Cybersecurity

Why Going Alone in Cybersecurity is a Non-Starter

Posted: 02/07/2019 - 01:47
Are cybersecurity threats overblown or hyped up? It would be nice if that were the case. Then we’d have one less bucket of things to worry about. 
 
Unfortunately, the headlines are not fiction. Bad actors are stealing data, inflicting pain, and damaging corporate finances and brand reputations every single day. And it appears that they will continue doing so. 
 

Software Supply Chain Risk Management: Leveraging Standards to Communicate Expectations

Posted: 10/26/2018 - 00:41
Growing concerns related to dependencies on software-reliant information communications technology (ICT) and Internet of Things (IoT) devices are pushing changes in governance associated with supply chain risk management (SCRM). The possibility of disruption exists because the software that enables critical capabilities is vulnerable and exploitable. Exploit potential is often more about the vulnerability of assets in target organizations than the ingenuity of the attackers.

Time to Worry about your Software Supply Chain?

Posted: 10/09/2018 - 00:07
Software has become crucial to every industry. Yet ensuring the software system you are buying or licensing is authentic and free from defect or malware is a challenge. The QA procedure in old-school manufacturing is to test a random set of newly delivered widgets for their compliance with approved specifications. But you can’t really take the same simple approach with software. 
 

The Power of Collaboration

Posted: 05/12/2018 - 00:02

Members of RMA’s Third-Party Risk Management Round Table are experienced leader-practitioners, individually and collectively creating emerging best practices in third-party risk management. As the round table’s facilitator, subject matter expert, and member of the Steering Committee, it’s exciting and rewarding for me to be integral to this evolution.

Intelligent Automation Inspires New Plans For Onshoring

Posted: 11/04/2017 - 03:01

Offshoring and outsourcing don’t exist in a vacuum. These are processes that take advantage of and are influenced by technology, politics and the larger economy. Look at the last big round of offshoring at the start of the century. It didn’t just “happen” without any reason. Very specific changes facilitated this age of outsourcing.

The tip of the infosec iceberg?

Posted: 03/21/2017 - 08:12

Recent stories by, amongst others, the BBC detailing large, well-organised and presumably very profitable scamming organisations targeting UK TalkTalk customers have hardly helped the already-lowly reputation of offshore contact centres - but may unfortunately be only the tip of a perilous iceberg.

What your suppliers aren’t telling you (and why you should worry)

Posted: 02/28/2017 - 07:20

In a multi-partner service delivery model, transparency and visibility are essential to an effective security and supplier risk management (SRM) strategy. Yet a wide range of evidence suggests that this transparency is sorely lacking in many cases. According to a study by the independent Ponemon Institute, 73 per cent of suppliers that experience a data breach don’t notify other vendors in the supply chain, while more than a third (37 per cent) of suppliers don’t notify their customers.

Pages

Subscribe to RSS - Cybersecurity