third-party risk – Business Cyber Risk Blog

Hacked F-35 Fighter Info from Australian Contractor Exemplifies Third-Party Risk in Cybersecurity

Posted on October 13, 2017 by Shawn E. Tuma

Third-party risk (or nth-party risk) is a hot topic in cybersecurity. While it can mean many things, at its core third-party risk describes a situation in which an organization that does a good job of protecting its own network and data, within its environment, works with other organizations that do not do such a good … Continue reading Hacked F-35 Fighter Info from Australian Contractor Exemplifies Third-Party Risk in Cybersecurity →

Third-Party Risk in Cybersecurity Exemplified by North Korea’s Stealing of US War Plans

Posted on October 12, 2017October 13, 2017 by Shawn E. Tuma

Third-party risk (or nth-party risk) is a hot topic in cybersecurity. While it can mean many things, at its core third-party risk describes a situation in which an organization that does a good job of protecting its own network and data, within its environment, works with other organizations that do not do such a good … Continue reading Third-Party Risk in Cybersecurity Exemplified by North Korea’s Stealing of US War Plans →

Checklist: Managing Third-Party Risk in #Cybersecurity

Posted on October 3, 2017April 11, 2018 by Shawn E. Tuma

If I timed this right, when this post publishes, I will be about to present at the ISACA CSX 2017 North America Cybersecurity Nexus Conference in Washington, DC. My talk is titled Legal Issues Associated with Third-Party Risk. I am publishing this post with the #CSXNA and #CyberAware hashtags in the title so that conference attendees can … Continue reading Checklist: Managing Third-Party Risk in #Cybersecurity →

Uber’s Settlement With FTC Emphasizes Companies’ Need for Cyber Risk Management Programs

Posted on August 21, 2017August 21, 2017 by Shawn E. Tuma

The FTC and Uber have settled the enforcement action the FTC brought against the company. This action stems from Uber's data breach of more than 100,000 individuals' PII despite its promises that their data was "securely stored within our databases." The FTC found this promise was misleading when compared with the actions the company was … Continue reading Uber’s Settlement With FTC Emphasizes Companies’ Need for Cyber Risk Management Programs →

Critical Steps Companies Must Take to Comply with New York’s Cybersecurity Rules – Ethical Boardroom

Posted on March 15, 2017March 15, 2017 by Shawn E. Tuma

New York's Cybersecurity Regulations went into effect on March 1, 2017 and their impact could reach farther than you think -- including to small and mid-sized companies that do not do business in New York and are not in the financial services industries. And, they require direct involvement by the Board of Directors. Is your … Continue reading Critical Steps Companies Must Take to Comply with New York’s Cybersecurity Rules – Ethical Boardroom →

Please share this!

Like this:

Please share this!

Like this:

Please share this!

Like this:

Please share this!

Like this:

Please share this!

Like this: