In my hometown of Los Ranchos, in Bernalillo County, New Mexico, village residents include goats behind crumbling adobe walls and roosters crowing from the top of mobile homes. Riding horseback down the street is not uncommon. But, even the sleepiest of hamlets cannot...
Credential Stuffing Attacks: How To Protect Yourself
Jan 5, 2022 | Data & Cybersecurity
The New York Office of the Attorney General said this week that it identified and notified 17 well-known online retailers, restaurant chains, and food delivery services that have been the victims of credential stuffing attacks. What Is Credential Stuffing? Credential...
Take 5 To Take In The Top 5: Risk Management Reading and Webinars
Dec 17, 2021 | Third Party Risk Management
Ahhhh, winter break….maybe you are cozied up at home with some time on your hands. Or, perhaps you have been left behind at the ski lodge. Here or there, how about taking in some riveting Risk Management literature and video? Our top five most-read studies and papers...
HO! HO! Oh NOOOO! The Log4j Vulnerability
Dec 16, 2021 | Data & Cybersecurity
Here we go again: another holiday season, another exploit. It appears many IT, risk, and security professionals are going to have to wait to down their favorite holiday cheer as another exploit has brought tumult to the community. A Log4j vulnerability has bubbled to...
Risk Management and SOC Reports: Hung By The Chimney With Care
Dec 15, 2021 | Standardized Control Assessment (SCA), Tools & Templates
December seems to be a month fixated on fancy footwear. On Christmas Eve, some of us will “hang stockings by the chimney with care.” On December 4, a few of us celebrated the fringe awareness event “National Sock Day” commemorating “those rarest of socks that manage...
Let’s Talk About The GraphQL API Authorization Vulnerability
Dec 10, 2021 | Data & Cybersecurity
Cybersecurity firm Salt Labs recently discovered a “GraphQL API authorization vulnerability” in a large B2B financial technology platform. This vulnerability would give attackers ways to submit unauthorized transactions against customer accounts, harvest sensitive...
Cyberattacks Logistics Industry: Rivers, Roads and Rails
Dec 10, 2021 | Cyberattacks, Data & Cybersecurity
Since its founding in 1871 as a one-man business transporting goods by horse-drawn cart, Hellman Worldwide Logistics has grown into one of the largest international logistics providers. With high-performance offerings in the Airfreight, Seafreight, Road &...
Nordic Choice Hotels Ransomware: Keep Calm…We’re Running As Fast As We Can
Dec 8, 2021 | Business Continuity
“We’ve got a problem. Keep calm. We’re running as fast as we can…” Nordic Choice Hotels Group sent this message in an email to program members after its IT systems were hit by the Conti ransomware group on the evening of December 2. Nordic Choice Hotels is one of...
Amazon Web Services (AWS) Vulnerability: Shared Responsibility
Oct 13, 2021 | Data & Cybersecurity
From Airbnb to Zillow, some of the internet’s most popular sites and services are built on Amazon Web Services (AWS), the world’s leading cloud computing provider. But, recent industry discussions point to an AWS vulnerability. Evolution of Amazon Web Services...
Facebook Outage: Human Element is the Most Vulnerable Element
Oct 5, 2021 | Data & Cybersecurity
Facebook and its app family (including Instagram and WhatsApp) seemingly disappeared from the internet for over five hours on Monday. The outage impacted more than 3. 5 billion users worldwide who use Facebook and related platforms to connect with friends and family,...
Sign up for our Newsletter
Learn about upcoming events, special offers from our partners and more.
Sub Topics
- Agreed Upon Procedures (AUP)
- Artificial Intelligence
- Assessment Firms
- Banking and Financial Services
- Benchmark Study
- Best Practices
- Best Practices
- Best Practices
- Big Data
- Board of Directors
- Brexit
- Briefing Paper
- Business Continuity
- Business Resiliency
- California Consumer Privacy Act (CCPA)
- Certification
- Certified Third Party Risk Professional (CTPRP)
- Cloud Computing
- Collaborative Onsite Assessment
- Compliance
- Contracts
- Corporate Culture
- Corporate Reporting
- Cyber Crime
- Cyber Insurance
- Cyber Risk
- Cyberattacks
- Cybersecurity
- Cyberwarfare
- Data
- Data & Cybersecurity
- Data Breach
- Data Governance Tools
- Data Privacy Day
- Data Protection
- Dodd-Frank
- Education and Training
- Environmental Social Governance (ESG)
- Event
- FINRA
- Framework
- Fraud
- General Data Protection Regulation (GDPR)
- Global Risk
- Governance
- Guidance
- Hacking
- Health Insurance Portability and Accountability Act (HIPAA)
- Healthcare
- Incident Reponse
- Industry Members
- Industry Verticals
- Information Security
- Internet of Things (IoT)
- Larry Ponemon
- Licensees
- News
- News And Events
- Office of the Comptroller of the Currency (OCC)
- On-site Assessment
- Operational Risk
- Operational Technology (OT)
- Outsourcing
- Pandemic Planning
- Payments
- Payments
- PCI
- PHI
- Ponemon Institute
- Press Release
- Privacy
- Program Tools
- Program Tools
- Public Policy
- Regulations
- Regulatory Compliance
- Regulatory Requirements
- Research And Publications
- Risk
- Risk Assessment
- Risk Compliance
- Risk Management
- Risk Professionals
- Security
- Service Providers
- Shared Assessments
- Shared Assessments Summit
- Standardized Control Assessment (SCA)
- Standardized Information Gathering (SIG)
- Standards
- Supply Chain
- Supply Chain
- Survey
- Third Party Oversight
- Third Party Risk
- Third Party Risk Management
- Tokenization
- Tone at the Top
- Tools & Templates
- Uncategorized
- Vendor Assessment
- Vendor Oversight
- Vendor Risk
- Vendor Risk Management
- Vendor Risk Management Maturity Model (VRMMM)
- Vendor Security
- Virtual Assessment
- Webinar
- White Papers