Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
As regulations shift and providers enter new markets, the telecom industry is changing rapidly. In preparation for these changes, telecom risk management professionals must become aware of new risks on the horizon. Privacy and net neutrality laws, new kinds of cyber threats, reputational dangers, and other factors are all poised to affect telecom companies deeply in 2019.
The unfolding Hafnium attack is the latest event in the trend of cyber events. CISO’s are starting to recognize that enterprise cyber security is being redefined to mean me and all my suppliers, or the combination of first and third party cyber risk is enterprise risk. NotPetya demonstrated that breaching a small accounting firm could cost a firm like Merck over $1B in damage.
The cyber attack targeting SolarWinds, a provider of network and system monitoring software, is shaping up to be one of the most significant attacks against a critical supply chain partner, with significant implications for national security. Similar to NotPetya, the attackers compromised a software provider in order to gain access to the trusted update channel. Any organization using specific versions of the SolarWinds Orion Network Configuration Manager (SolarWinds Orion) product is presumed to be at risk.
Technology companies — along with their partner ecosystems — are some of the most targeted organizations when it comes to cyber-attacks. In 2018, enterprises invested an average of 3.5 million on cloud apps, platforms, and services — making the sensitive information held in those platforms a top target for hackers.