Black Kite vs. The Competition See the Difference →

All Posts

Deep Web and Black Market

Cybersecurity with Artificial Intelligence in 10 Questions

Cyber Insurance; 7 Questions To Ask About Cyber Security

Are Bitcoin Exchange Sites Safe?

Cybersecurity Technology Summit

3rd Party Risk Management

Are your assets at risk of being victimized or weaponized in a Memcached DDoS attack?

General Data Protection Regulation (GDPR) and Cyber Insurance

Did we accomplish to hack Hawking’s brain? Looking at cyber security from Hawking’s view

Malicious JavaScripts: How Can You Get Hacked?

Cyber Security Services: Do Companies Really Need Them?

How hackers leverage your IP addresses? IP Reputation as a Cyber Risk Assessment Metric

SIM Connect Annual Conference

Which One is More Secure: Banks or Cryptocurrency Exchange Markets?

Is Your Website Ready for GDPR?

Add Your IoT Devices to your Third-Party Cyber Risk Assessments

Supply Chain Cyber Risk are Finally Part of the NIST Cybersecurity Framework!

Are You Ready for Hackers Incoming Supply-Chain Attacks?

2018 Guide to Select 3rd Party Cyber-Risk Assessment Tool

What is Patch Management?

Have you patched your holes? 6 Simple Things for Patch Management

Artificial Intelligence for Cyber Security

3.8 Billion Stolen Credentials are out there! How about yours?

Outsmart Your Hackers

Lesson from TicketMaster Breach: CDN Security of third-party suppliers

How Strong is Your SSL/TLS? 6 Simple Steps to Make it Stronger

3rd Party Vendors of Healthcare Providers Must Meet HIPAA Regulations

Third-Party Risk Management from COBIT’s perspective

Do You Monitor Your Suppliers? ISO/IEC 27001 Regulations Say You Should

How to Prevent Software Supply-Chain Attacks

Your company accounts may be breached. Find out with Free Account Breach Search.

British Airways Breach: Is it a third-party attack?

Free GDPR Compliance Checker

Major Third-Party Breaches Revealed in September 2018

Check Whether Your IP Assets Are Blacklisted Or Not For Free

Open Invitation to Hackers: Misconfigured Cloud Servers

Reduce Your Cyber Exposure to Mitigate Your Cyber Risk

Major third-party breaches revealed in October 2018

Third-Party Attack on Cryptocurrency Exchange

Black Friday Special: Potential Phishing Sites Have Quadrupled in The Last 6 Months

Are There Any Domains Impersonating Your Company For Phishing?

Major Third-Party Breaches Revealed in November 2018

More Than 1,300 Potential Phishing Domains That Impersonate Major Airlines Were Registered This Year

Hold Your Annual Reports for Late Massive Data Breaches; Quora and Marriott

Black Kite Recognized on The 10 Most Promising Cybersecurity Solution Providers List

An Attack on 3rd-Party Advertising Company Increased Cyber Risk of European E-Commerce Sites

Popular Video-Sharing Platform Hit by Credential-Stuffing Attack

Major Third-party Breaches Revealed in January 2019

Black Kite Takes on Our First-Ever Seed Round of VC Funding

Black Kite Launches Industry-First Rapid Cyber Risk Scorecard


Fastest Growing Companies Keep Pace Managing Cyber Risk, but Blind Spots Remain According to Black Kite Cyber Risk Scorecard Research

DVV Solutions Enhances its Third-Party Cyber Risk Capabilities with Black Kite’s Scorecards

How To Measure What Hackers Know About You

Black Kite Research Finds Presidential Candidates Making The Most of Cybersecurity Investments

Major Third-party Breaches Revealed in May 2019

GitHub Account of Canonical (Ubuntu Maker) Hacked; Cyber Risk & Third-Party Code-Sharing Sites

Major Third-party Breaches Revealed in June 2019

Steps to Mitigate What Happened in The Capital One Data Breach

Black Kite is Sponsoring The Wicked6

New Potential Phishing Domains Targeting Top 50 Banks Rise 14% in First Half of 2019, New Black Kite Research Finds

Health Institutions Suffer Third-Party Data Breaches Exposing Millions of Patient Records: How Can You Protect Against Another Breach?

State Election Commissions Facing and Fighting Mounting Cyber Challenges, New Black Kite Research Finds

Major Third-Party Data Breaches Revealed in August 2019

Election Report: Educating about Cyber Risk Assessment

By 2020, More Than 3,500 New Phishing Domains will be Active, Targeting 50 Major Banks

Black Kite Enables Organizations to Calculate Potential Financial Impact of Cyber Attacks on Suppliers and Partners

Major Third-Party Data Breaches Revealed in September 2019

Open Banking and Cyber Security in 10 Questions

Misconfigured Server by the Third Party Vendor Exposed 2.8 Million Customer Records

Major Third-Party Data Breaches Revealed in October 2019

SCAM Alert: Consumers Need to Watch Out This Holiday Season – The Number of Fake E-Commerce Sites is Spiking

Patricia Titus, Markel’s Chief Privacy and Information Security Officer Joins Black Kite Board of Directors

How to integrate Black Kite’s FAIR analysis into a third-party risk management (TPRM) program

VendorInsight and Black Kite Announce Partnership to Provide Advanced Cybersecurity Monitoring Services

Maturing a third-party risk management program using the FAIR model to improve due diligence and action plans

The intertwined relationship between credit ratings and cyber risk scores after the downgrade of Equifax’s rating by Moody’s

Major Third-Party Data Breaches Revealed in November 2019

Number of possible phishing domain rises towards the end of 2018

Another Bucket Leak: Third-Party PR Firm Serving Top-Name Brands Exposed Customers’ Data

Pentest vs. Security Rating Services

What exactly does the term RISK mean to you?

Major Third-Party Data Breaches Revealed in December 2019

Top Ten Data Breaches Caused by a Third Party in the Last Decade

Cyber Nightmares of 2019: The Breach, The Fine and The Reputation

5 Takeaways from 2019 Third-Party Breaches

Third-Party Leaks Birth Certificates: Over 750,000 records exposed

Major Third-Party Data Breaches Revealed in January 2020

Monitoring third-parties continuously: A NIST Perspective

What is “Third Party” in Third-Party Risk Management?

What is “Cyber Risk” in Third-Party Risk Management?

Major Third-Party Data Breaches Revealed in February 2020

A CCPA Perspective into Third-Party Risk Management

A message from our CEO

What is Your Risk-Based Approach to Third-Party Risk Management?

Major Third-Party Data Breaches Revealed in March 2020

Shady Websites Pushing Pharmaceuticals Trying to Capitalize on COVID-19 Fears

How do online meeting tools respond to increasing security and privacy issues?

The Cyber Security Posture of VPN Vendors

Major Third-Party Data Breaches Revealed in April 2020

Cybercriminals Prey on Healthcare Workers

Cyber Security Concerns as the World Begins to Re-Open

Major Third-Party Data Breaches Revealed in May 2020

The Breach, The Fine & More: A Third-Party Perspective into GDPR

Why a Ticketing System is Critical to Third-Party Risk Management

A Guide to fix your Cyber Rating? Here’s the Black Kite Strategy Report

Major Third-Party Data Breaches Revealed in June 2020

Why Transparent Grading Matters in Security Rating Services?

Twitter Cyber Attack

What You Need to Know Today About the Cyber Posture of Remote Collaboration Tools

Why Patch Management Matters

Major Third-Party Data Breaches Revealed in July 2020

Managing Risk in a Supply Chain

HIPAA Basics for Third Parties in Healthcare

Third-Party Cyber Risk with AI

Major Third-Party Data Breaches Revealed in August 2020

Major Third-Party Data Breaches Revealed in September 2020

Black Kite Secures $7.5 Million in Series A Funding

10 Questions to Ask When Securing Your Supply Chain

Why Bother with Third Party Cyber Risk Management at All?

What a Good Vendor Risk Management Program Looks like in 2020

Major Third-Party Data Breaches Revealed in October 2020 – Part 1

Major Third-Party Data Breaches Revealed in October 2020 – Part 2

Patched your network recently? The growing risk on IT Vendors

Growing Ransomware Risk on Third Parties

Major Third-Party Data Breaches Revealed in November 2020

A Tale of Two Threats

What Was “Not Surprising” About the Recent Government-Targeted Attacks

Major Third-Party Data Breaches Revealed in December 2020

Cyber Risk Ratings Leader NormShield Rebrands to “Black Kite”

SolarWinds Breach – Gray Rhino or Black Swan?

5 Lessons Learned from the Largest Third-Party Breaches in 2020

Major Third-Party Data Breaches Revealed in January 2021

Are Security Rating Services Really Worth it for SMBs?

Why Reputational Risk Matters Regardless of Company Size

Accellion: Another Data Breach, Defined

Black Kite Partners with Templar Shield to Expand Availability of Third-Party Risk Management and Cyber Risk Ratings Services

Major Third-Party Data Breaches Revealed in February 2021

Qualys & Accellion: The Third-Party Breach Ripple Effect

Credit Union Industry Risks Significant Financial Impact Due to Cybersecurity Vulnerabilities

Behind the Screen: Meet 5 of the Most Notorious Ransomware Groups

Five Reasons Why Supply Chains Need Security Monitoring

Making the Case for Automation: Vendor Questionnaires & Compliance Mapping

Major Third-Party Data Breaches in March 2021: Airlines, Healthcare & More Take a Hit

Do’s & Don’ts for Revamping Your Cybersecurity Playbook

Seven Sins in Enterprise Cybersecurity That Will Cost You More in the Long Run

Missed Signals: How the Ransomware Attack on Apple’s Supplier Could Have Been Detected Sooner

Why Cybersecurity is a Business Issue (Not Just an IT Issue)

The “Whac-A-Mole” Game Between Cybercriminals and Security Teams

Top Five Third-Party Breaches in April 2021: Hackers Bite from Apple, Airlines Hit Turbulence & More

A Preview of the 2021 Manufacturing Risk Pulse: Consumer Packaged Goods

Three Assumptions You Should Never Make About Ransomware

How Protected Are You Against Ransomware?

The Latest Third-Party Data Breach Updates: May 2021

How to Create an Effective Cyber Incident Response Plan

Four Cybersecurity Tips for Navigating to a Hybrid Work Environment

The Most Common Cybersecurity Threats Facing Supply Chains in 2021

Ransomware Day Strikes Again: What Kaseya Should Teach Us

The Top Five Third-Party Data Breaches in June 2021, Revealed



Inside the Mind of a Cybercriminal: Common Hacking Methods, Explained

Third-Party Data Breaches in July 2021, Revealed: Ransomware Continues Its Reign

T-Mobile Hacked 6 Times in Last 4 Years

Ransomware Attacks Against the Fortune 500: Lessons Learned from Accenture

Understand Supply Chain Risk Susceptibility to Prevent New Microsoft Exchange Server Ransomware Attacks

Healthcare Ransomware Attack Led to Cancelled Surgeries and Diverted Patients – What is Next?

Over 40 Million Consumers Affected by the Top Third-Party Data Breaches in August 2021

The Human Firewall: Why Employees Play a Critical Role in Cyber Risk Management

Four Ways Automation Can Transform Your Third-Party Cyber Risk Management Strategy

The Secret to Ransomware Risk Management in 2021

What You Need to Know About Maturing Your Third-Party Risk Management Program

Tired of Guessing Whether Your IP Addresses Are Blacklisted?

What is Patch Management, and How Does it Impact Cyber Risk Management?

Why Supply Chain Risk Assessments are Critical to Cybersecurity

What is Phishing? Tips to Identify and Prevent Cyber Scams


FBI Issues Ransomware Warning for Mergers and Acquisitions

1.2 Million Customer Records Leaked in GoDaddy Data Breach

Are Your Third Parties PCI-Compliant?

New Year’s Resolutions for 2022: Cyber Risk Learnings

Reputational Cyber Risk – How to Avoid Business Loss

Devil in the Details: How to Address Third-Party Risks

CMMC 2.0: Compliance Made Simpler for DoD Contractors

Ciox Health breach impacts 30+ institutions: Why does healthcare continue to be targeted in 2022?

Data Breach Access Points Hide in the Digital Supply Chain

5 Ways Automation is Revolutionizing Third Party Risk Management

Understanding the NIST 800-160 SP 1.1 Draft

Controls without enforcement: Is Zero Trust possible?

New Federal Cybersecurity Legislation Aimed at Protecting Critical Infrastructure

Third-Party Risk Management & Cyber News

The CIA Triad: A Key Part of Your Cyber Security Program

Strong Cybersecurity Talent: The Biggest Need for Companies in 2022

Seven Questions to Ask When Assessing Security Rating Services

Third-Party Risk Management: A Tool or a Process?

Prioritizing Third Party Risk Intelligence in a Managed Services Package

What should cyber security’s role in sourcing and procurement be?

Due Diligence 5-Step Checklist

Have You Built a Password Fortress? – Risky Passwords of 2022

2022 Key Third-Party Breaches: Healthcare Still At Major Risk

Defend Cybersecurity Investment Amidst an Economic Downturn

Spotlight on the Gramm-Leach-Bliley Act (GLBA)

Expert Insights: U.S. Federal Government Risk in 2022

Cybersecurity Rating vs. Penetration Testing (Pen Test)

CISO on the Road with Bob Maley

Do GRC Requirements Truly Reduce Risk?

Why Context Matters in Security Metrics

How to prioritize security when executives are focused on business growth

It’s Time to Make Multi-Factor Authentication (MFA) Part of Your Daily Routine

Should Operational Security Be Discussed With the Board?

Software Updates Are Not Optional

How to Conduct Cost Optimization and Remain Cyber Safe During an Economic Downturn

Time to Revamp Your Typical Password Strategy

What is the difference between VRM, TPRM, and Supply Chain Risk Management?

Phishing: History, Statistics, and Prevention

I Like Cheese – Please Stop Talking About Cost Cutting – Instead Focus On Cost Optimization

What Is a Brute Force Attack (And How Can You Prevent It)?

Don’t Let Chaos Bring You Down

Third-Party Cyber Risk: A Guide to Your First Steps in Managing It

Who Owns Cybersecurity in Supply Chain Risk Management?

A Simple Approach to Prioritizing Cyber Risk in Your Third-Party Relationships

Do Your Executives Really Understand the Risk of Cybersecurity in Your Supply Chain?

Do You Sbom [Software Bill of Materials], Brah?

No More Best Practice

Don’t Ignore the Smaller Partners in Your Third-Party Risk Ecosystem

Third Party Breach Report Commentary from Jeffrey Wheatman

Risk and Reels Goes Live – Hear From Jeffrey Wheatman on Starting a Podcast

The Three Most Common Ways Bad Actors Target Your Digital Supply Chain

Are Cuts Inevitable, or is Cybersecurity Recession Proof?

What is Third-Party Cyber Risk?

What is a Third-Party Risk Assessment, and Why Do They Matter?

DORA is top of mind, and we aren’t talking about the Explorer

What is HECVAT and how is Black Kite leveraging automation to transform the VRM process?

How Does Black Kite Calculate Cybersecurity Ratings?

Cascading and Concentration Risk: How do they impact your digital supply chain?

Why Cyber Risk Quantification Is the New ‘Best Practice’

5 Reasons Cyber Insurance Underwriters Need Security Ratings

Fortune 500 CISO Patricia Titus Talks About Enabling Change in Cybersecurity

Black Kite Recognized as a Strong Performer in Gartner® Peer Insights™ & Customers’ Choice in North America Segment

Why Traditional Third-Party Risk Management Programs Aren’t Cutting It

Ransomware Trends 2023: The Who, What, and Why

Beyond Ransomware: The (Non-Ransom) Effects of Ransomware

Why Your Entire Company Should Help Build Your Third-Party Risk Management Program

Should I Talk to My Vendors About Their Cyber Posture?

The History of Ransomware: Where It’s Been and Where It’s Going

How to Respond a Data Breach in Your Supply Chain

Black Kite Review: RSAC 2023

The Evolution of Artificial Intelligence and Cyber Risk

Introducing Black Kite’s New FAIR Model Scenarios – Ransomware and Business Interruption

The Impact of AI on Cybersecurity

Know Your Risk: Social Engineering and Cybersecurity

The Unique Risks Small Businesses Face Using Third-Party Vendors

Leveraging Black Kite for Compliance with OSFI’s TPRM Guidelines

The Truth About Security Ratings — And How To Improve Them

What is Machine Learning and How Does Black Kite Use It?

How Are Threat Actors Leveraging AI Tools in Their Attacks?

Final Rule: SEC to Require Companies to Report Breaches in 4 Days

What Is Cyber Risk Intelligence?

What You Need To Know About the Different Types of Hackers

Do Third-Party Cyber Risk Management the “Right Way” — and Save on Costs

Top 10 Ways Threat Actors Are Targeting Companies in 2023

What Is Cyber Resilience?

How the Black Kite Parser Aids Procurement and Compliance Management

What is a Cyber Ecosystem?

Transmit Security CIO David Mahdi Talks Cybersecurity Standards

Mitigating the Storm: Vendor Risk Management Amidst the Recent Cisco IOS XE Web UI Vulnerability (CVE-2023-20198)

What Makes Black Kite the Cyber Risk Intelligence Solution of Choice

Focus Friday: TPRM Insights on Okta, OwnCloud, OpenVPN, and Citrix Incidents with Black Kite’s Focus Tags™

Focus Friday: Third-Party Risks in Qlik Sense, Adobe ColdFusion, and Atlassian Confluence Vulnerabilities

Focus Friday: Tackling Emerging Threats – Volt Typhoon, Elementor RCE, and MLflow Vulnerabilities

A Quick Guide to Cybersecurity Continuous Monitoring Resources

The Challenge of Securing a Constantly Shifting Tech Ecosystem

Focus Friday: Addressing the Critical CVE-2023-7102 Vulnerability in Barracuda ESG

Focus Friday: TPRM Insights on Adobe ColdFusion, Joomla, Apache Superset, and NextCloud Vulnerabilities



Using Third-Party Risk Intelligence in Incident Response Strategy

Why You Need Continuous Monitoring To Reduce Risk

How To Get Information From Your Vendors on High-Profile Security Events With Black Kite’s FocusTags™

FOCUS FRIDAY: Enhancing TPRM Vigilance Against Critical Vulnerabilities in FortiOS, Symantec, RoundCube, and QNAP Systems

Downfall of a Digital Titan: The Global Sting That Toppled LockBit

FOCUS FRIDAY: Lockbit Shutdown Insights & ScreenConnect and Exchange Server Vulnerabilities



Is AlphV/BlackCat Staging its Own Death for a Rich Exit?

FOCUS FRIDAY: A TPRM Deep Dive into Outlook RCE and FortiClient EMS Vulnerabilities

Vendor Outreach Isn’t Always the Answer When a High-Profile Security Event Hits Your Cyber Ecosystem


Could TPRM Have Foreseen the XZ Utils (CVE-2024-3094) Crisis?

FOCUS FRIDAY: Enhancing TPRM Through Insight on the Critical XZ Utils Vulnerability

Turn Raw Risk Data into a Meaningful Risk Intelligence Report

FOCUS FRIDAY: A Comprehensive Analysis of CVE-2024-3400 and its Risks

FOCUS FRIDAY: Addressing the Sisense Client and CrushFTP Vulnerabilities: A TPRM Approach

The Alarming Rise of Ransomware: Understand the Growing Threat to Combat It

FOCUS FRIDAY: Addressing the HPE Aruba Networking Devices and Tinyproxy Vulnerabilities: A TPRM Approach

Our Key Takeaways From the 2024 Third-Party Breach Report

Decoding Ransomware: Perspectives from an Industry Insider

FOCUS FRIDAY: Addressing the Veeam SPC and Cacti Vulnerabilities: A TPRM Approach