The Higher Education Community Vendor Assessment Toolkit (HECVAT) has long served as the gold standard for third-party security evaluations in higher education. With the introduction of HECVAT 4.0, launching during Data Privacy Week in January 2025, institutions are...
The $8 million settlement in the Orrick security breach ranks among 2024’s most important data breach settlements. The case shows what it all means when companies don’t manage their third-party risk properly. Orrick LLP, a major law firm, faced a breach...
In 2023, 60% of healthcare data breaches were caused by third-party vendors, costing organizations an average of $10 million per incident. By 2024, the healthcare sector accounted for 28% of all third-party breaches across industries. These trends underscore the...
Private equity firms face unprecedented cybersecurity challenges as Boards of Directors demand direct accountability from management teams for security postures. Modern threat actors specifically target sensitive financial data through third-party vendors, creating...
Cyber-attacks on the US power grid have exposed a concerning weakness: third-party vendors who can access critical infrastructure systems. Security experts tracked 23 major cyber-attacks that targeted energy sector suppliers in 2023. These vendors now represent a...
