Ransomware Readiness: How To Protect Against Third-Party Cyber Risk

Reducing third-party risk isn’t about checking a box; it’s about building ongoing visibility, tighter access controls and ...
dbta

BlueVoyant Creates New SBOM Capabilities to Reduce Third-Party Risks from Commercial Software

BlueVoyant, a leader in integrated cybersecurity, is launching its Software Bill of Materials (SBOM) management offering, helping organizations reduce risk related to software by automating the ...
Security

Can you trust commercial software? Tackling third-party software risk

Supply chain security is rapidly emerging as a material risk for enterprise software buyers. Yet, despite best efforts from regulators to hold software publishers accountable, enterprise buyers ...
JD Supra

Board Oversight of Third-Party Risk Management: Key Questions and Metrics for Effective Governance

The Telephonica Venezuela FCPA enforcement action reminds us that third-party risk management is one of the most critical components of a corporate compliance program. From suppliers and distributors ...
Yahoo! Sports

State of third-party risk management: Expert insights and the path forward

In today’s fast-moving digital economy, growth depends on strong, trusted relationships with vendors, suppliers, and partners. These third parties are often essential to modern business operations; ...
Design News

Beyond Tariffs: The Software Supply Chain Risks Every Medical Device Manufacturer Should Be Watching

Headlines today obsess over tariffs squeezing margins for medical device manufacturers (MDMs). But while tariffs can shave profits, insecure software can obliterate them—and result in patient safety ...
CSOonline

Third-party risk management: How to avoid compliance disaster

If third-party providers violate regulations, they expose their clients to a compliance risk. Third-party risk management (TPRM) is intended to help against this. Whether your organization is aware or ...
Dark Reading

Rising Tide of Software Supply Chain Attacks: An Urgent Problem

In recent years, software supply chain attacks have moved from the periphery of concerns to the forefront. According to Verizon's "2024 Data Breach Investigations Report," the use of vulnerabilities ...
CSOonline

AI development pipeline attacks expand CISOs’ software supply chain risk

Malicious campaigns targeting code used by developers of AI applications underscore the need to develop comprehensive risk-based programs around software dependencies and components. Widespread flaws ...
Computer Weekly

Secure software: Third-party suppliers your first-party risk

In 1965, Ralph Nader’s groundbreaking book Unsafe at Any Speed exposed how car manufacturers prioritised style, performance, and profit over the safety of drivers and passengers. His narrative spurred ...
Infosecurity-magazine.com

The Hidden Risks of Third-Party IoT Devices: What Organizations Need to Know

Internet of Things (IoT) devices are everywhere, from smart cameras in our offices to sensors on factory floors. While this connectivity promises efficiency, it also dramatically expands our attack ...
JD Supra

Client Alert: Navigating FINRA’s 2025 Third-Party Risk Updates: Compliance Strategies for Financial Institutions

Every year, the Financial Industry Regulatory Authority (FINRA) issues an Annual Regulatory Report in an effort to provide FINRA Member Firms with insight into findings from FINRA’s regulatory ...