SlideShare a Scribd company logo

Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022.pdf

E
Enterprise Insider

Businesses require better visibility into third-party risks to reduce third-party cyber risk and its possible consequences. This necessitates a thorough understanding of both the vendor and the cyber threat landscape.

Technology
1 of 2
Download to read offline
6/14/22, 2:53 PM Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022 https://itsecuritywire.com/featured/four-third-party-risk-cyber-gaps-that-businesses-need-to-be-aware-of-in-2022/ 1/2 Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022 Businesses require better visibility into third-party risks to reduce third-party cyber risk and its possible consequences. This necessitates a thorough understanding of both the vendor and the cyber threat landscape. If organizations do not address third-party risk, they will remain vulnerable. Today’s businesses don’t operate in isolation; instead, they collaborate with experts and suppliers to better their products and services. While this strategy has a lot of advantages, it also has a lot of drawbacks. Every organization in the digital supply chain faces cybersecurity threats if just one provider is unsure about information security. As a result, understanding existing third-party cybersecurity vulnerabilities is critical before deciding on the best method for managing third-party risk. Partnering with vendors can result in an expanded attack surface. There are numerous vulnerabilities associated with vendor relationships, so here are a few of the most important ones to be aware of. Unpatched and Vulnerable Technology One of the most common third-party cyber vulnerabilities is the use of unpatched technologies. These products are rarely updated, and the versions in use currently may contain multiple known vulnerabilities and exploits.  Businesses that handle production technology patching understand that their enterprises are impacted mainly by legacy resources with known cybersecurity flaws. On the other hand, the updated versions include significant enhancements and patches to data privacy and security flaws. Open Ports Ports are essential in the internet connection model since they allow for communication. Specific ports are used by internet services to receive and transfer data. By Prangya Pandab - June 13, 2022
6/14/22, 2:53 PM Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022 https://itsecuritywire.com/featured/four-third-party-risk-cyber-gaps-that-businesses-need-to-be-aware-of-in-2022/ 2/2 Developers use these file transfer protocols to transmit data between hosts and create encrypted tunnels between devices. Launching additional services on that port becomes difficult when a service uses a specific port. When security flaws allow attackers to exploit legitimate services or introduce harmful services through malware or social engineering, open ports represent a cybersecurity gap. By deploying such services on open ports, threat actors can get unauthorized access to sensitive data. Also Read: Addressing Multicloud Network Security with Proactive Network Object Management Third-Party Service Providers that are Not Known It is common for businesses to operate without being aware of their connected vendors, posing a serious cybersecurity risk. In a large company, with many suppliers, there will be ones that the company is unaware of, posing a considerable threat to the security controls. It’s obvious that if a company doesn’t know its third parties, it’s challenging to prevent cyber-attacks. Companies that fail to monitor their vendor relationships on a regular basis will be unable to identify any cybersecurity flaws that can be addressed in terms of Third-Party Risk Management (TPRM). Human Error In many vendor relationships, human error is a significant cybersecurity flaw. Most businesses overlook activities that could open doors for malicious software to enter their IT infrastructures. Exposed credentials and file sharing are the most common vulnerabilities related to human behavior. This can be a possibility If employees fail to use peer-to-peer exchange protocols while sharing media and software. As a result, the network can be more vulnerable to cyber-attacks such as malware infections.  For more such updates follow us on Google News ITsecuritywire News Prangya Pandab https://itsecuritywire.com/ Prangya Pandab is an Associate Editor with OnDot Media. She is a seasoned journalist with almost seven years of experience in the business news sector. Before joining ODM, she was a journalist with CNBC-TV18 for four years. She also had a brief stint with an infrastructure finance company working for their communications and branding vertical.

Recommended

Four Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdf
Four Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdfFour Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdf
Four Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdf
Enterprise Insider
 
Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023
K7 Computing Pvt Ltd
 
The Five Biggest Cyber Security Trends In 2022
The Five Biggest Cyber Security Trends In 2022The Five Biggest Cyber Security Trends In 2022
The Five Biggest Cyber Security Trends In 2022
Bernard Marr
 
How Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdfHow Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdf
Enterprise Insider
 
Why Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemWhy Cybersecurity is a Data Problem
Why Cybersecurity is a Data Problem
Bernard Marr
 
Three Key Ways OEMs Can Mitigate Their Cyber-Threat Risk.pdf
Three Key Ways OEMs Can Mitigate Their Cyber-Threat Risk.pdfThree Key Ways OEMs Can Mitigate Their Cyber-Threat Risk.pdf
Three Key Ways OEMs Can Mitigate Their Cyber-Threat Risk.pdf
Enterprise Insider
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrime
thinkwithniche
 
Corporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious GameCorporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious Game
Tatainteractive1
 

Recommended

Four Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdf
Four Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdfFour Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdf
Four Ways Businesses Can Secure Themselves from Digital Supply Chain Attacks.pdf
Enterprise Insider
 
Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023Top Security Threats to Look Out for in 2023
Top Security Threats to Look Out for in 2023
K7 Computing Pvt Ltd
 
The Five Biggest Cyber Security Trends In 2022
The Five Biggest Cyber Security Trends In 2022The Five Biggest Cyber Security Trends In 2022
The Five Biggest Cyber Security Trends In 2022
Bernard Marr
 
How Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdfHow Enterprises Can Strengthen Their Threat Detection and Response.pdf
How Enterprises Can Strengthen Their Threat Detection and Response.pdf
Enterprise Insider
 
Why Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemWhy Cybersecurity is a Data Problem
Why Cybersecurity is a Data Problem
Bernard Marr
 
Three Key Ways OEMs Can Mitigate Their Cyber-Threat Risk.pdf
Three Key Ways OEMs Can Mitigate Their Cyber-Threat Risk.pdfThree Key Ways OEMs Can Mitigate Their Cyber-Threat Risk.pdf
Three Key Ways OEMs Can Mitigate Their Cyber-Threat Risk.pdf
Enterprise Insider
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrime
thinkwithniche
 
Corporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious GameCorporate Cybersecurity: A Serious Game
Corporate Cybersecurity: A Serious Game
Tatainteractive1
 
Top 10 Methods to Prevent Cyber Attacks in 2023.pdf
Top 10 Methods to Prevent Cyber Attacks in 2023.pdfTop 10 Methods to Prevent Cyber Attacks in 2023.pdf
Top 10 Methods to Prevent Cyber Attacks in 2023.pdf
MobibizIndia1
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
Kumar Goud
 
Booz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of DirectorsBooz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen Hamilton
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
sraina2
 
3rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 20183rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 2018
NormShield
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
Mark Albala
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBs
GFI Software
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
ReadWrite
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
Erik Ginalick
 
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdfInsider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Enterprise Insider
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...
balejandre
 
For digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a mustFor digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a must
Grant Thornton LLP
 
Report on Rogue Security Software: a summary
Report on Rogue Security Software: a summaryReport on Rogue Security Software: a summary
Report on Rogue Security Software: a summary
Symantec Italia
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
Joseph White MPA CPM
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
Patrick Bouillaud
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDF
Ban Selvakumar
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
IT-Toolkits.org
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
IT-Toolkits.org
 
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Sarah Nirschl
 
Data Safety And Security
Data Safety And SecurityData Safety And Security
Data Safety And Security
Constantine Karbaliotis
 
Five Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdf
Five Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdfFive Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdf
Five Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdf
Enterprise Insider
 
Dark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdf
Dark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdfDark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdf
Dark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdf
Enterprise Insider
 

More Related Content

Similar to Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022.pdf

MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
Kumar Goud
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
sraina2
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
Mark Albala
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
ReadWrite
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
Erik Ginalick
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
Joseph White MPA CPM
 

Similar to Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022.pdf (20)

Top 10 Methods to Prevent Cyber Attacks in 2023.pdf
Top 10 Methods to Prevent Cyber Attacks in 2023.pdfTop 10 Methods to Prevent Cyber Attacks in 2023.pdf
Top 10 Methods to Prevent Cyber Attacks in 2023.pdf
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
 
Booz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of DirectorsBooz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of Directors
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
 
3rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 20183rd Part Cyber Risk Report - 2018
3rd Part Cyber Risk Report - 2018
 
Why is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economyWhy is cyber security a disruption in the digital economy
Why is cyber security a disruption in the digital economy
 
Security Threats for SMBs
Security Threats for SMBsSecurity Threats for SMBs
Security Threats for SMBs
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdfInsider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
Insider Threats_ Top Four Ways to Protect Enterprises - ITSecurityWire.pdf
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...
 
For digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a mustFor digital media companies, effective cybersecurity programs a must
For digital media companies, effective cybersecurity programs a must
 
Report on Rogue Security Software: a summary
Report on Rogue Security Software: a summaryReport on Rogue Security Software: a summary
Report on Rogue Security Software: a summary
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDF
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
 
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
 
Data Safety And Security
Data Safety And SecurityData Safety And Security
Data Safety And Security
 

More from Enterprise Insider

More from Enterprise Insider (20)

Five Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdf
Five Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdfFive Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdf
Five Essential Techniques to Prevent Data Leaks - ITSecurityWire.pdf
 
Dark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdf
Dark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdfDark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdf
Dark Data Management_ Mitigating the Risks of the Invisible - EnterpriseTalk.pdf
 
Tips to Overcome Integration Challenges of Modern Enterprises - EnterpriseTal...
Tips to Overcome Integration Challenges of Modern Enterprises - EnterpriseTal...Tips to Overcome Integration Challenges of Modern Enterprises - EnterpriseTal...
Tips to Overcome Integration Challenges of Modern Enterprises - EnterpriseTal...
 
Three Strategies for Fostering Teamwork in a Hybrid Setting.pdf
Three Strategies for Fostering Teamwork in a Hybrid Setting.pdfThree Strategies for Fostering Teamwork in a Hybrid Setting.pdf
Three Strategies for Fostering Teamwork in a Hybrid Setting.pdf
 
Communication is Key to Addressing Ransomware and Extortion.pdf
Communication is Key to Addressing Ransomware and Extortion.pdfCommunication is Key to Addressing Ransomware and Extortion.pdf
Communication is Key to Addressing Ransomware and Extortion.pdf
 
Addressing SaaS Security Challenges with Comprehensive SaaS Management - ITSe...
Addressing SaaS Security Challenges with Comprehensive SaaS Management - ITSe...Addressing SaaS Security Challenges with Comprehensive SaaS Management - ITSe...
Addressing SaaS Security Challenges with Comprehensive SaaS Management - ITSe...
 
Addressing Risks Associated with Extended Software Supply Chain - ITSecurityW...
Addressing Risks Associated with Extended Software Supply Chain - ITSecurityW...Addressing Risks Associated with Extended Software Supply Chain - ITSecurityW...
Addressing Risks Associated with Extended Software Supply Chain - ITSecurityW...
 
Why MLOps is Essential for AI-enabled Enterprises.pdf
Why MLOps is Essential for AI-enabled Enterprises.pdfWhy MLOps is Essential for AI-enabled Enterprises.pdf
Why MLOps is Essential for AI-enabled Enterprises.pdf
 
Why CISOs Need a New Approach to Enhance Attack Surface Visibility.pdf
Why CISOs Need a New Approach to Enhance Attack Surface Visibility.pdfWhy CISOs Need a New Approach to Enhance Attack Surface Visibility.pdf
Why CISOs Need a New Approach to Enhance Attack Surface Visibility.pdf
 
Indispensable Role Of CTOs and CIOs in Advancing Technological Change.pdf
Indispensable Role Of CTOs and CIOs in Advancing Technological Change.pdfIndispensable Role Of CTOs and CIOs in Advancing Technological Change.pdf
Indispensable Role Of CTOs and CIOs in Advancing Technological Change.pdf
 
Why Data-Centric Security Needs to be a Top Priority for Enterprises.pdf
Why Data-Centric Security Needs to be a Top Priority for Enterprises.pdfWhy Data-Centric Security Needs to be a Top Priority for Enterprises.pdf
Why Data-Centric Security Needs to be a Top Priority for Enterprises.pdf
 
Four Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdf
Four Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdfFour Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdf
Four Steps to Boosting Cybersecurity Hygiene - ITSecurityWire.pdf
 
Three Ways To Secure Cloud Migration.pdf
Three Ways To Secure Cloud Migration.pdfThree Ways To Secure Cloud Migration.pdf
Three Ways To Secure Cloud Migration.pdf
 
Five Strategies for Enterprises to Secure their Kubernetes Clusters.pdf
Five Strategies for Enterprises to Secure their Kubernetes Clusters.pdfFive Strategies for Enterprises to Secure their Kubernetes Clusters.pdf
Five Strategies for Enterprises to Secure their Kubernetes Clusters.pdf
 
Four Key Attributes of a Successful CISO.pdf
Four Key Attributes of a Successful CISO.pdfFour Key Attributes of a Successful CISO.pdf
Four Key Attributes of a Successful CISO.pdf
 
How an Inclusive C-Suite Changes Organization Perspective.pdf
How an Inclusive C-Suite Changes Organization Perspective.pdfHow an Inclusive C-Suite Changes Organization Perspective.pdf
How an Inclusive C-Suite Changes Organization Perspective.pdf
 
Strengthening Supply Chain Security Against Cyber-Attacks.pdf
Strengthening Supply Chain Security Against Cyber-Attacks.pdfStrengthening Supply Chain Security Against Cyber-Attacks.pdf
Strengthening Supply Chain Security Against Cyber-Attacks.pdf
 
Four Crucial Steps CISOs Should Consider During Uncertain Times.pdf
Four Crucial Steps CISOs Should Consider During Uncertain Times.pdfFour Crucial Steps CISOs Should Consider During Uncertain Times.pdf
Four Crucial Steps CISOs Should Consider During Uncertain Times.pdf
 
Key Success Factors for Digital Transformation.pdf
Key Success Factors for Digital Transformation.pdfKey Success Factors for Digital Transformation.pdf
Key Success Factors for Digital Transformation.pdf
 
The Productivity Myth_ How Modern Enterprises Are Getting Work Wrong.pdf
The Productivity Myth_ How Modern Enterprises Are Getting Work Wrong.pdfThe Productivity Myth_ How Modern Enterprises Are Getting Work Wrong.pdf
The Productivity Myth_ How Modern Enterprises Are Getting Work Wrong.pdf
 

Recently uploaded

Microsoft BitLocker Bypass Attack Method.pdf
Microsoft BitLocker Bypass Attack Method.pdfMicrosoft BitLocker Bypass Attack Method.pdf
Microsoft BitLocker Bypass Attack Method.pdf
Overkill Security
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
panagenda
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
VictorSzoltysek
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
FIDO Alliance
 

Recently uploaded (20)

Microsoft BitLocker Bypass Attack Method.pdf
Microsoft BitLocker Bypass Attack Method.pdfMicrosoft BitLocker Bypass Attack Method.pdf
Microsoft BitLocker Bypass Attack Method.pdf
 
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptx
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Generative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfGenerative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdf
 
WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024WebRTC and SIP not just audio and video @ OpenSIPS 2024
WebRTC and SIP not just audio and video @ OpenSIPS 2024
 
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
(Explainable) Data-Centric AI: what are you explaininhg, and to whom?
 
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
Event-Driven Architecture Masterclass: Engineering a Robust, High-performance...
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Introduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptxIntroduction to FIDO Authentication and Passkeys.pptx
Introduction to FIDO Authentication and Passkeys.pptx
 
AI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by AnitarajAI in Action: Real World Use Cases by Anitaraj
AI in Action: Real World Use Cases by Anitaraj
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development Companies
 
ADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptxADP Passwordless Journey Case Study.pptx
ADP Passwordless Journey Case Study.pptx
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
الأمن السيبراني - ما لا يسع للمستخدم جهله
الأمن السيبراني - ما لا يسع للمستخدم جهلهالأمن السيبراني - ما لا يسع للمستخدم جهله
الأمن السيبراني - ما لا يسع للمستخدم جهله
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
Microsoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - QuestionnaireMicrosoft CSP Briefing Pre-Engagement - Questionnaire
Microsoft CSP Briefing Pre-Engagement - Questionnaire
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 

Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022.pdf

  • 1. 6/14/22, 2:53 PM Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022 https://itsecuritywire.com/featured/four-third-party-risk-cyber-gaps-that-businesses-need-to-be-aware-of-in-2022/ 1/2 Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022 Businesses require better visibility into third-party risks to reduce third-party cyber risk and its possible consequences. This necessitates a thorough understanding of both the vendor and the cyber threat landscape. If organizations do not address third-party risk, they will remain vulnerable. Today’s businesses don’t operate in isolation; instead, they collaborate with experts and suppliers to better their products and services. While this strategy has a lot of advantages, it also has a lot of drawbacks. Every organization in the digital supply chain faces cybersecurity threats if just one provider is unsure about information security. As a result, understanding existing third-party cybersecurity vulnerabilities is critical before deciding on the best method for managing third-party risk. Partnering with vendors can result in an expanded attack surface. There are numerous vulnerabilities associated with vendor relationships, so here are a few of the most important ones to be aware of. Unpatched and Vulnerable Technology One of the most common third-party cyber vulnerabilities is the use of unpatched technologies. These products are rarely updated, and the versions in use currently may contain multiple known vulnerabilities and exploits.  Businesses that handle production technology patching understand that their enterprises are impacted mainly by legacy resources with known cybersecurity flaws. On the other hand, the updated versions include significant enhancements and patches to data privacy and security flaws. Open Ports Ports are essential in the internet connection model since they allow for communication. Specific ports are used by internet services to receive and transfer data. By Prangya Pandab - June 13, 2022
  • 2. 6/14/22, 2:53 PM Four Third-Party Risk Cyber Gaps that Businesses Need to be Aware of in 2022 https://itsecuritywire.com/featured/four-third-party-risk-cyber-gaps-that-businesses-need-to-be-aware-of-in-2022/ 2/2 Developers use these file transfer protocols to transmit data between hosts and create encrypted tunnels between devices. Launching additional services on that port becomes difficult when a service uses a specific port. When security flaws allow attackers to exploit legitimate services or introduce harmful services through malware or social engineering, open ports represent a cybersecurity gap. By deploying such services on open ports, threat actors can get unauthorized access to sensitive data. Also Read: Addressing Multicloud Network Security with Proactive Network Object Management Third-Party Service Providers that are Not Known It is common for businesses to operate without being aware of their connected vendors, posing a serious cybersecurity risk. In a large company, with many suppliers, there will be ones that the company is unaware of, posing a considerable threat to the security controls. It’s obvious that if a company doesn’t know its third parties, it’s challenging to prevent cyber-attacks. Companies that fail to monitor their vendor relationships on a regular basis will be unable to identify any cybersecurity flaws that can be addressed in terms of Third-Party Risk Management (TPRM). Human Error In many vendor relationships, human error is a significant cybersecurity flaw. Most businesses overlook activities that could open doors for malicious software to enter their IT infrastructures. Exposed credentials and file sharing are the most common vulnerabilities related to human behavior. This can be a possibility If employees fail to use peer-to-peer exchange protocols while sharing media and software. As a result, the network can be more vulnerable to cyber-attacks such as malware infections.  For more such updates follow us on Google News ITsecuritywire News Prangya Pandab https://itsecuritywire.com/ Prangya Pandab is an Associate Editor with OnDot Media. She is a seasoned journalist with almost seven years of experience in the business news sector. Before joining ODM, she was a journalist with CNBC-TV18 for four years. She also had a brief stint with an infrastructure finance company working for their communications and branding vertical.