This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies By closing this message or continuing to use our site, you agree to our cookie policy. Learn MoreThis website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
When NIST recently updated its Cybersecurity Framework, it added only one new core category: Supply Chain Risk Management (SCRM). Placed within the Framework’s “Identify” function, SCRM encompasses, but typically extends beyond, traditional vendor management approaches. That’s because the supply chain typically extends beyond suppliers to include other external parties, such as integrators and even third-party communications providers.
Companies remain on the hook for ensuring their vendors are up to task when it comes to cybersecurity, privacy compliance and continuity of operations. This checklist can help determine the maturity of your vendor risk management program.
Some of the most basic tenets of password account management have failed, leaving us with a dreadful combination of poor user experience and inadequate security.
How difficult is it for a computer (or a complete stranger) to validate the true identity of a person they don’t know? Very difficult, it turns out, especially when others may be trying to imitate them.
Traveling abroad with technology brings with it certain risks and may subject you to government surveillance in ways that are different from domestic travel. According to the FBI, you shouldn’t expect privacy in most countries outside the United States. Your data is less secure when you travel.
Taking advantage of technology and digitization involves more than business strategy. It requires strong data governance principles which, among other things, must align the functional demands of an organization’s cybersecurity, privacy and information management teams.
Something potentially groundbreaking is happening in New York, and its impact is being felt globally. Still, if you’re not in the financial services industry, and specifically regulated by the New York State Department of Financial Services (NYDFS), you may have missed it. What is this change? In short, it’s the first of what may become a wave of stringent state cybersecurity regulations that impose “minimum standards” on industry.
RSS
