Blog

In this day and age of cyber risk and data privacy regulations, third-party security risk assessments are a must. Organizations can no longer simply hire vendors without proof of a strong cyber posture. For this reason, it’s necessary for companies to conduct a comprehensive security evaluation of new vendors. Yet many organizations still assess their third parties using manual questionnaires....

If you are worried about managing your third parties, you are not alone. Gartner reports that nearly 70% of chief audit executives reported third-party risk as one of their top concerns, but many still struggle to manage this risk. The reason? Because it’s a tough job. Organizations rely on third parties, who receive access to businesses’ digitized systems and processes....

Cyber Monday is just around the corner, but—let’s face it—shopping online is a lot riskier than it used to be. It’s true that, as more and more brands offer competitive prices online, shoppers can get some great deals at this time of year. At the same time, however, hackers are increasingly finding new and creative ways to steal your personal...

Plenty of companies work with third-party suppliers, but not everyone fully comprehends how doing so significantly impacts a company’s cyber risk. As we are inundated with news reports about massive third-party data breaches, it’s important to understand why they keep happening, and why third-party security management is so crucial to businesses. Here are seven eye-opening facts to be aware of:...

Now more than ever, running a reliable third-party security risk assessment is a necessity for most enterprises. Hackers and cybercriminals throughout the world can gain access to a company’s network by exploiting even a single vulnerability of one of its numerous vendors and suppliers. Understanding how to minimize this risk is paramount for any business that doesn’t want to face...

Your company’s cyber posture may be strong, but that doesn’t mean that you are immune to attackers. As we have seen with recent cyber breaches at British Airways, Ticketmaster and Feedify, hackers typically target companies’ weakest link. Very often that means via a less-secure third party. How can companies improve the cyber posture of their third parties? In honor of...

Gone are the days when organizations were self-contained in their own brick-and-mortar buildings. Whether it’s for electricity, Internet connectivity, office supplies or even flower delivery, organizations depend on third parties to function. These vendors, suppliers and business partners often have access to sensitive company data, which could spell disaster in the wrong hands. Not convinced? Here are four good reasons...

Elad Shapira provides valuable guidance on how media companies can feel more secure about their cybersecurity. It’s not surprising that media companies aren’t confident about their security levels. In fact, media companies are an ongoing target – be it by political activists, nation states (as in the cases of attacks against The NY Times and Sony Pictures), or even just...

It’s Vegas time! Or should I say, Blackhat US 2018 is right around the corner. I’ve pretty much got all sessions and events on my calendar, but if I have to shortlist to Top 10, here they are. Can’t wait to meet up with fellow security researchers. If you’re in town as well, feel free to reach out to me...

As a cyber-security company, we get asked many times: “How do I know if my company is breached” and the obvious follow up question, “What should I do”? We turned to the obvious person to answer this, Elad Shapira, Panorays Head of Research. Elad is a well-known figure in the security field. He leads and trains many “white-hat hackers." Earlier...