Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
Ever since the JPMorgan Chase breach was made public, companies have been watching closely to see the aftermath, the bank's course of action, and any best practices that may be developed as a result.
Questionnaires have been a key part of third-party risk management programs for decades. And, until recently, they were the primary way businesses checked up on the cybersecurity performance of their third-party vendors.
As more and more details surrounding the Target breach continue to unfold, it's becoming evident just how complicated it can be for investigators and journalists to follow the trail of evidence left behind. The latest reports suggest that one or more business partners were used by the attackers to gain access to Target's systems. Below is a summary of top stories which provide insight into the tangled web of third party vendors and suppliers which may have left Target vulnerable to attack, highlighting just how esstential it is for organizations to be aware of their third party risks.
Earlier this month, tech security blogs and mainstream news outlets reported on a large data breach that affected banking giant JPMorgan Chase. During the event, which lasted from mid-July to mid-September, the personal information of customers who accessed online accounts of the bank’s UCARD product may have been exposed. While there seems to be no official word on the cause of the breach, the prevailing consensus from news sources is that unencrypted customer data was visible in plain text from logs that track user actions on the website. While the bank insists there is no evidence of illicit use of the compromised information, it is offering affected customers temporary credit monitoring.
The local news is abuzz with a story of Boston convention attendees being victims of a credit card data breach. The impact is small - only about 300 people have been affected - but there seems to be a lot of finger pointing and shuffling around while the conference organizers and convention center try to figure out which vendor is to blame.