Back to Blog > Security Best Practices & Advice
Jan 20, 2021 3 min read
4 Key Steps to Your Third-Party Risk Management Process
If you’re like most organizations, you are highly dependent on third-party vendors to efficiently run your business. On the flip side, vendors present risks which can have serious legal, financial and business repercussions, making vendor risk assessments more essential than ever. But how do you effectively manage hundreds, if not thousands, of vendors? Here are four key steps that should...
Jan 14, 2021 4 min read
What You Need to Know About Supply Chain Attacks
As the world was finally counting down to a new and brighter 2021, the attack on SolarWinds, one of the most significant supply chain attacks in recent history, closed an already challenging year with a thunderous bang. This supply chain attack was quite extensive, affecting more than 250 federal agencies and businesses and setting off alarms about the vulnerability of...
Dec 31, 2020 5 min read
5 Features to Have in Your Third-Party Security Risk Management Platform
If 2020 has taught businesses anything, it’s to “expect the unexpected.” The COVID-19 pandemic showed the world just how ill-prepared we really were for a disruption of this magnitude. As we enter 2021, resolve to protect your assets by employing a third-party security risk management platform and watch your old, manual process quickly transform into an efficient, streamlined one. So...
Dec 23, 2020 4 min read
5 Important Takeaways from the SolarWinds Supply Chain Attack
By now, you’ve heard about the massive security breach at IT management company SolarWinds, one of the most significant supply chain attacks in recent history. Now that we’ve gotten some distance from the event, we wanted to recap what happened and what you can do in the future. SolarWinds was compromised when hackers, believed to be Russian, inserted malware into...
Dec 22, 2020 3 min read
5 Key Considerations for Third-Party Risk Monitoring
Companies are finally understanding the importance of having a full due diligence process in place to assess their third-party vendors. But an essential part of the third-party risk management process is what happens at the end: Once you’ve finished assessing your vendors; you need to monitor them. This proactive approach will alert you of any potential or new risks that...
Dec 09, 2020 4 min read
5 Key Steps to Include in Your Vendor Risk Assessment
With increasing dependence on vendors in today’s interconnected world, vendor risk assessments are more essential than ever. No doubt, due to COVID-19, many companies took shortcuts with their security just to continue with “business as usual” during these unprecedented times. Simultaneously, however, cybercriminals were taking advantage of the situation, as is apparent by the growing intensity and frequency of cyberattacks...
Nov 24, 2020 4 min read
How Improved Vendor Collaboration and Communication Can Actually Reduce Cyber Risk
Remember when “Telephone” referenced a game you played with your childhood friends? “Telephone” in the workplace, especially between you and your vendors, is anything but fun and games. It is the cause of much frustration, inefficiencies and unnecessary risk to your organization. In recent years, businesses have greatly increased their reliance on vendors. Ideally, working with vendors enables businesses to...
Nov 12, 2020 4 min read
4 Reasons You Should Perform a Third-Party Cyber Risk Assessment
What do Instagram, Marriot and General Electric have in common? All three experienced third-party vendor data breaches in 2020. It’s pretty much impossible to find a company today that is not reliant on third-party vendors for products or services. Vendors offer organizations the ability to reduce costs and improve efficiency. Unfortunately, the same vendors may also carry risk for these...
Oct 28, 2020 4 min read
Securing Your Suppliers: Addressing 2020’s Most Common Third-Party Cyber Gaps
You want to work with vendors, but doing so can involve risk. Which vendor cyber gaps are the most common, and how can they be remediated? To answer these questions, Panorays used data from our cyber posture evaluations of tens of thousands of vendors from numerous industries over long periods of time. We extracted the findings that appeared in a...
Oct 14, 2020 3 min read
Securing Your Suppliers: Building the Right Password Policy
Organizations rely on passwords to ensure security. Yet according to Verizon’s 2020 Data Breach Investigations Report (DBIR), over 80% of hacking-related breaches involve the use of lost or stolen credentials. The problem has only gotten worse in the wake of coronavirus, when businesses have been forced to require their employees to work from home. This sudden need for increased remote...
Nov 26, 2019 3 min read
3 Key Points About CCPA
What is CCPA? The California Consumer Privacy Act (AB 375), which will go into effect on January 1, 2020, is expected to significantly strengthen data collection and privacy in the USA. Similar to the way the General Data Protection Regulation (GDPR) defined data privacy in Europe, the CCPA regulation is expected to set the standard for data privacy in...
May 08, 2019 3 min read
3 Reasons Why Enterprises Hate Security Questionnaires
It’s not hard to understand why security questionnaires are necessary. Because regulations like GDPR and NYDFS are holding businesses accountable for their third parties’ cybersecurity, it’s important for enterprises to assess and continuously monitor all vendors, suppliers and business partners. And the initial vetting of any third parties typically begins with a comprehensive security questionnaire to evaluate cyber posture. (more…)