Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In late July 2024, the US Cybersecurity and Infrastructure Security Agency (CISA) added two critical vulnerabilities (CVE-2024-4789 and CVE-2024-5217) affecting ServiceNow to its list of known exploited vulnerabilities. These vulnerabilities can allow unauthenticated users to execute code remotely, posing severe risks to organizations that use the platform. The potential for unauthorized access and severe data breaches makes addressing these vulnerabilities crucial.

Vendor risk monitoring is the process of continuously identifying, assessing, and managing security risks associated with third-party vendors. This effort is crucial to a successful Vendor Risk Management program as it ensures an organization’s third-party risk exposures remain within acceptable levels throughout each vendor's lifecycle.

The effectiveness of your entire Vendor Risk Management program is contingent on your vendor risk monitoring capabilities. Insufficient vendor security monitoring that fails to detect cyber risks during onboarding or any new cybersecurity risks throughout the vendor lifecycle will inevitably emerge later on as a major breach risk. To help you choose a vendor risk monitoring solution that will maximize your VRM investment, this post ranks the top eight vendor monitoring platforms on the market in 2024.

In 2024, the Australian government introduced PSPF Direction 001-2024 in recognition of the potential threats posed by Foreign Ownership, Control, or Influence (FOCI) on technology assets and GovTech (government technology operations). As part of the Protective Security Policy Framework (PSPF), PSPF 001-2024 is a crucial step in evaluating and mitigating cyber risks associated with foreign interference in the procurement and maintenance of technology assets.