The Higher Education Community Vendor Assessment Toolkit (HECVAT) has long served as the gold standard for third-party security evaluations in higher education. With the introduction of HECVAT 4.0, launching during Data Privacy Week in January 2025, institutions are...
Critical security vulnerabilities plague more than 80,000 Electric Vehicle charging stations throughout Europe and North America, creating unprecedented risks for infrastructure operators. These systemic weaknesses extend beyond individual charging points, threatening...
The $8 million settlement in the Orrick security breach ranks among 2024’s most important data breach settlements. The case shows what it all means when companies don’t manage their third-party risk properly. Orrick LLP, a major law firm, faced a breach...
In 2023, 60% of healthcare data breaches were caused by third-party vendors, costing organizations an average of $10 million per incident. By 2024, the healthcare sector accounted for 28% of all third-party breaches across industries. These trends underscore the...
Cyber-attacks on the US power grid have exposed a concerning weakness: third-party vendors who can access critical infrastructure systems. Security experts tracked 23 major cyber-attacks that targeted energy sector suppliers in 2023. These vendors now represent a...
How big is your company’s attack surface? An organization must audit its third-party vendors for that question to be answered. The attack surface expands when organizations bring in a third-party vendor. More than half — 60% — of organizations work with more than...
