All Posts Deep Web and Black Market Cybersecurity with Artificial Intelligence in 10 Questions Cyber Insurance; 7 Questions To Ask About Cyber Security Are Bitcoin Exchange Sites Safe? Cybersecurity Technology Summit 3rd Party Risk Management Are your assets at risk of being victimized or weaponized in a Memcached DDoS attack? General Data Protection Regulation (GDPR) and Cyber Insurance Did we accomplish to hack Hawking’s brain? Looking at cyber security from Hawking’s view Malicious JavaScripts: How Can You Get Hacked? Cyber Security Services: Do Companies Really Need Them? How hackers leverage your IP addresses? IP Reputation as a Cyber Risk Assessment Metric SIM Connect Annual Conference Which One is More Secure: Banks or Cryptocurrency Exchange Markets? Is Your Website Ready for GDPR? Add Your IoT Devices to your Third-Party Cyber Risk Assessments Supply Chain Cyber Risk are Finally Part of the NIST Cybersecurity Framework! Are You Ready for Hackers Incoming Supply-Chain Attacks? 2018 Guide to Select 3rd Party Cyber-Risk Assessment Tool What is Patch Management? Have you patched your holes? 6 Simple Things for Patch Management Artificial Intelligence for Cyber Security 3.8 Billion Stolen Credentials are out there! How about yours? Outsmart Your Hackers Lesson from TicketMaster Breach: CDN Security of third-party suppliers How Strong is Your SSL/TLS? 6 Simple Steps to Make it Stronger 3rd Party Vendors of Healthcare Providers Must Meet HIPAA Regulations Third-Party Risk Management from COBIT’s perspective Do You Monitor Your Suppliers? ISO/IEC 27001 Regulations Say You Should How to Prevent Software Supply-Chain Attacks Your company accounts may be breached. Find out with Free Account Breach Search. British Airways Breach: Is it a third-party attack? Free GDPR Compliance Checker Major Third-Party Breaches Revealed in September 2018 Check Whether Your IP Assets Are Blacklisted Or Not For Free Open Invitation to Hackers: Misconfigured Cloud Servers Reduce Your Cyber Exposure to Mitigate Your Cyber Risk Major third-party breaches revealed in October 2018 Third-Party Attack on Cryptocurrency Exchange Gate.io Black Friday Special: Potential Phishing Sites Have Quadrupled in The Last 6 Months Are There Any Domains Impersonating Your Company For Phishing? Major Third-Party Breaches Revealed in November 2018 More Than 1,300 Potential Phishing Domains That Impersonate Major Airlines Were Registered This Year Hold Your Annual Reports for Late Massive Data Breaches; Quora and Marriott Black Kite Recognized on The 10 Most Promising Cybersecurity Solution Providers List An Attack on 3rd-Party Advertising Company Increased Cyber Risk of European E-Commerce Sites Popular Video-Sharing Platform Hit by Credential-Stuffing Attack Major Third-party Breaches Revealed in January 2019 Black Kite Takes on Our First-Ever Seed Round of VC Funding Black Kite Launches Industry-First Rapid Cyber Risk Scorecard SUPPLY WISDOM AND BLACK KITE PARTNER TO ENHANCE CYBERSECURITY COVERAGE Fastest Growing Companies Keep Pace Managing Cyber Risk, but Blind Spots Remain According to Black Kite Cyber Risk Scorecard Research DVV Solutions Enhances its Third-Party Cyber Risk Capabilities with Black Kite’s Scorecards How To Measure What Hackers Know About You Black Kite Research Finds Presidential Candidates Making The Most of Cybersecurity Investments Major Third-party Breaches Revealed in May 2019 GitHub Account of Canonical (Ubuntu Maker) Hacked; Cyber Risk & Third-Party Code-Sharing Sites Major Third-party Breaches Revealed in June 2019 Steps to Mitigate What Happened in The Capital One Data Breach Black Kite is Sponsoring The Wicked6 New Potential Phishing Domains Targeting Top 50 Banks Rise 14% in First Half of 2019, New Black Kite Research Finds Health Institutions Suffer Third-Party Data Breaches Exposing Millions of Patient Records: How Can You Protect Against Another Breach? State Election Commissions Facing and Fighting Mounting Cyber Challenges, New Black Kite Research Finds Major Third-Party Data Breaches Revealed in August 2019 Election Report: Educating about Cyber Risk Assessment By 2020, More Than 3,500 New Phishing Domains will be Active, Targeting 50 Major Banks Black Kite Enables Organizations to Calculate Potential Financial Impact of Cyber Attacks on Suppliers and Partners Major Third-Party Data Breaches Revealed in September 2019 Open Banking and Cyber Security in 10 Questions Misconfigured Server by the Third Party Vendor Exposed 2.8 Million Customer Records Major Third-Party Data Breaches Revealed in October 2019 SCAM Alert: Consumers Need to Watch Out This Holiday Season – The Number of Fake E-Commerce Sites is Spiking Patricia Titus, Markel’s Chief Privacy and Information Security Officer Joins Black Kite Board of Directors How to integrate Black Kite’s FAIR analysis into a third-party risk management (TPRM) program VendorInsight and Black Kite Announce Partnership to Provide Advanced Cybersecurity Monitoring Services Maturing a third-party risk management program using the FAIR model to improve due diligence and action plans The intertwined relationship between credit ratings and cyber risk scores after the downgrade of Equifax’s rating by Moody’s Major Third-Party Data Breaches Revealed in November 2019 Number of possible phishing domain rises towards the end of 2018 Another Bucket Leak: Third-Party PR Firm Serving Top-Name Brands Exposed Customers’ Data Pentest vs. Security Rating Services What exactly does the term RISK mean to you? Major Third-Party Data Breaches Revealed in December 2019 Top Ten Data Breaches Caused by a Third Party in the Last Decade Cyber Nightmares of 2019: The Breach, The Fine and The Reputation 5 Takeaways from 2019 Third-Party Breaches Third-Party Leaks Birth Certificates: Over 750,000 records exposed Major Third-Party Data Breaches Revealed in January 2020 Monitoring third-parties continuously: A NIST Perspective What is “Third Party” in Third-Party Risk Management? What is “Cyber Risk” in Third-Party Risk Management? Major Third-Party Data Breaches Revealed in February 2020 A CCPA Perspective into Third-Party Risk Management A message from our CEO What is Your Risk-Based Approach to Third-Party Risk Management? Major Third-Party Data Breaches Revealed in March 2020 Shady Websites Pushing Pharmaceuticals Trying to Capitalize on COVID-19 Fears How do online meeting tools respond to increasing security and privacy issues? The Cyber Security Posture of VPN Vendors Major Third-Party Data Breaches Revealed in April 2020 Cybercriminals Prey on Healthcare Workers Cyber Security Concerns as the World Begins to Re-Open Major Third-Party Data Breaches Revealed in May 2020 The Breach, The Fine & More: A Third-Party Perspective into GDPR Why a Ticketing System is Critical to Third-Party Risk Management A Guide to fix your Cyber Rating? Here’s the Black Kite Strategy Report Major Third-Party Data Breaches Revealed in June 2020 Why Transparent Grading Matters in Security Rating Services? Twitter Cyber Attack What You Need to Know Today About the Cyber Posture of Remote Collaboration Tools Why Patch Management Matters Major Third-Party Data Breaches Revealed in July 2020 Managing Risk in a Supply Chain HIPAA Basics for Third Parties in Healthcare Third-Party Cyber Risk with AI Major Third-Party Data Breaches Revealed in August 2020 Major Third-Party Data Breaches Revealed in September 2020 Black Kite Secures $7.5 Million in Series A Funding 10 Questions to Ask When Securing Your Supply Chain Why Bother with Third Party Cyber Risk Management at All? What a Good Vendor Risk Management Program Looks like in 2020 Major Third-Party Data Breaches Revealed in October 2020 – Part 1 Major Third-Party Data Breaches Revealed in October 2020 – Part 2 Patched your network recently? The growing risk on IT Vendors Growing Ransomware Risk on Third Parties Major Third-Party Data Breaches Revealed in November 2020 A Tale of Two Threats What Was “Not Surprising” About the Recent Government-Targeted Attacks Major Third-Party Data Breaches Revealed in December 2020 Cyber Risk Ratings Leader NormShield Rebrands to “Black Kite” SolarWinds Breach – Gray Rhino or Black Swan? 5 Lessons Learned from the Largest Third-Party Breaches in 2020 Major Third-Party Data Breaches Revealed in January 2021 Are Security Rating Services Really Worth it for SMBs? Why Reputational Risk Matters Regardless of Company Size Accellion: Another Data Breach, Defined Black Kite Partners with Templar Shield to Expand Availability of Third-Party Risk Management and Cyber Risk Ratings Services Major Third-Party Data Breaches Revealed in February 2021 Qualys & Accellion: The Third-Party Breach Ripple Effect Credit Union Industry Risks Significant Financial Impact Due to Cybersecurity Vulnerabilities Behind the Screen: Meet 5 of the Most Notorious Ransomware Groups Five Reasons Why Supply Chains Need Security Monitoring Making the Case for Automation: Vendor Questionnaires & Compliance Mapping Major Third-Party Data Breaches in March 2021: Airlines, Healthcare & More Take a Hit Do’s & Don’ts for Revamping Your Cybersecurity Playbook Seven Sins in Enterprise Cybersecurity That Will Cost You More in the Long Run Missed Signals: How the Ransomware Attack on Apple’s Supplier Could Have Been Detected Sooner Why Cybersecurity is a Business Issue (Not Just an IT Issue) The “Whac-A-Mole” Game Between Cybercriminals and Security Teams Top Five Third-Party Breaches in April 2021: Hackers Bite from Apple, Airlines Hit Turbulence & More A Preview of the 2021 Manufacturing Risk Pulse: Consumer Packaged Goods Three Assumptions You Should Never Make About Ransomware How Protected Are You Against Ransomware? The Latest Third-Party Data Breach Updates: May 2021 How to Create an Effective Cyber Incident Response Plan Four Cybersecurity Tips for Navigating to a Hybrid Work Environment The Most Common Cybersecurity Threats Facing Supply Chains in 2021 Ransomware Day Strikes Again: What Kaseya Should Teach Us The Top Five Third-Party Data Breaches in June 2021, Revealed SIMPLIFYING VENDOR RISK ASSESSMENTS, PART I: Designing Your VRA Roadmap SIMPLIFYING VENDOR SECURITY ASSESSMENTS, PART II: Questions to Ask Along the Road Inside the Mind of a Cybercriminal: Common Hacking Methods, Explained Third-Party Data Breaches in July 2021, Revealed: Ransomware Continues Its Reign T-Mobile Hacked 6 Times in Last 4 Years Ransomware Attacks Against the Fortune 500: Lessons Learned from Accenture Understand Supply Chain Risk Susceptibility to Prevent New Microsoft Exchange Server Ransomware Attacks Healthcare Ransomware Attack Led to Cancelled Surgeries and Diverted Patients – What is Next? Over 40 Million Consumers Affected by the Top Third-Party Data Breaches in August 2021 The Human Firewall: Why Employees Play a Critical Role in Cyber Risk Management Four Ways Automation Can Transform Your Third-Party Cyber Risk Management Strategy The Secret to Ransomware Risk Management in 2021 What You Need to Know About Maturing Your Third-Party Risk Management Program Tired of Guessing Whether Your IP Addresses Are Blacklisted? What is Patch Management, and How Does it Impact Cyber Risk Management? Why Supply Chain Risk Assessments are Critical to Cybersecurity What is Phishing? Tips to Identify and Prevent Cyber Scams CYBER RISK IN FINANCIAL TERMS: WHY FAIR IS THE GOLD STANDARD FBI Issues Ransomware Warning for Mergers and Acquisitions 1.2 Million Customer Records Leaked in GoDaddy Data Breach Are Your Third Parties PCI-Compliant? New Year’s Resolutions for 2022: Cyber Risk Learnings Reputational Cyber Risk – How to Avoid Business Loss Devil in the Details: How to Address Third-Party Risks CMMC 2.0: Compliance Made Simpler for DoD Contractors Ciox Health breach impacts 30+ institutions: Why does healthcare continue to be targeted in 2022? Data Breach Access Points Hide in the Digital Supply Chain 5 Ways Automation is Revolutionizing Third Party Risk Management Understanding the NIST 800-160 SP 1.1 Draft Controls without enforcement: Is Zero Trust possible? New Federal Cybersecurity Legislation Aimed at Protecting Critical Infrastructure Third-Party Risk Management & Cyber News The CIA Triad: A Key Part of Your Cyber Security Program Strong Cybersecurity Talent: The Biggest Need for Companies in 2022 Seven Questions to Ask When Assessing Security Rating Services Third-Party Risk Management: A Tool or a Process? Prioritizing Third Party Risk Intelligence in a Managed Services Package What should cyber security’s role in sourcing and procurement be? Due Diligence 5-Step Checklist Have You Built a Password Fortress? – Risky Passwords of 2022 2022 Key Third-Party Breaches: Healthcare Still At Major Risk Defend Cybersecurity Investment Amidst an Economic Downturn Spotlight on the Gramm-Leach-Bliley Act (GLBA) Expert Insights: U.S. Federal Government Risk in 2022 Cybersecurity Rating vs. Penetration Testing (Pen Test) CISO on the Road with Bob Maley Do GRC Requirements Truly Reduce Risk? Why Context Matters in Security Metrics How to prioritize security when executives are focused on business growth It’s Time to Make Multi-Factor Authentication (MFA) Part of Your Daily Routine Should Operational Security Be Discussed With the Board? Software Updates Are Not Optional How to Conduct Cost Optimization and Remain Cyber Safe During an Economic Downturn Time to Revamp Your Typical Password Strategy What is the difference between VRM, TPRM, and Supply Chain Risk Management? Phishing: History, Statistics, and Prevention I Like Cheese – Please Stop Talking About Cost Cutting – Instead Focus On Cost Optimization What Is a Brute Force Attack (And How Can You Prevent It)? Predictions, Prognostications, and Prophecies for 2023 That Will Absolutely Not Be True Don’t Let Chaos Bring You Down Third-Party Cyber Risk: A Guide to Your First Steps in Managing It Who Owns Cybersecurity in Supply Chain Risk Management? A Simple Approach to Prioritizing Cyber Risk in Your Third-Party Relationships Do Your Executives Really Understand the Risk of Cybersecurity in Your Supply Chain? Do You Sbom [Software Bill of Materials], Brah? No More Best Practice Don’t Ignore the Smaller Partners in Your Third-Party Risk Ecosystem Third Party Breach Report Commentary from Jeffrey Wheatman Risk and Reels Goes Live – Hear From Jeffrey Wheatman on Starting a Podcast The Three Most Common Ways Bad Actors Target Your Digital Supply Chain Are Cuts Inevitable, or is Cybersecurity Recession Proof? What is Third-Party Cyber Risk? What is a Third-Party Risk Assessment, and Why Do They Matter? DORA is top of mind, and we aren’t talking about the Explorer What is HECVAT and how is Black Kite leveraging automation to transform the VRM process? How Does Black Kite Calculate Cybersecurity Ratings? Cascading and Concentration Risk: How do they impact your digital supply chain? Why Cyber Risk Quantification Is the New ‘Best Practice’ 5 Reasons Cyber Insurance Underwriters Need Security Ratings Fortune 500 CISO Patricia Titus Talks About Enabling Change in Cybersecurity Black Kite Recognized as a Strong Performer in Gartner® Peer Insights™ & Customers’ Choice in North America Segment Why Traditional Third-Party Risk Management Programs Aren’t Cutting It Ransomware Trends 2023: The Who, What, and Why Beyond Ransomware: The (Non-Ransom) Effects of Ransomware Why Your Entire Company Should Help Build Your Third-Party Risk Management Program Should I Talk to My Vendors About Their Cyber Posture? The History of Ransomware: Where It’s Been and Where It’s Going How to Respond a Data Breach in Your Supply Chain Black Kite Review: RSAC 2023 The Evolution of Artificial Intelligence and Cyber Risk Introducing Black Kite’s New FAIR Model Scenarios – Ransomware and Business Interruption The Impact of AI on Cybersecurity Know Your Risk: Social Engineering and Cybersecurity The Unique Risks Small Businesses Face Using Third-Party Vendors Leveraging Black Kite for Compliance with OSFI’s TPRM Guidelines The Truth About Security Ratings — And How To Improve Them What is Machine Learning and How Does Black Kite Use It? How Are Threat Actors Leveraging AI Tools in Their Attacks? Final Rule: SEC to Require Companies to Report Breaches in 4 Days What Is Cyber Risk Intelligence? What You Need To Know About the Different Types of Hackers Do Third-Party Cyber Risk Management the “Right Way” — and Save on Costs Top 10 Ways Threat Actors Are Targeting Companies in 2023 What Is Cyber Resilience? How the Black Kite Parser Aids Procurement and Compliance Management What is a Cyber Ecosystem? Transmit Security CIO David Mahdi Talks Cybersecurity Standards Mitigating the Storm: Vendor Risk Management Amidst the Recent Cisco IOS XE Web UI Vulnerability (CVE-2023-20198) What Makes Black Kite the Cyber Risk Intelligence Solution of Choice