Category Archives: Third-party risk

Cybersecurity Collaborative creates task force to mitigate third-party risk

Recent supply chain attacks prompted cybersecurity professionals, under the auspices of Cybersecurity Collaborative, to stand up a task force focused on minimizing third-party risk. The need for the Third-Party Risk Task Force, which kicked off this week, has been amplified by recent advanced persistent threat attacks that infiltrated corporate and government networks, due to security…

The post Cybersecurity Collaborative creates task force to mitigate third-party risk appeared first on SC Media.

Continue reading

Posted in APT, From the Collaborative, Security News, Third-party risk | Comments Off on Cybersecurity Collaborative creates task force to mitigate third-party risk

With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity?

The number of SolarWinds victims will likely grow in the upcoming months, but direct insured costs should remain close to the current estimate since many of the organizations hit – particularly federal agencies – do not carry insurance against cyber risks.

The post With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity? appeared first on SC Media.

Continue reading

Posted in Data Breach, Government, Risk Management, Security News, SolarWinds hack, Third-party risk | Comments Off on With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity?

SolarWinds hack: Amid hardened security, attackers seek softer targets

Experts disagree that election security efforts detracted from supply chain security. But there are still lessons to be learned.

The post SolarWinds hack: Amid hardened security, attackers seek softer targets appeared first on SC Media.

Continue reading

Posted in Featured, Network Security, Security awareness, Security News, SolarWinds hack, Third-party risk | Comments Off on SolarWinds hack: Amid hardened security, attackers seek softer targets

SolarWinds, top executives hit with class action lawsuit over Orion software breach

Stockholders who purchased company shares in 2020 are suing the IT management software company for materially misleading investors about their security practices.

The post SolarWinds, top executives hit with class action lawsuit over Orion software breach appeared first on SC Media.

Continue reading

Posted in Breach, Featured, Legal, Legal Action, Security News, SolarWinds hack, Third-party risk | Comments Off on SolarWinds, top executives hit with class action lawsuit over Orion software breach

The 2020 SolarWinds reality check: As cleanup continues, community considers implications

What might go down as the most consequential story of the year for the cybersecurity community only surfaced in December. And yet, experts predict years of clean up, both physical and political, and potential shifts in how the nation secures the supply chain.

The post The 2020 SolarWinds reality check: As cleanup continues, community considers implications appeared first on SC Media.

Continue reading

Posted in Breach, Data Breach, Featured, Security News, Third-party risk, Year in Review | Comments Off on The 2020 SolarWinds reality check: As cleanup continues, community considers implications

Kawasaki Heavy Industries, a partner of defense companies and agencies, reports breach

Of particular concern among some cybersecurity experts is the fact that the company took several months to report to the incidents, which stemmed from unauthorized access to servers from overseas offices.

The post Kawasaki Heavy Industries, a partner of defense companies and agencies, reports breach appeared first on SC Media.

Continue reading

Posted in Breach, Data Breach, Security News, Third-party risk | Comments Off on Kawasaki Heavy Industries, a partner of defense companies and agencies, reports breach

In wake of SolarWinds and Vietnam, more supply chain attacks expected 2021

Research from ESET of a supply chain attack in Vietnam in which digital certificates were compromised set off continued discussions in the industry about the nature of recent supply chain attacks, and how security teams can most effectively prepare and respond.

The post In wake of SolarWinds and Vietnam, more supply chain attacks expected 2021 appeared first on SC Media.

Continue reading

Posted in cyberattack, Home, Security News, SolarWinds hack, Third-party risk | Comments Off on In wake of SolarWinds and Vietnam, more supply chain attacks expected 2021