Providence Health Plan says some of its members were among the nearly 3 million individuals affected by a data breach revealed by health plan administrator Dominion National in June. What lessons are emerging from that security incident and others involving third parties?
A "zero trust" security model makes it easier to manage application access and protect against malicious users, but the rollout of the model must be managed in a very organized way, says Mani Sundaram, CIO and EVP, Global Services and Support, at Akamai Technologies.
Third-party vendor risk continues to pose a security challenge to organizations. Despite many having formal policies for managing third-party risk, almost half of organizations say they've suffered a data breach that traces to a third-party vendor, says Mark Sangster of eSentire.
The latest edition of the ISMG Security Report analyzes the ransomware attack on Texas municipalities as part of a broader trend. Also featured: An initiative designed to safeguard the 2020 presidential elections and a CIO's third-party risk management efforts.
Not that long ago, many infosec leaders were asking, "What is zero trust and why should I care?" Today, it's more often, "How do I get my business owners to properly support and resource our transition to a zero trust architecture/posture?"
Media production, marketing and delivery is a complex journey that...
The transition to cloud-based software and infrastructure has revolutionized development and services. It's also created a bevy of new security challenges. Jay Heiser of Gartner says if organizations don't get cloud security right, it's their own fault. Here's why.
The recent data breach that exposed information on 2.6 million customers of Bangalore-based Jana Small Finance Bank points to the need for banks to ramp up their vendor risk management efforts, security analysts say.
Choice Hotels says about 700,000 guest records were exposed after one of its vendors copied data from its systems. Fraudsters discovered the unsecured database and tried to hold the hotel chain to ransom, which it ignored.
CISOs, CIOs, CROs are all being asked to measure the effectiveness of their information security programs often overlooking their greatest risk: third party resources. For every company this risk manifests in different forms: third party developed software; vendors/suppliers with access to their data; contractors...
Independent research revealed that while 60% of firms have formal third party risk policies, nearly half have experienced a significant breach caused by a vendor. Why? Executives don't make vendor risk a priority or are too trusting. Learn from 600 IT and security leaders about top concerns around supply chain and...
The U.S. Department of Defense has purchased IT gear known to have significant cybersecurity vulnerabilities, according to a new inspector general audit, which also highlights concerns about the use of equipment manufactured in China.