The U.S. federal government is telling the automotive industry to stop buying Chinese-manufactured hardware and software powering onboard telematics and automated driving systems, warning that the potential for nation-state hacking and espionage poses a national security risk.
Many important efforts by the Cybersecurity Infrastructure and Security Agency to help the healthcare sector and other critical infrastructure sectors bolster their cybersecurity are likely to continue under the incoming Trump administration, predicted CISA Deputy Director Nitin Natarajan.
To combat the rise in software supply chain attacks, Veracode has acquired Denver-area startup Phylum and its advanced tools to detect malicious open-source packages. The acquisition strengthens Veracode's software composition analysis offering and enables faster, more reliable threat mitigation.
The U.S. Treasury Department notified lawmakers Friday that the agency was the victim of a major cyberattack in which Chinese-linked hackers gained access to unclassified documents after gaining access to remote workstations through BeyondTrust - a third-party software provider.
One of the most important lessons emerging in 2024 for the healthcare sector is that entities should diligently prepare contingency plans for potential cyberattacks that seriously disrupt their critical third-party vendors, advises regulatory attorney Betsy Hodge of the law firm Akerman.
The integration of Tidelift into Sonar's ecosystem will enhance software supply chain security by using human-verified insights from maintainers of popular open source libraries. Developers can expect comprehensive tools to address vulnerabilities in first-party, AI-generated and third-party code.
As software complexities grow, supply chain security is now essential to application security, according to Sandeep Johri, Checkmarx CEO. Johri discusses the challenges of malicious code, adversarial AI and the market's call for consolidated security platforms.
The Food and Drug Administration is urging blood suppliers - a recent target of attacks - to bolster their cybersecurity practices to prevent and mitigate cyber incidents that could affect the supply and safety of critical blood and blood components used for transfusions and other patient care.
As organizations expand their reliance on interconnected systems and third-party services, the attack surface grows, exposing critical vulnerabilities in supply chains, APIs, and external-facing assets. Security leaders must understand and address these risks to safeguard operations and maintain resilience.
View this...
Major grocery store chains, Starbucks and other large organizations are experiencing disruptions following a ransomware attack against supply chain management service provider Blue Yonder. The provider said it is continuing to probe the attack and has no timeline for service restoration.
David Anderson's career began in banking and followed a path to the rapidly changing world of cyber insurance. Anderson, vice president of cyber liability at Woodruff Sawyer, shares how he built a practice rooted in transparency, trust and client education.
The Consumer Financial Protection Bureau's open banking ruling shifts liability burdens onto banks, amplifying their responsibilities for securing data shared with third-party fintechs. John Horn at Datos Insights explains the potential for third-party breaches.
Evolving global regulations and an increasing reliance on third parties are reshaping how organizations think about risk. As more goods and services are outsourced, businesses face rising privacy, security, compliance, and operational risks, making the effective management of third parties mission critical.
Given...
Organizations around the globe are using third parties to accomplish business goals, and those vendors have become integral to creating a wider reach for those companies. As a result, they also bring risk and potential security issues to their partners. That’s why it’s imperative for security teams to implement a...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
