The new California Consumer Privacy Act (CCPA), which entered into force on January 1, 2020, gives individuals the right to learn about the personal data collected and shared about them over the past 12 months, and requires companies to not only provide timely responses to Data Subject Requests (DSRs), but to also...
As cybercriminals and nation-states take advantage of the COVID-19 pandemic to further their own aims, authorities are calling on victims to report online attacks as quickly as possible to help them better disrupt such activity.
Visser Precision, a U.S. manufacturer that supplies Boeing, Lockheed Martin, Tesla and SpaceX, appears to have been hit by the DoppelPaymer ransomware gang, which has begun leaking internal data and threatening to leak more unless the victim pays a ransom.
You know you need a third-party cyber risk management (TPCRM) solution. Learn how to assess your current program maturity, key considerations for selecting technology, and how to make your case to the c-suite.
Download this guide to better understand the options for TPCRM, whether you are looking to advance your...
Increased business reliance on vendors and third parties means attack surfaces are growing. With greater attack surfaces comes greater risk, and thus the need for an effective third-party cyber risk management program.
Download this guide to learn how to get buy-in from key stakeholders, common roadblocks, and more.
As a technology company interacting with sensitive healthcare data, ClearDATA understands the importance working with trustworthy and compliant third-parties that hold with their customers' information. With critical data housed across three major public cloud providers, ClearDATA needed a centralized software...
You already have some sort of third party security program in place - perhaps you've built a security questionnaire based on internal policies or an industry standard such as ISO or NIST. You may have even "right-sized" your questionnaire specifically for different types of supplier relationships and developed a few...
State government officials told a Senate committee this week that more federal resources are needed to help states combat security cyberthreats, including ransomware. They also asked federal officials to share more information on looming security issues.
A Texas orthopedic practice says a recent malware attack "permanently damaged" thousands of electronic patient records. It's the latest in a string of healthcare incidents in which various forms of malware rendered records inaccessible.
The intellectual property, including research results, of biotechnology companies and other medical organizations is increasingly a target for hackers, who sometimes dump data on hacker forums or public websites. That's why breach detection and prevention is even more critical.
More bad news for ransomware victims: Anyone hit with crypto-locking DoppelPaymer malware now faces the prospect of having their personal data dumped on a darknet site unless they pay a ransom. The gang's move follows in the footsteps of Maze, Sodinokibi (aka REvil) and Nemty ransomware operators.
Your vendors often handle your most sensitive data. This presents new challenges as third-party risk, security, privacy, legal and IT teams struggle to vet and manage the vendors they rely on most. We'll discuss emerging vendor management trends and breakdown how risk exchanges are key to more efficient business...
The National Institute of Standards and Technology has unveiled a pair of draft practice guidelines that offer updated advice and best practices on how to protect the confidentiality, integrity and availability of data in light of increasing threats from ransomware and other large-scale cyber events.
From cutting costs to reducing risks and problems, there are many benefits to automating GRC.
But, what are the simplest ways to maximize value and minimize costs during implementation?
Check out the 8 simple steps for automating GRC and learn how to create a GRC roadmap that:
Scales with your...