Items Tagged with 'third-party security'

ARTICLES

Third-party risk requires risk management and assessment for the enterprise to ensure third-parties don't threaten their security

Third parties: The risk management blind spot

December 10, 2020

While providing access for third-party, non-employees is critical to meeting business objectives, it oftentimes has the unintended consequence of exponentially increasing an organization’s attack surface. With the proper identity-proofing practices and capabilities in place, organizations can verify the identities of their users, support risk management initiatives and better protect critical assets – eliminating the third-party risk management blind spots.

EDPB issues guidance for cross-border data transfers in wake of Schrems II judgment

The EDPB’s FAQs resolve some open questions, such as whether there will be a grace period for companies relying on Privacy Shield, but raise other questions, such as what “supplementary measures” companies need to put in place to use Standard Contractual Clauses and Binding Corporate Rules.

David M. Stauss

July 28, 2020

In the wake of the Court of Justice of the European Union’s Schrems II judgment, on July 23, 2020, the European Data Protection Board (EDPB) adopted a Frequently Asked Questions document to “provide initial clarification and give preliminary guidance to stakeholders on the use of legal instruments for the transfer of personal data to third countries, including the U.S.” The EDPB stated that the document will be updated, and further guidance provided, as it continues to examine and consider the judgment. The six-page FAQs provides the following guidance.

5 Tips for Minimizing Third-Party Risk

Grant McCracken

June 18, 2020

Outsourcing has become a vital part of most business strategies. Not only is it a way to save money, but it’s a simple way to take advantage of expertise you might not currently have in house. But outsourcing can also leave companies vulnerable if the third-party doesn’t have proper cybersecurity procedures.

Rutter's Suffers POS Malware Attack Exposing Payment Cards

February 17, 2020

Rutter's, a chain of convenience stores and gas stations with 72 locations in Central Pennsylvania, West Virginia, and Maryland, has provided a notice to its customers of a data breach incident.

CCPA Update: Analyzing the AG's Proposed Regulations

On October 10, 2019, the California Attorney General's office published its long-awaited proposed California Consumer Privacy Act (CCPA) regulations. What are they, and what should enterprises do to achieve compliance and avoid costly fines?

December 9, 2019

On October 10, 2019, the California Attorney General’s (AG) office published its long-awaited proposed California Consumer Privacy Act (CCPA) regulations. The AG’s office also announced that it will hold public hearings on the regulations on December 2-5.

DoorDash Reports Data Breach Impacting 5 Million Customers

September 27, 2019

DoorDash has announced it has suffered a massive data breach, involving the personal information of 4.9 million customers.

Outsourcing Data: Don't Take a Fairytale Approach

News Industry At Risk of Data Breaches, Data Misuse

June 27, 2019

News industry websites are at a higher risk of user-data breach or data misuse compared to other industries, the 2019 Feroot User Security and Privacy report found.

Mastering the Fundamentals of Cloud Security

Brad Bussie

August 2, 2018

When undertaking a cloud migration, it’s critical to remember that the security protocols that work in the enterprise will not necessarily work in the cloud.

How to Overcome Airport Identity Management Challenges

Kim Rahfaldt

May 8, 2018

No matter the size, airports are responsible for the security of all workers who are employed within their walls, on the tarmac, and grounds. The challenge is that 90 percent of those people don’t work for the airport. They work for the airlines, TSA or different vendors that reside as tenants within the airport.

Rethinking Identity Management in the Gig Economy

Sven Dummer

April 10, 2018

The “gig economy” is about to consumerize the workplace to new levels, bringing changes that will significantly impact how CSOs and CISOs protect their businesses.

More Articles Tagged with 'third-party security'

Pandemics, Recessions and Disasters: Insider Threats During Troubling Times

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Industrial Cybersecurity: What Every Food & Bev Executive Needs to Know

ON DEMAND: There's a lot at stake when it comes to cybersecurity. Reputation, productivity, quality. Join us to discuss the future of your global security strategy and a path forward with trusted partners Cisco and Rockwell Automation, and turn your Food & Bev security challenges into strategic advantages that drive business value.

Poll

Who has ownership or primary responsibility of video surveillance at your enterprise?

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products