebook, according to the Washington Post and the Wall Street Journal.
Incidents involving supply chain vendors pose increasingly significant risks to health data, says Rick McElroy of Carbon Black, who addresses "island hopping" and other emerging threats.
As more organizations rely on third parties for various services, managing the security risks involved is becoming a bigger challenge. Three CISOs offer insights on their real-world strategies for success.
Where is the data, who has access to it, and how is it being secured? These are among the top questions inherent in any third-party risk program. Cris Ewell, CISO of UW Medicine, shares insight from his experience managing vendor risk.
Really good third-party cybersecurity risk management is essential to enterprise success. Done well it enables an organization to realize at the speed of business the benefits of outsourced systems and services. Done poorly it results in the business missing out on strategically important opportunities or, even worse,...
The firmware of more than 500 Huawei networking products is riddled with security weaknesses that make the vendor risky to use for 5G networks, a new report contends. The study analyzed more than 9,000 firmware images in 558 enterprise products from the Chinese company.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.
