#Supplychain Archives

Majority of CISOs Report Third-Party Security Incidents with Compliance and Supply Chain Risk Management Implications

October 2, 2025October 2, 2025 by Thomas Canova

Third-party cybersecurity risk is no longer an emerging concern—it is a documented and escalating threat. A recent SecurityScorecard survey revealed that 71% of organizations experienced at least one material third-party cybersecurity incident in the past 12 months, with 5% reporting ten or more such events. Supporting data from the 2025 Verizon Data Breach Investigations Report … Read more

Third-Party Risk Management Needs to be part of an Organizations Continuous Improvement Program

June 20, 2025 by Thomas Canova

Third-Party Risk Management (TPRM) today prioritizes concerns of regulatory fines over strategy and operational directives for stronger security. By investing in a complete, targeted approach, organizations can elevate TPRM as an essential part of their security program strategies. Robust cybersecurity structures are critically important, and third-party risk management was once a vital component of these … Read more

US Treasury Cybersecurity Breach Highlights Growing Supply Chain Security Threats for 2025

January 8, 2025 by Thomas Canova

A recent cybersecurity breach at the US Department of the Treasury, attributed to a Chinese state-backed actor, has raised serious concerns about supply chain security risks. This incident, which was traced back to vulnerabilities in a third-party remote tech support service, underscores the vulnerabilities of technology supply chains and the growing threat they pose to … Read more

Other Pages

Quick Links