Black Kite Blog
No More Best Practice
‘We’ve always done it that way’ is no longer justifiable in a world of constant changes and modern cyber risk. Cut best practice, for the better.
Jan 19, 2023Do You Sbom [software Bill of Materials], Brah?
SBOMs have gotten increased focus due to a high-profile software vulnerabilities - why is this the new most important thing to focus on?
Jan 12, 2023Do Your Executives Really Understand the Risk of Cybersecurity in Your Supply Chain?
Executives need to understand cybersecurity as a quantifiable business risk. It’s important – let’s shift the conversation to why it's important.
Jan 6, 2023A Simple Approach to Prioritizing Cyber Risk in Your Third-party Relationships
Managing third parties is time consuming and a bit overwhelming – what’s the best place to start when determining where your greatest risks lie?
Dec 23, 2022Who Owns Cybersecurity in Supply Chain Risk Management?
Who owns cybersecurity in supply chain risk management? Jeffrey Wheatman on the IT GRC Forum debate, panelist perspectives, and where accountability lands.
Dec 19, 2022Third-party Cyber Risk: a Guide to Your First Steps in Managing It
A crucial step in protecting your company is understanding the risks that your third-party vendors bring to the table. Let Black Kite kickstart your process.
Dec 12, 2022Don’t Let Chaos Bring You Down
During an economic downturn, bad guys are constantly looking for ways to attack during a distraction. How can you stay vigilant during noisy chaos?
Dec 5, 2022What Is a Brute Force Attack (and How Can You Prevent It)?
What is a brute force attack and how can you prevent it? Black Kite on the password attacks attackers actually use — and the controls that stop them.
Nov 21, 2022I Like Cheese – Please Stop Talking About Cost Cutting – Instead Focus on Cost Optimization
Cost cutting frequently results in dropping controls or tools and ends in losing layers of protection – how can we prioritize cost optimization?
Nov 11, 2022Phishing: History, Statistics, and Prevention
Thousands of individuals are targeted every day with phishing attempts: what is it and what can you and your company do about it?
Nov 9, 2022What Is the Difference Between Vrm, TPRM, and Supply Chain Risk Management?
Labeling risk takes a back seat to properly addressing the risk itself, but while we’re here, let's explore the nuances of what third party risk really is.
Nov 4, 2022Time to Revamp Your Typical Password Strategy
Common passwords makes it easy for threat actors to complete credential stuffing attacks – let’s make the job more difficult and take it up a notch.
Oct 26, 2022