Third Party Digital Risk Significantly Increases as Organizations Continue to Work From Home

Jul 23, 2020 2:34:13 PM By Stu Sjouwerman
It's no secret that in the last year we have seen a huge shift to remote work at a rapid speed. A recent Forbes article covered that during this time third party (supply chain) risk has ...
Continue Reading

We're All Third-Party Management Organizations

May 5, 2020 8:15:00 AM By Javvad Malik
In 2014, Jeff Immelt, CEO of GE famously said, “if you went to bed last night as an industrial company, you’re going to wake up today as a software and analytics company.”
Continue Reading

Third-Party Risk Management Questionnaire for Extended Emergencies

Apr 21, 2020 8:39:05 AM By Roger Grimes
Here’s a questionnaire you can send to suppliers during extended work from home (WFH) periods.
Continue Reading

[On-Demand] Addressing the Challenge of Third-Party Vendor Risk: Securing Your Supply Chain

Feb 19, 2020 9:29:31 AM By Stu Sjouwerman
Your customer data, intellectual property, and financials are the lifeblood of your organization. If lost or leaked, there could be significant implications to the viability of your ...
Continue Reading

Six Security Questions You Should Keep in Mind for Third Parties

Feb 6, 2020 8:23:45 AM By Jelle Wieringa
Organizations are beginning to understand the consequences of a data breach or a phishing attack and the negative impact they can really have. But what are the security risks for third ...
Continue Reading

Cybercriminal Gang, Silent Starling, Creates New ‘Vendor Email Compromise’ Category

Nov 19, 2019 2:38:04 PM By Stu Sjouwerman
New attacks focus on organizations with global supply chains looking to trick a supplier’s customers into paying fake invoices and have already impacted 500 organizations worldwide.
Continue Reading

Third Party Phishing: The New Spear-Phishing Attacks That Traditional Defenses Just Don't Stop

Nov 12, 2019 8:00:00 AM By Stu Sjouwerman
Joe in accounting is pretty cyber-savvy. He doesn’t fall for basic phishing emails with masked URLs or phony password reset requests. But what happens when Joe gets an email from a ...
Continue Reading

Here Is A New Term For Your Cybercrime Glossary: Vendor Email Compromise (VEC)

Nov 8, 2019 6:49:08 AM By Stu Sjouwerman
Agari’s latest Email Fraud & Identity Deception Trends report highlights the growing threat of vendor email compromise (VEC), according to SecurityWeek. This is a variety of business ...
Continue Reading

Vendors are Responsible for Almost Half of All Data Breaches

Apr 29, 2019 7:04:18 AM By Stu Sjouwerman
The latest data from a survey of 600 SpiceWorks IT and Security professionals shows that vendor users aren’t doing their part to keep your organization’s data safe.
Continue Reading

Is Managing Your Vendor Risk Taking Up Too Much of Your Time?

Apr 23, 2019 9:37:52 AM By Stu Sjouwerman
You told us you have challenging compliance requirements, and keeping up with risk assessments is a continuous hassle.
Continue Reading

Today I was attacked through an existing vendor using a real email thread

Feb 5, 2019 10:39:55 AM By Stu Sjouwerman
We have been dealing with a vendor of ours for on-hold messages for many years. I send them a Word file with the hold messages, their studio records them, and they send us a wave file ...
Continue Reading

KnowBe4 Prevents Customer From Becoming Social Engineering Victim Of Duke Energy Vendor’s Hack

Dec 6, 2017 1:39:03 PM By Stu Sjouwerman
A customer just sent us this: "Stu, the company who processes payments for Duke Energy’s walk in payments was hacked and as a result about 375,000 bank accounts may have been stolen. "We ...
Continue Reading
Subscribe

Search Our Blog


Free Cybersecurity Awareness Month Resource Kit

Subscribe To Our Blog

Posts By Topic

View all

Get the latest about social engineering

Subscribe to CyberheistNews