%term

Third-party risk management: What's next | TrustTalks - Ep 35 | Security and GRC Podcast

Jul 20, 2025 By TrustCloud In TrustCloud

Akshay sits down with Paola to discuss Third-party risk management. Third-party risk isn’t just a security checkbox anymore, it’s becoming one of the most dynamic and high-stakes areas of enterprise risk. In this episode, we unpack where third-party risk management is headed: from static spreadsheets to real-time monitoring, from annual audits to AI-driven insights, and from compliance pressure to competitive advantage.

View Video

TrustCloud

Read more about Third-party risk management: What's next | TrustTalks - Ep 35 | Security and GRC Podcast

Navigating Cyber Threats in the Retail Sector

Jul 18, 2025 By Leigh Glasper, Director of Cyber Advisory In BlueVoyant

The UK retail sector stands at a critical crossroads. In a market where digital agility defines success and consumer trust can be won or lost in seconds, cyber security is no longer a back-office issue; it's a frontline brand priority. As malicious actors set their sights on retail's digital backbone from Point-of-Sale systems to complex supply chain networks, the potential for disruption has never been more tangible.

Read Post

BlueVoyant

Read more about Navigating Cyber Threats in the Retail Sector

How does Fidelis NDR Delivers Proactive Asset Risk Mitigation?

Jul 18, 2025 By Fidelis Security In Fidelis Security

Organizations operating in sprawling, hybrid IT environments often lack complete visibility into all assets and their communication patterns. This gap creates blind spots where vulnerabilities go undetected, third-party components remain unpatched, and unauthorized lateral movement can occur without raising alarms.

Read Post

Fidelis Security

Read more about How does Fidelis NDR Delivers Proactive Asset Risk Mitigation?

Vanta Acquires Riskey to Transform Vendor Risk with Continuous, AI-Powered Monitoring

Jul 17, 2025 By Vanta In Vanta

Vanta announces the acquisition of Riskey, a pioneer in real-time third- and fourth-party risk monitoring. The addition of Riskey's technology into Vanta Vendor Risk Management (VRM) significantly advances Vanta's capabilities in supporting security teams with an automated approach to VRM - replacing static point-in-time assessments with continuous, AI-driven risk intelligence.

Read Post

Vanta

Read more about Vanta Acquires Riskey to Transform Vendor Risk with Continuous, AI-Powered Monitoring

Why You Should Care About Vendors Using AI Products, and How Bitsight Helps You Find Out

Jul 17, 2025 By Chris Klinchik In BitSight

Artificial intelligence—it’s a term you’ve likely encountered more than once today, and this won’t be the last. And while it reshapes how businesses operate, it’s also introducing new risks. As organizations embrace AI-powered tools for efficiency and innovation, it becomes essential to understand what technologies your vendors rely on, and what those choices mean for your cybersecurity posture.

Read Post

BitSight

Read more about Why You Should Care About Vendors Using AI Products, and How Bitsight Helps You Find Out

Supercharging Vendor Risk Management: Vanta acquires Riskey

Jul 17, 2025 By Vanta In Vanta

Today, we're taking a big step toward making trust management even easier for our customers: Vanta has acquired Riskey, a company leading the way in real-time third-party risk monitoring. Their continuous vendor monitoring and alerting will soon be part of Vanta’s Vendor Risk Management product. ‍ Managing vendor risk is more important than ever.

Read Post

Vanta

Read more about Supercharging Vendor Risk Management: Vanta acquires Riskey

Best Practices for Aggregating and Normalizing Exposure Data

Jul 17, 2025 By Adam Dudley In Nucleus

In our first article exploring vulnerability management vs. exposure management, we explored the growing recognition that exposure management is not just a rebranding of vulnerability management. Rather, it’s a strategic evolution. Where traditional vulnerability management often focuses narrowly on CVEs and technical severity, exposure management demands a broader, more integrated understanding of risk across assets, environments, and attack vectors.

Read Post

Nucleus

Read more about Best Practices for Aggregating and Normalizing Exposure Data

On the Move: Fast Flux in the Modern Threat Landscape

Jul 15, 2025 By João Godinho In BitSight

This report details an investigation into a Fast Flux network observed in 2024. It covers the technical details of the network, its observable infrastructure, the malware associated with it, and its presence on the dark web.

Read Post

BitSight

Read more about On the Move: Fast Flux in the Modern Threat Landscape

Quantifying Cyber Risk Appetite: A Framework for Decision-Making

Jul 15, 2025 By Kovrr In Kovrr

‍

Read Post

Kovrr

Read more about Quantifying Cyber Risk Appetite: A Framework for Decision-Making

What the Latest Mega Breaches Teach Us About Cybersecurity Board Reporting

Jul 15, 2025 By Kovrr In Kovrr

‍ ‍ ‍Both the Marks & Spencer ransomware attack and the Qantas breach dominated headlines for weeks, each exposing serious lapses in how data and risk were managed at the organizational level. But within the cybersecurity community, the response took a different turn. Unlike with other commentary post-cyber incidents, the focus quickly moved away from compromised systems and toward something more structural. These weren’t framed as technical breakdowns.

Read Post