Apr 27, 2021
4 min read
Addressing the Most Common Third-Party Cyber Gaps
You want to work with vendors, but doing so can involve risk. Which vendor cyber gaps are the most common, and how can they be remediated? To answer these questions, Panorays used data from our cyber posture evaluations of tens of thousands of vendors from numerous industries over long periods of time. We extracted the findings that appeared in a...
Mar 10, 2021
3 min read
Protecting Yourself From Third-Party Cloud Vulnerabilities
In our January 2021 version release, Panorays introduced a new Cloud category to our third-party cyber posture assessments. The Cloud category, as all of our previous categories, is based on non-intrusive probing (e.g. DNS mining) and external data feeds — allowing organizations to assess their third parties easily and quickly. Here’s some background about the significance of this category. Why...
Jul 22, 2020
3 min read
The New Cyber Risk Rating: A Conversation with Panorays’ Chief Architect
Today, Panorays announced its release of the Cyber Risk Rating, a combined “bottom-line” rating of all of the cyber data available about a supplier on Panorays, including the Cyber Posture Rating, Smart Questionnaire™ Rating and business impact. Unique to Panorays, the Cyber Risk Rating enables security professionals to make quick decisions about their suppliers’ security. To shed some light on...
Jun 04, 2020
5 min read
The Top 5 Third-Party Data Breaches of 2020
The year is not even half over, and third-party data breaches continue to proliferate. In third-party data breaches, sensitive information belonging to an organization is compromised through a vendor, business partner or supplier. Such cyber events can be disastrous for organizations, which can lose customer confidence and loyalty and face hefty regulatory penalties. In fact, according to a recent Gartner...
Jun 18, 2019
4 min read
Fourth-Party Security: Another Level of Security Management
How secure are your third-party suppliers? And what about their suppliers? Panorays is focused on third-party security management – that is, the security posture of suppliers, vendors, partners and others doing business with an organization. But there’s yet another level that all businesses need to be concerned with – the partners and suppliers of their third parties, which are better...
Mar 26, 2019
5 min read
Employee Attack Likelihood: The Hidden Indicator Nobody Talks About
When ranking the weakest link in an organization’s cybersecurity barriers, many tend to think of unpatched servers, exposed services or even shared resources on cloud providers. However, most overlook the number one factor needed for a successful cyberattack: humans. (more…)
Oct 17, 2018
3 min read
5 Ways to Improve Your Third Parties’ Cyber Posture
Your company’s cyber posture may be strong, but that doesn’t mean that you are immune to attackers. As we have seen with recent cyber breaches at British Airways, Ticketmaster and Feedify, hackers typically target companies’ weakest link. Very often that means via a less-secure third party. (more…)
Aug 21, 2018
5 min read
TLS v1.0 Refuses to Die
The TLS v1.0 cryptographic protocol, released in 1999, has various known vulnerabilities and security experts have recommended to disable it for a while now. However, Panorays research into 1,150 organizations (with a total of 29,000 websites) shows that 52% of organizations still use TLS v1.0 throughout all of their websites. (more…)
Popular Posts
Nov 26, 2019
3 min read
3 Key Points About CCPA
What is CCPA? The California Consumer Privacy Act (AB 375), which will go into effect on January 1, 2020, is expected to significantly strengthen data collection and privacy in the USA. Similar to the way the General Data Protection Regulation (GDPR) defined data privacy in Europe, the CCPA regulation is expected to set the standard for data privacy in...
May 08, 2019
3 min read
3 Reasons Why Enterprises Hate Security Questionnaires
It’s not hard to understand why security questionnaires are necessary. Because regulations like GDPR and NYDFS are holding businesses accountable for their third parties’ cybersecurity, it’s important for enterprises to assess and continuously monitor all vendors, suppliers and business partners. And the initial vetting of any third parties typically begins with a comprehensive security questionnaire to evaluate cyber posture. (more…)