In the News

Dec 16, 2022

Where there is money, there are cybercriminals. This is especially true for credit unions which deal with both financial information and the personal identifying information (PII) of every member and connected institution. They are a digital vault of gold coins and the hackers are all too ready to crack the safe.

Dec 12, 2022

In this Expert Insight, Jeffrey Wheatman, a Cyber Risk Evangelist at Black Kite argues that CISOs need to shift to a more proactive approach to fend off damaging attacks by sophisticated ransomware groups.

Dec 8, 2022

Cybercriminals often encrypt when everybody’s out of office.

Nov 23, 2022

Technology has always played a major role in military competition, and military competition has always leaned heavily on industry. The two spheres, the military and industry, overlap so much that “military-industrial complex” is common parlance.

Nov 21, 2022

Breaches in cyber security can be detrimental to the health of enterprise organizations and SMBs alike. Not only are they financially devastating, but they also erode consumer trust. The advent of widespread distributed teams in 2020 added an additional layer of risk and cyber criminals took notice.

Nov 17, 2022

Even amid a downturn that’s affecting tech companies, venture capitalists say they’re paying attention to certain early-stage startups.

Black Kite: An AI-driven cybersecurity platform.

Oct 25, 2022

Understanding your digital supply chain risk is becoming one of the significant challenges many businesses face today, especially with the move to the cloud and globalization of the computing behind those services.

Oct 11, 2022

RAS InfoTech, the world-class information security products distributor, announces a brand-new distribution partnership with Black Kite, the Boston-based leading third-party risk intelligence platform. RAS Infotech will deliver the Black Kite solution to hundreds of its clients and prospects throughout the Middle East and Africa.

Sep 5, 2022

As speed of business increases, more and more organizations are looking to either buy companies or outsource more services to gain market advantage.

Sep 5, 2022

As speed of business increases, more and more organizations are looking to either buy companies or outsource more services to gain market advantage. With organizations expanding their vendor base, there is a critical need for holistic third-party risk management (TPRM) and comprehensive cybersecurity measures to assess how much risk vendors pose.

Aug 11, 2022

Episode 2698 blackkite.com with Bob Maley at Black Hat USA 2022

Aug 10, 2022

Black Kite report finds more than 3 in 4 breached companies are still susceptible to phishing

Aug 8, 2022

As cyberattacks on companies become increasingly prevalent in the past several years, more hackers are also targeting supply chains as a means of entry, creating a ripple effect within business ecosystems. As Boston-headquartered third-party cyber risk intelligence firm Black Kite describes it, “cyberattacks can now impact hundreds of companies without discrimination.”

Aug 4, 2022

Security company Black Kite have released a report that makes sobering reading detailing the cost of data breaches. They estimate that many data breaches cost around $15 million. This is a distinct danger to organizations like utilities, which have a large number of customers, and critical information in their databases.

Aug 3, 2022

Data breach costs between 2017 and 2022 averaged $15 million without outliers but rose to $75 million when outliers were considered, TechRepublic reports.

Aug 3, 2022

Black Kite Finds Cost of Data Breach Averages $15.01M

Aug 3, 2022

Welcome to our new and improved Daily Roundup where we quickly summarize the news you missed today.

Aug 3, 2022

A data breach could cost organizations millions of dollars, concludes study by IBM and Black Kite.

Aug 2, 2022

Most data breaches cost companies between $10,000 and $1 million, according to an analysis of 2,400 data breach incidents from 2017 to 2022 conducted by Black Kite Research. In addition, 15% of analyzed data breaches cost between $1 million and $10 million.

Aug 2, 2022

A data breach could cost organizations millions of dollars, IBM and Black Kite researchers found in their recent studies. Both reports showed similar conclusions that data breaches have a “haunting effect,” and lacking the use of certain security technologies could lead to higher breach costs.

Aug 2, 2022

A leading cyber risk intelligence company releases a new report to assess the financial impact and root causes of 2,400 cyber incidents.

Aug 2, 2022

With the median cost per incident coming in at $130,000, most data breaches do not cross the $1 million threshold.

Jul 27, 2022

The U.S. agency that oversees credit unions proposed a 72-hour deadline for regulated companies to report cyberattacks on Wednesday.

Jul 27, 2022

Though businesses have become more confident in preventing ransomware attacks, confronting risk is an internal commitment.

Jul 14, 2022

On July 6, 2022, the Travelers Property Casualty Company of America (Travelers Insurance) filed a suit in an Illinois federal court against International Control Services, Inc. (ICS) asking for policy rescission and declaratory judgment against ICS. Travelers alleges that ICS misrepresented its use of multifactor authentication (MFA) on its policy application, which should be sufficient legal grounds to deny payment on ICS’s ransomware claim and void the policy entirely. If this reads like legalese, that’s because cyber insurance policies are legally binding agreements and application “errors or omissions” nullify contracts.

Jul 5, 2022

Last week Bob Maley, Chief Security Officer at Black Kite and I led a Fireside Chat discussion on the current regulatory landscape regarding privacy and security. While state laws continue to advance and there is momentum for a Federal U.S. Privacy Regulation, the update by the Federal Trade Commission (FTC) on the Gramm-Leach-Bliley Act (GLBA) Security Safeguards rule is impacting specific sectors right now. I have worked with GLBA since its inception in my tenure at one of the largest service providers to financial institutions, so let me break down the components we discussed as a “Primer” on GLBA in 2022.

Jul 1, 2022

Black Kite’s platform was built to provide full visibility into a vendor’s cyber position, using the same open-source intelligence tools and techniques hackers use (data collectors, crawlers, honeypots, etc.) to continuously collect information from internet-wide scanner databases, reputation sites, cyber events, hacker shares, and known vulnerability databases.

Jun 28, 2022

One of the largest cyberattacks in history happened on a Friday, Eric Perakslis distinctly remembers.

Perakslis, who was head of Takeda’s R&D Data Sciences Institute and visiting faculty at Harvard Medical School at the time, had spent that morning completing a review on cybersecurity for the British Medical Journal. Moments after he turned it in, he heard back from the editor: “Have you heard what’s going on right now?”

Jun 17, 2022

Here’s a look at the most interesting products from the past week, featuring releases from Black Kite, Feroot, Incognia, Optiv, and Splunk.

Jun 16, 2022

Each business day, MSSP Alert delivers this quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.

Jun 15, 2022

The annual RSA conference was back to in person this year, and the excitement was palpable on the exhibition floor. With cyberattacks growing exponentially – in both number and sophistication – there’s never been a more important time to be a cybersecurity company.

Jun 15, 2022

Black Kite, the leader in third-party cyber risk intelligence, announces the availability of FocusTags, a fast and simple way for users to track high-profile cyber events and quickly identify which vendors have been affected within their supply chain.

Jun 15, 2022

Black Kite released FocusTags, helping users to track high-profile cyber events and identify which vendors have been affected within their supply chain.

Jun 14, 2022

Most of the time, security slip-ups happen because of careless, accidental behavior. Through educating people and focusing on changing behaviors, those cyber risks can be mitigated. That’s the idea behind the importance of people-centric cybersecurity.

Jun 9, 2022

The Defense Department is still figuring out how to raise the cybersecurity waterline among its vendor community as part of its Cybersecurity Maturity Model Certification program. And some new research based on privately collected cyber risk intelligence shows the problem is as urgent as ever. According to a new report from Black Kite, almost three quarters of defense contractors have had network credentials leaked in just the past 90 days.

Jun 4, 2022

Today’s cybersecurity landscape requires an agile and data-driven risk management strategy to deal with the ever-expanding third-party attack surface.

Jun 3, 2022

Thirty-two percent of U.S. defense contractors are vulnerable to ransomware attacks, according to a new report.

May 25, 2022

Nearly 20% of the top 99 insurance companies in the US have a high susceptibility to ransomware according to a new report by cyber risk intelligence company Black Kite.

May 25, 2022

Seventy-two percent of the 100 U.S. defense companies included in a Black Kite analysis have at least one credential that has been compromised within a 90-day period, the cyber risk monitoring company said in its new report.

May 17, 2022

Black Kite gives roughly 26% of insurers an “A” grade for their cyber posture, but the remaining 73% are three times more likely to experience a cyber breach.

May 13, 2022

Despite credit unions’ efforts to educate members about fraud, many are falling prey to thieves.

May 10, 2022

Data loss prevention is an integral component of how a business operates and continuously improves, and this remains true for any healthcare organization. The abundance and availability of data have helped medical professionals and patients, but it’s also appealing to any cyber criminal trying to cause harm to make a profit.

Apr 21, 2022

The energy industry is especially vulnerable to cyberattacks, according to political leaders and security analysts. Also, attacks on the industry, which includes utilities and the energy production and distribution sectors, can have a domino effect farbeyond the entities victimized by the breach.

Apr 11, 2022

TechRepublic reports that one in five of the leading 99 insurance carriers were highly vulnerable to ransomware attacks, with 82% susceptible to phishing attacks. Software supply chain attacks have also spiked by 300% over the past year, according to a report from Black Kite.

Apr 8, 2022

A new report from Black Kite shows the entire sector may be ripe for ransomware attacks.

Apr 8, 2022

Black Kite released a report that examines rising cyber risk concerns and ransomware susceptibility in the insurance sector. The most notable takeaway: nearly 20% of the top 99 insurance carriers have a high susceptibility to ransomware.

Apr 3, 2022

Here are some of the latest executive hirings, promotions, and staff changes that happened in February.

Mar 28, 2022

Hospitals and health systems are finding themselves in the crosshairs of cybercriminals more frequently. According to third party cybersecurity company Black Kite’s 2021 Third Party Breach report, attacks on healthcare companies accounted for nearly a third of attacks in 2021.

Mar 23, 2022

Management accountants can be invaluable in addressing cybersecurity risk.

Mar 19, 2022

The ongoing struggle to update vulnerable software by finding and applying the right patches in a timely manner has led half of enterprise IT departments to use Web application firewalls (WAFs) either in lieu of patching or to offer some protection before patching can be achieved.

Mar 15, 2022

SecZetta, the leading provider of third-party identity risk solutions, today announced that it was launching a complimentary Third-Party Identity Risk Maturity Assessment at HiMSS22.

Mar 15, 2022

Last week, officials at Denso Corp confirmed that the company’s Germany hub, which oversees sales, design and development of automotive parts, had sustained a ransomware attack.

Mar 11, 2022

One of the most unexpected consequences of ransomware attacks in 2021 may have been the nationwide cream cheese shortage caused by an attack on one of the nation’s largest cream cheese manufacturers.

Feb 28, 2022

Toyota is stopping all car production in Japan from March 1, due to a cyberattack on a key supplier, Kojima Industries. The automotive giant said it was suspending the operation of 28 production lines at 14 plants in Japan saying “we apologize to our relevant suppliers and customers for any inconvenience this may cause” and attributing the issue at Kojima to a “system failure.”

Feb 23, 2022

President Joe Biden unveiled fresh sanctions after Russia sent troops into Ukraine, but he still has to contend with the political risks of an overheated energy market.

Feb 3, 2022

One-quarter of pharmaceutical manufacturers received a failing grade on patch management, which is a vital step in heading off ransomware attacks.

Jan 29, 2022

One third of the companies studied haven’t fixed their credential management — the same issue that led to the Colonial Pipeline hack last May.

Jan 26, 2022

Chief Security Officer of Black Kite Bob Maley believes Russia could launch cyber warfare at any moment, but says Lavrov’s comment isn’t necessarily an indication.

Jan 28, 2022

Black Kite released its annual Third-Party Breach Report, which examines the impact of third-party cyber breaches in 2021. Ransomware was the most common attack method behind third-party breaches in 2021, initiating more than one out of four incidents analyzed.

Jan 26, 2022

The Biden administration and NATO told Russia on Wednesday there will be no U.S. or NATO concessions on Moscow’s main demands to resolve the crisis over Ukraine.

Jan 24, 2022

Despite cybersecurity prioritization following the onset of the COVID-19 pandemic, the healthcare industry was the most common victim of attacks caused by third parties, accounting for 33% of incidents last year.

April 21, 2020

Hundreds of fraudulent websites were discovered as the public took an interest in antimalarial drugs chloroquine and hydroxychloroquine hyped by public figures. A report conducted by researchers in NormShield showed that hundreds of shady coronavirus-related websites have been operating and profiting off the pandemic since January.