Manejar estos riesgos implica identificar vulnerabilidades, monitorear las prácticas de seguridad de los proveedores y abordar las posibles amenazas antes de que se agraven. En este artículo, exploraremos los fundamentos de la gestión de riesgos cibernéticos de terceros, destacaremos los tipos de riesgos que enfrentan las empresas y analizaremos por qué cada industria debe adoptar un enfoque proactivo para proteger su ecosistema de proveedores.

¿Qué es TPRM / TPCRM?

La gestión de riesgos cibernéticos de terceros es la práctica de identificar, monitorear y mitigar los riesgos de ciberseguridad introducidos por proveedores externos, suministradores o prestadores de servicios. Estos terceros suelen tener acceso a sistemas críticos, datos propietarios e información sensible de clientes, lo que los convierte en una posible puerta de entrada para amenazas cibernéticas.

Por ejemplo, muchas organizaciones utilizan proveedores externos de almacenamiento en la nube para manejar datos sensibles. Si los protocolos de seguridad del proveedor son débiles, una brecha de seguridad podría comprometer no solo sus sistemas, sino también a las empresas que atienden. De manera similar, externalizar el soporte de TI puede agilizar las operaciones, pero también puede introducir riesgos si esos proveedores no implementan medidas de seguridad adecuadas.

El objetivo de TPRM  es abordar de manera proactiva estos riesgos antes de que se conviertan en incidentes costosos. Esto implica evaluar las prácticas de ciberseguridad de los terceros, garantizar el cumplimiento de los estándares relevantes y establecer protocolos claros de respuesta a incidentes. Sin este nivel de rigor, las empresas están, en esencia, apostando con su propia seguridad.

Funciones Clave de la Gestión de Riesgos Cibernéticos de Terceros

• Evaluación de Riesgos: Evaluar el impacto potencial y la probabilidad de las vulnerabilidades de terceros.
• Monitoreo Continuo: Supervisar las prácticas de seguridad de los proveedores para detectar riesgos emergentes.
• Acuerdos con Proveedores: Establecer requisitos de seguridad en los contratos para definir expectativas claras.
• Plan de Remediación: Proveer orientación con instrucciones paso a paso, priorización de acciones, estrategias de mitigación y enfoques detallados para abordar los riesgos e incidentes identificados.

Comprender e implementar la gestión de riesgos cibernéticos de terceros no es solo una buena práctica, sino una imperativa empresarial.

Tipos de Riesgos Cibernéticos en las Relaciones con Terceros

Las empresas enfrentan numerosos riesgos cibernéticos al trabajar con proveedores externos, a menudo porque estos socios no siempre comparten los mismos estándares de seguridad rigurosos. Comprender estos riesgos es el primer paso para mitigarlos. A continuación, se presentan los tipos más comunes de riesgos cibernéticos asociados con las relaciones con terceros:

1. Compromiso de Datos

Los terceros a menudo manejan datos sensibles de clientes, empleados o de la propia empresa. Si los sistemas de seguridad de un proveedor se ven comprometidos, los atacantes pueden aprovechar su acceso para infiltrarse en su red.

• Ejemplo: En la brecha de MOVEit de 2023, los atacantes explotaron una vulnerabilidad en el software de transferencia de archivos utilizado por numerosas organizaciones, obteniendo acceso no autorizado a datos sensibles de clientes y empresas, lo que resultó en una exposición masiva de datos.
• Impacto: Pérdidas financieras, responsabilidad legal y daño reputacional.

2. Interrupciones del Servicio

Si un proveedor es víctima de un ciberataque, sus sistemas podrían quedar inoperativos, afectando las operaciones de su empresa.

• Ejemplo: Un ataque de Denegación de Servicio Distribuido (DDoS) a un proveedor de servicios en la nube podría dejar fuera de servicio sistemas críticos durante horas o incluso días.
• Impacto: Pérdida de productividad, ingresos no percibidos y daño a la confianza de los clientes.

3. Incumplimiento de Regulaciones Normativas

Regulaciones como el GDPR, HIPAA, DORA y NIS2 responsabilizan a las empresas por la protección de los datos, incluso si son gestionados por terceros.

• Ejemplo: Un proveedor de servicios de salud que utilice un tercero que no cumpla con HIPAA podría enfrentarse a multas significativas si los datos de los pacientes se ven comprometidos.
• Impacto: Sanciones regulatorias y un mayor escrutinio por parte de los auditores.

4. Robo de Propiedad Intelectual

Los terceros con acceso a información propietaria, como diseños de productos o secretos comerciales, pueden exponerla inadvertidamente debido a medidas de seguridad débiles.

• Ejemplo: Los archivos de diseño de una empresa manufacturera podrían ser robados a través de la red comprometida de un proveedor, lo que podría resultar en productos falsificados en el mercado.
• Impacto: Pérdida de ventaja competitiva y posibles disputas legales.

5. Ataques a la Cadena de Suministro

Los ciberdelincuentes suelen atacar a los proveedores para infiltrarse en los sistemas de sus clientes, aprovechando la confianza entre ambas partes.

• Ejemplo: En 2021, el ataque de ransomware a Kaseya apuntó a un proveedor de software de gestión de TI ampliamente utilizado. Los atacantes explotaron vulnerabilidades en el sistema del proveedor para desplegar ransomware en cientos de clientes del proveedor, afectando a empresas a nivel mundial, incluidas escuelas, hospitales y cadenas minoristas.
• Impacto: Disrupciones operativas generalizadas, pérdidas financieras por pagos de rescates y tiempos de inactividad significativos para las organizaciones afectadas.

La Solución de Sling para TPRCM

Gestionar eficazmente los riesgos cibernéticos de terceros requiere herramientas sofisticadas y un enfoque proactivo. Sling ofrece una solución integral adaptada a las complejidades de las redes de proveedores modernas, proporcionando a las organizaciones las herramientas necesarias para adelantarse a las amenazas.

1. Puntuación de Riesgo Propietaria

La plataforma de Sling utiliza algoritmos avanzados para calcular un puntaje único de Sling para cada tercero, combinando múltiples puntos de datos para crear un perfil de riesgo integral.

• Entradas Clave:
  • Informes completos y detallados sobre los riesgos asociados al conjunto completo de componentes del portafolio y los riesgos específicos introducidos por cada empresa, con un análisis priorizado de los problemas críticos.
  • Análisis de las vulnerabilidades de los activos.
  • Hallazgos de datos de la Darknet relacionados con posibles ataques.
• Beneficio: Las organizaciones obtienen una comprensión clara de sus relaciones con terceros más vulnerables y pueden priorizar los esfuerzos de remediación en consecuencia.

2. Monitoreo Continuo

Sling proporciona visibilidad en tiempo real sobre las prácticas de seguridad de los proveedores externos, asegurando que cualquier riesgo emergente sea detectado a tiempo.

• Características:
  • Alertas automatizadas para problemas de riesgo o incumplimiento.
  • Actualizaciones periódicas sobre el estado de seguridad de los proveedores.
  • Integración con los flujos de trabajo existentes de gestión de incidentes.
• Beneficio: Las empresas pueden tomar medidas inmediatas para mitigar los riesgos antes de que se conviertan en incidentes.

3. Vista Desde la Perspectiva del Atacante

Sling integra inteligencia de amenazas que simula cómo los atacantes identifican y priorizan las vulnerabilidades de los proveedores. Al comprender las tácticas de los atacantes, Sling ayuda a las organizaciones a fortalecer sus defensas en las áreas más críticas.

• Características:
  • Identificación de proveedores de alto valor según sus niveles de acceso y vulnerabilidades.
  • Información sobre la superficie de ataque expuesta por las conexiones de terceros.
• Beneficio: Las organizaciones obtienen una comprensión de los puntos más probables de ataque y pueden tomar medidas preventivas.

4. Información Accionable y Reportes Personalizados

Sling ofrece reportes detallados y accionables diseñados para ayudar a las empresas a fortalecer sus estrategias de ciberseguridad. Estos reportes incluyen recomendaciones prácticas adaptadas al perfil de riesgo de cada proveedor.

• Ejemplos de Reportes:
  • Reporte de Portafolio: Proporciona una visión detallada del estado de seguridad general de sus proveedores, destacando información clave sobre cómo sus perfiles de riesgo y puntajes impactan la resiliencia cibernética de su portafolio.
  • Reporte de Riesgo Cibernético: Ofrece un análisis detallado del estado de ciberseguridad de un proveedor específico, resaltando los riesgos que contribuyen a su Sling Score.
• Beneficio: Las empresas están capacitadas para tomar decisiones basadas en datos que protejan sus operaciones.

¿Cómo Comenzar con la Gestión de Riesgos Cibernéticos de Terceros?

Gestionar los riesgos cibernéticos de terceros puede parecer complejo, pero con las herramientas y estrategias adecuadas, puedes proteger tu negocio de las vulnerabilidades introducidas por proveedores externos. Al realizar evaluaciones de riesgos, establecer estándares claros de seguridad, monitorear las actividades de los proveedores y prepararte para incidentes, estás sentando las bases para una sólida postura de ciberseguridad.

Sin embargo, implementar estos pasos de manera efectiva requiere la plataforma y la experiencia adecuadas. Aquí es donde entra en juego la solución de gestión de riesgos de terceros de Sling. Con tecnologías avanzadas como Sling, puedes tener un control total de tu ecosistema de proveedores, identificar vulnerabilidades de manera proactiva y mitigar riesgos antes de que se conviertan en problemas graves.

¿Listo para proteger tu negocio y asegurar tu cadena de suministro?
Reserva una demostración personalizada hoy mismo para descubrir cómo Sling puede transformar tu estrategia de gestión de riesgos de terceros. Aprende a evaluar a tus proveedores, monitorear amenazas en tiempo real y construir un plan de respuesta a incidentes proactivo, todo en una plataforma integral.

Agenda tu Demostración Ahora

Permite que Sling contribuya a fortalecer la seguridad de tu negocio a nivel global. Actúa con anticipación y comienza a mitigar tus riesgos desde hoy.

הפוסט Gestión de Riesgos Cibernéticos de Terceros (TPRM & TPCRM) הופיע לראשונה ב-Sling Score.

Managing these risks involves identifying vulnerabilities, monitoring vendor security practices, and addressing potential threats before they escalate. In this article, we’ll explore the fundamentals of third-party cyber risk management, highlight the types of risks businesses face, and discuss why every industry must adopt a proactive approach to secure their vendor ecosystem.

What is Third Party Cyber Risk Management?

Third-party cyber risk management is the practice of identifying, monitoring, and mitigating cybersecurity risks introduced by external vendors, suppliers, or service providers. These third parties often have access to critical systems, proprietary data, and sensitive customer information, making them a potential gateway for cyber threats.

For example, many organizations use third-party cloud storage providers to handle sensitive data. If the provider’s security protocols are weak, a data breach could compromise not only their systems but also the businesses they serve. Similarly, outsourcing IT support may streamline operations, but it can also introduce risks if those vendors fail to implement proper security measures.

The goal of third-party cyber risk management is to proactively address these risks before they escalate into costly incidents. This involves evaluating the cybersecurity practices of third parties, ensuring compliance with relevant standards, and establishing clear incident response protocols. Without this level of scrutiny, businesses are effectively gambling with their own security.

Key Functions of TPCRM

• Risk Assessment: Evaluating the potential impact and likelihood of third-party vulnerabilities.
• Continuous Monitoring: Keeping tabs on vendor security practices to detect emerging risks.
• Vendor Agreements: Establishing security requirements in contracts to set expectations.
• Remediation Plan: Guidance with step-by-step instructions, prioritization of actions, strategies for mitigation, and detailed approaches to addressing identified risks and issues.

Understanding and implementing third-party cyber risk management isn’t just good practice—it’s a business imperative.

Types of Cyber Risks in Third-Party Relationships

Businesses face numerous cyber risks when working with third-party vendors, often because these external partners don’t always share the same rigorous security standards. Understanding these risks is the first step in mitigating them. Below are the most common types of cyber risks associated with third-party relationships:

1. Data Breaches

Third parties often handle sensitive customer, employee, or company data. If a vendor’s security systems are compromised, attackers can exploit their access to infiltrate your network.

• Example: In the Target breach mentioned earlier, hackers accessed Target’s payment system through a vendor’s compromised credentials, exposing millions of customer records.
• Impact: Financial losses, legal liability, and reputational damage.

2. Service Disruptions

If a vendor falls victim to a cyberattack, their systems could be rendered inoperable, impacting your operations.

• Example: A Distributed Denial of Service (DDoS) attack on a cloud hosting provider could shut down critical systems for hours or even days.
• Impact: Lost productivity, missed revenue, and damage to customer trust.

3. Compliance Violations

Regulations like GDPR, HIPAA, DORA and NIS2 hold businesses accountable for protecting data, even if it’s managed by third parties.

• Example: A healthcare provider using a vendor that doesn’t comply with HIPAA could face steep fines if patient data is compromised.
• Impact: Regulatory penalties and increased scrutiny from auditors.

4. Intellectual Property Theft

Third parties with access to proprietary information, like product designs or trade secrets, can inadvertently expose it through weak security measures.

• Example: A manufacturing company’s design files could be stolen through a compromised vendor network, leading to counterfeit products in the market.
• Impact: Loss of competitive advantage and potential legal disputes.

5. Supply Chain Attacks

Cybercriminals often target vendors to infiltrate their clients’ systems, leveraging the trust between the two parties.

• Example: In 2021, the Kaseya ransomware attack targeted a widely used IT management software vendor. Attackers exploited vulnerabilities in the vendor’s system to deploy ransomware to hundreds of the vendor’s clients, affecting businesses globally, including schools, hospitals, and retail chains.
• Impact: Widespread operational disruptions, financial losses from ransom payments, and significant downtime for affected organizations.

Sling’s Solution for Third-Party Cyber Risk Management

Managing third-party cyber risks effectively requires sophisticated tools and a proactive approach. Sling offers a comprehensive solution tailored to the complexities of modern vendor networks, providing organizations with the tools they need to stay ahead of threats.

1. Proprietary Risk Scoring

Sling’s platform uses advanced algorithms to calculate a unique sling score for each third party, combining multiple data points to create a comprehensive risk profile.

• Key Inputs:
  • Comprehensive and detailed reports on risks associated to the overall portfolio components and the specific risks introduced by each company, featuring a prioritized analysis of critical issues.
  • Analysis of asset vulnerabilities.
  • Findings from Darknet data regarding potential attacks.
• Benefit: Organizations gain a clear understanding of their most vulnerable third-party relationships and can prioritize remediation efforts accordingly.

2. Continuous Monitoring

Sling provides real-time visibility into the security practices of third-party vendors, ensuring that any emerging risks are detected early.

• Features:
  • Automated alerts for risk issues or non-compliance issues.
  • Regular updates on vendor security postures.
  • Integration with existing incident management workflows.
• Benefit: Businesses can take immediate action to mitigate risks before they escalate into incidents.

3. Attacker’s View

Sling integrates threat intelligence that simulates how attackers view and prioritize vendor vulnerabilities. By understanding the attacker’s tactics, Sling helps organizations strengthen their defenses where it matters most.

• Features:
  • Identification of high-value vendor targets based on their access levels and vulnerabilities.
  • Insights into the attack surface exposed by third-party connections.
• Benefit: Organizations gain an understanding of where attackers are most likely to strike and can take preventive measures.

4. Actionable Insights and Tailored Reporting

Sling delivers detailed, actionable reports designed to help businesses strengthen their cybersecurity strategies. These reports include practical recommendations tailored to each vendor’s risk profile.

• Example Reports:
  • Portfolio Report: provides an in-depth view of your vendors’ overall security posture, highlighting key insights into how their risk profiles and scores shape your portfolio’s cyber resilience.
  • Cyber Risk Report: delivers a detailed analysis of a specific vendor’s cybersecurity posture, highlighting the risks contributing to their Sling Score.
• Benefit: Companies are empowered to make data-driven decisions to protect their operations.

How to Get Started with Third-Party Cyber Risk Management

Managing third-party cyber risks can seem complex, but with the right tools and strategies, you can safeguard your business from vulnerabilities introduced by external vendors. By conducting risk assessments, setting clear security standards, monitoring vendor activities, and preparing for incidents, you’re laying the groundwork for a strong cybersecurity posture.

However, implementing these steps effectively requires the right platform and expertise. That’s where Sling’s third-party risk management solution comes in. With advanced technologies like Sling, you can take full control of your vendor ecosystem, proactively identify vulnerabilities, and mitigate risks before they escalate.

Ready to protect your business and secure your supply chain?
Book a personalized demo today to see how Sling can transform your third-party risk management strategy. Learn how to assess your vendors, monitor threats in real time, and build a proactive incident response plan—all in one comprehensive platform.

Schedule Your Demo Now

Let Sling help you secure your business beyond borders. Don’t wait—start mitigating your risks today!

הפוסט Third Party Cyber Risk Management (TPRM & TPCRM) הופיע לראשונה ב-Sling Score.

Third-Party Cyber Risk Management:

Businesses should monitor third-party cyber risks by conducting thorough risk analyses. This involves not only evaluating the cybersecurity posture of each third-party before entering into a partnership but also continuously monitoring their practices throughout. Regular risk assessments should be conducted to identify any weaknesses or gaps in security, with particular attention to how third parties handle sensitive data, manage access controls, and respond to potential threats.

With the help of Cyber Risk Ratings (CRR), businesses can assess a third party’s risk level through a standardized rating system. These ratings focus on the likelihood of risk scenarios. The risk analyses should align with established compliance standards such as DORA, NIS2, ISO 27001, NIST, HIPAA, SEC and others that are relevant to the business’s industry. By guaranteeing that all third parties meet these requirements, businesses can significantly reduce the likelihood of data breaches, financial loss, or reputational damage stemming from third-party vulnerabilities.

Visibility into Cyber Threat Intelligence (CTI):

To stay ahead of potential threats, businesses must prioritize enhancing their visibility into cyber threat intelligence (CTI). This involves leveraging advanced threat detection and analysis tools that provide deep insights into the shifting environment. By integrating these capabilities, businesses can monitor and analyze data from a wide range of sources, identifying patterns that could signal an attack.

This gives organizations the ability to discover hidden vulnerabilities within their systems, networks, and processes that might otherwise go unnoticed. By identifying these weaknesses earlier on, businesses can implement targeted defenses and remediation strategies before threats materialize. Additionally, enhanced CTI allows for real-time threat monitoring, enabling rapid responses to emerging threats and minimizing the potential impact on operations. As these capabilities are integrated, it’s essential to ensure that all data collection and monitoring practices comply with relevant regulations and standards, maintaining both security and compliance.

Attack Surface Management (ASM):

Businesses should routinely conduct comprehensive assessments of their attack surfaces, viewing them through the lens of potential attackers. This non-intrusive method allows organizations to map out all possible entry points and weaknesses without disrupting operations. By identifying and addressing these vulnerabilities early, businesses can significantly reduce the risk of exploitation. This approach enhances the organization’s ability to respond to up-and-coming threats. Regularly updating and adapting this process ensures that businesses stay ahead of cyber threats, maintaining strong cyber postures at all times. Additionally, ensuring that identified vulnerabilities and corresponding mitigations are documented and reviewed during compliance assessments is critical to maintaining regulatory adherence and reducing legal risks.

How Compliance Works with Sling:

Sling enables companies to automatically assess their own compliance and that of their vendors using customizable questionnaires. The results indicate how well each party aligns with the relevant criteria. The platform can be tailored to match a company’s specific framework requirements, or Sling’s own standardized questionnaire can be used. The data is then automatically exported into reports that detail compliance status and risk severity.

Sling’s compliance framework is aligned with key standards from the United States and the European Union, including DORA, NIS2, ISO 27001, NIST, HIPAA, and the SEC. By adhering to these standards, businesses can strengthen their security, maintain regulatory compliance, and achieve operational excellence, ultimately protecting their assets and reputation. As a key partner, Sling confidently assists businesses in navigating cyber risks and maintaining compliance

הפוסט The Compliance Pillars: Managing Third-Party Cyber Risks הופיע לראשונה ב-Sling Score.

It is important to note that the breach impacted approximately 9 million individuals in America, emerging as one of the biggest identity hacks in 2023. The information leaked compromises not only the victims but also third parties connected to PJ&A. Being part of a complex supply chain, PJ&A’s vulnerabilities have affected many medical institutions working with their systems. The information leaked may be used for various tactics employed by hackers to jeopardize individuals’ well-being. In the wrong hands, the information can be used to impersonate people, giving hackers access to financial information, bank accounts, and serving as a gateway for identity theft. Moreover, if exploited, the information can be used for blackmail or even sold to individuals operating on the darknet.

PJ&A serves as a proper case study for understanding the importance of third-party risk management (TPRM). Whether the data breach resulted from exploiting vulnerabilities in third parties collaborating with PJ&A, or if PJ&A itself acted as a third party impacting medical institutions, the importance of third-party risk management cannot be overstated. TPRM serves as a valuable strategy in anticipating breaches and predicting hacks by analyzing vulnerabilities in the supply chain. Moreover, TPRM mitigates the threat posed to attacked assets by correctly managing registered information.

With the utilization of verified information and collected data, Sling can predict where attacks might happen. Using a deep assessment of known vulnerabilities in supply chains, Sling has created an intricate scoring system that helps businesses assess their vendors and find vulnerabilities before they are exploited. By doing so, our solution can help you make informed decisions about your security strategy.

In the event of an unwanted breach, Sling can offer technical evaluations to identify compromised assets and assist in verifying known malware within your supply chain, enabling prompt adjustments to be made.

הפוסט Lessons from the PJ&A Data Breach הופיע לראשונה ב-Sling Score.

With emerging regulations and guidelines, including DORA, NIS2, HIPAA, SEC, and NIST, enterprises need a trusted partner to continuously monitor third-party, vendors and supply chain cyber risk.

Sling is designed to align seamlessly with the diverse set of supply chain regulations and frameworks, ensuring that organizations not only meet but exceed the necessary standards. This protects sensitive data while establishing a culture of trust and transparency with regulators and stakeholders.

DORA

The Digital Operational Resilience Act (DORA) is a European regulatory framework for financial entities and critical third parties. DORA focuses on strengthening defenses against disruptions and cyber threats.

Sling seamlessly integrates risk management assisting entities in aligning with the DORA framework. Sling aligns with DORA’s emphasis on continuous management and reporting, providing ongoing oversight and facilitating compliance with regulatory demands.

NIS2

The most recent iteration of the Network and Information Systems Directive (NIS2) is a European regulation targeting organizations critical to the economy and society’s cyber resilience, spanning sectors like energy, transport, finance, health, etc., and their supply chains. This, in turn, may impose obligations on entities outside of the EU that have business partnerships or serve as vendors for entities based within the EU.

Sling facilitates NIS2 compliance by supporting thorough risk analyses and identifying vulnerabilities in supply chains. It enables coordinated security risk assessments and ensures continuous evaluation of cybersecurity measures. Sling’s dynamic approach, including regular updates based on emerging threats, helps organizations adapt their supply chain security in alignment with the evolving threat landscape, overall enhancing enterprises cyber posture.

HIPAA

The Health Insurance Portability and Accountability Act (HIPAA), is a U.S. regulation mandating healthcare organizations to protect their health information and uphold patients’ rights. Compliance with HIPAA involves conducting comprehensive risk assessments for business associates and third parties with potential access to electronic Protected Health Information (ePHI).

Sling supports organizations in the regular review and updating of risk analysis and management processes. This adaptability ensures alignment with changes in environmental or operational factors that may impact ePHI, ensuring a continuous and dynamic approach to compliance.

NIST

National Institute of Standards and Technology (NIST) highlights Cyber Supply Chain Risk Management (C-SCRM).

While not a regulatory binding requirement, NIST is a common framework for multiple cybersecurity issues, also applicable in the form of the C-SCRM framework.

Organizations can enhance C-SCRM with the Sling tool supporting the identification, assessment, and mitigation of cybersecurity risks in the supply chain and critical infrastructure. Sling streamlines thorough risk assessments, pinpoints potential vulnerabilities, and facilitates due diligence of suppliers. Sling’s continuous monitoring strategies align with NIST’s emphasis on adaptability, enabling organizations to detect and respond promptly to changes in the supply chain risk environment.

SEC

The landscape of the U.S. Securities and Exchange Commission (SEC) regulations significantly impacts publicly traded companies, placing a primary emphasis on the management of third-party risks. Within this framework, there is a crucial focus on addressing cybersecurity, ensuring operational resilience, and upholding compliance with securities laws.

Sling facilitates adherence to multiple key compliance measures, including the adoption of External Attack Surface Management, continuous understanding and addressing of supply chain risk, standardized cyber risk measurement, driving remediation efforts, verifying vendor compliance, and determining vendor criticality. By utilizing Sling, organizations can integrate these compliance measures into their third-party risk management framework, effectively meeting SEC requirements and enhancing the overall security of their operations.

In essence, Sling becomes a vital partner for enterprises seeking to navigate the complexities of modern cybersecurity regulations. By streamlining safety procedures, Sling empowers organizations to focus on their core capabilities, confident in the knowledge that their cyber risk management is in good hands. As the regulatory landscape continues to develop and evolve, having a trusted partner like Sling becomes crucial in maintaining a strong and secure business environment.

הפוסט Navigating Supply Chain Regulations with Sling’s Integrated Solutions הופיע לראשונה ב-Sling Score.

This data breach shows the importance for businesses to recognize that securing not just their own systems but also third-party entities is key to protecting sensitive information. 

Delta Dental was among the numerous clients impacted by the breach that occurred on MOVEit’s file transfer software between May 27th and May 30th, an incident that came to their attention only on June 1st. The personal information compromised includes names, addresses, Social Security numbers, passport numbers, driver’s license numbers, financial account details, tax identification numbers, and health insurance and individuals health information.

The insurance company took steps to contain and remediate the incident, discovering the full extent of the breach on November 27, 2023. The affected individuals are being urged to remain vigilant for any suspicious activity on their accounts, and were offered free identity monitoring services.

The breach stands out due to its scale, making it the third-largest healthcare MOVEit-related breach reported, behind Maximus Inc. (11 million) and Welltok (8.5 million).

The Delta Dental breach emphasizes the need for advanced cyber risk management. By leveraging Sling, organizations can benefit from a proactive cybersecurity approach. Sling combines extensive Darknet knowledge with expert-driven threat intelligence, enabling customers to enhance their cybersecurity posture over time. Sling’s approach not only addresses vulnerabilities but also helps organizations stand strong against constantly changing cybersecurity threats.

הפוסט Delta Dental of California Data Breach הופיע לראשונה ב-Sling Score.

T-Mobile Data Breach:

T-Mobile faced a series of data breaches in 2023, exposing millions of customers and employees to potential risks. The January breach, where a hacker exploited an API vulnerability, affected up to 37 million accounts. The breach originated from malicious activity in November 2022, but T-Mobile contained it within 24 hours. In April, a second breach affected 836 customers, exposing highly sensitive data, such as social security numbers and government ID details. Later in September, 89 gigabytes of T-Mobile employee data, linked to a breach of Connectivity Source, surfaced on hacker forums. Additionally, a system error in September led to the exposure of customer and payment data for fewer than 100 customers, which was quickly fixed by T-Mobile.

The T-Mobile breaches highlight the importance of proactive security measures and the need for continuous monitoring of APIs. In response to the vulnerability, T-Mobile’s swift containment demonstrated the value of quick incident response. However, the recurrence of breaches time and again in just 2023 alone suggests the necessity of a thorough security overhaul. Additionally, as seen in T-Mobile’s case with Connectivity Source, enhancing third-party management could help to mitigate potential risks. Strengthening cybersecurity infrastructure and fostering an environment of security awareness can help organizations preemptively address vulnerabilities and enhance overall resilience if ever facing threats.

MOVEit Data Breach:

The MOVEit Transfer software breach in 2023 stands out as one of the largest and most impactful hacks in 2023, affecting over 1,000 known victim organizations. Progress disclosed a critical zero-day vulnerability in MOVEit Transfer in May, enabling the notorious Clop ransomware gang to exploit the service and steal sensitive data. The fallout included continuous threats to publish stolen data unless ransoms were paid. The breach had global repercussions, with U.S.-based organizations accounting for a large majority of the victims.

The MOVEit breach underlines the critical need for ongoing software vulnerability management and underscores the surging impact on interconnected organizations. The financial sector, healthcare, information technology, and government entities were particularly vulnerable, emphasizing the importance of sector-specific cybersecurity measures. Businesses should prioritize timely patching, threat intelligence sharing, and cybersecurity training to reduce the risk of zero-day vulnerabilities. As organizations grapple with the aftermath, it becomes very important to safeguard against the increasing sophistication of cyber threats.

Okta Data Breach:

In the latest security incident, Okta, a leading identity and authentication management provider, suffered a breach through a third-party vendor, Rightway Healthcare, affecting approximately 5,000 Okta employees. The compromise, discovered in late September but disclosed in October, involved unauthorized access to Rightway’s network, allowing threat actors to steal an eligibility census file containing sensitive personal information. The stolen data included names, Social Security numbers, and health or medical insurance plan numbers for Okta employees and their dependents from 2019 and 2020. Okta learned of the incident on October 12, and an investigation revealed that the hacker initially gained access to a Rightway employee’s cell phone, altering credentials to access and exfiltrate the files.

The Okta breach marks the inherent risks associated with third-party vendors and the need for vendor risk management strategies. Organizations must not only secure their internal systems but also assess the security practices of their third-party partners. Organizations should implement multi-layered security measures, such as regular vendor risk assessments, continuous monitoring, and employee training on cybersecurity best practices.

The events of third-party breaches in 2023 demonstrate the critical necessity for a reorganization of security. Strengthening third-party management is imperative to minimize risks and protect businesses. By securing internal systems and assessing the security practices of third-party partners effectively, businesses can strengthen their defense against potential threats and establish a resilient security framework.

הפוסט Lessons Learned from 2023’s Most Notable Third-Party Breaches הופיע לראשונה ב-Sling Score.

In this blog, we will elaborate on each step of Sling’s assessment process to understand why Sling’s solution is important in the makeup of an accurate cyber risk calculation.

Assets Discovery: Digital Footprint Detection

Accurate digital assets discovery is critical for risk management as digital networks are constantly changing and third parties are capable of accessing different assets. Existing solutions often encounter challenges with false positives – wherein unrelated assets are detected, and false negatives – leading to the oversight of relevant assets. 

Sling overcomes these problems through extensive discovery and validation capabilities. There are automatic validation mechanisms in the discovery process, including detecting and considering shared hosting and cloud providing services. Later on, a significant validation of the discovery is done in the onboarding process, when all assets are automatically reviewed and considered per unique guidelines.

Risks Collection: Extensive Threat Analysis

Following the asset discovery, Sling’s strategy for collecting risks relies on the extensive experience and knowledge of the Threat Intelligence ecosystem gaining invaluable insights into the perspectives of potential attackers. With over a decade of experience monitoring relevant sources, Sling translates textual information extracted from the Darknet and Deep Web directly to the score calculation. This enhances Sling’s ability to assess and mitigate cyber risks effectively.

The risks collection process is divided into three categories: Threat Intelligence Exposure, covering leaked credentials, compromised accounts, initial access, ransomware attacks, and database leaks; Attack Surface Management, which includes open ports and email security issues; and Technical Intelligence, comprising outdated technologies, vulnerabilities, and information disclosure. When combined and monitored properly, these intelligence types allow a comprehensive assessment of a company’s cyber exposure.

Score Calculation: The Root of Cybersecurity Assessment

At the heart of Sling’s cybersecurity assessment lies the Sling Score, a unique concept derived from a proprietary scoring algorithm. This score serves as a predictive mechanism, operating on a scale of 0 to 100, representing the probability of the company being attacked. The lower the score, the more vulnerable the organization is to potential threats. For further insights into the Sling Score, explore our blog post available here: Link

Portfolio Analysis: Strengthening the Chain, Link by Link

A company’s cybersecurity is only as strong as its weakest link, and Sling stresses this implicitly. Offering a comprehensive overview of a company’s vendors, including trends and distribution information, Sling enables organizations to gain insights into the strengths and weaknesses of their supply chain. The logic here is clear—evaluating a vendor portfolio in depth is essential to mitigate risk. Businesses can make informed decisions about vendor relationships, fortifying their cybersecurity defenses link by link.

Reports Output: Transforming Data into Actionable Intelligence

To streamline the experience, there is an option to export data into reports. The intelligence and data gathered is then exported into downloadable comprehensive reports. Sling provides flexibility with two types of reports—the Portfolio Report offering a comprehensive perspective on the overall security posture of vendors, and the Vendor Overview Report providing an in-depth view of a specific vendor in the portfolio. 

In order to calculate your cyber risk accurately, it is important to prioritize your sensitive vendors and resolve their issues first, maintain real-time knowledge of your supply chain vendors, and leverage technology to access darknet indications. The systematic progression of Sling’s platform is a testament to the company’s commitment to safeguarding businesses.

הפוסט Sling Architecture: A Step-by-Step Guide to Cybersecurity Assessment הופיע לראשונה ב-Sling Score.

Even though TPRM solutions are gaining popularity, third-party attacks are still surging, often resulting in significant financial losses to organizations, as well as business interruptions. This trend continues due to cyber score miscalculation and a lack of risk assessment. 

Sling Score addresses the inadequacies of existing risk assessments and the oversight of critical risks through its proprietary scoring algorithm, which is specifically tailored to focus on the Darknet. This tool was developed in collaboration with Threat Intelligence experts, leveraging a unique, in-house decade-plus Darknet and cybercrime database. Sling’s scoring mechanism, referred to as the “Sling Score”, operates on a scale of 0 to 100, representing the risk of the company being attacked by considering insights from an attackers’ perspective.

This is done by three key functionalities. Firstly, through actionable assets discovery, it autonomously validates the identification of assets, including domains, subdomains, and IP addresses, ensuring a wide detection and analysis of company-related assets. Secondly, the intelligence collection which includes advanced analysis to delve into attackers’ motivations, relying on a deep understanding of the Darknet and open sources. Lastly, the system prioritizes noise reduction, concentrating on verified data with clear impact on the vendor’s network. 

These methods make the Sling Score a predictive tool for cyber incidents, offering a solution that combines extensive Darknet knowledge with expert-driven threat intelligence for a more robust and proactive approach to cybersecurity. Over time, customers using Sling’s platform can improve companies’ scores by remediating risks related to network vulnerabilities & minimizing Darknet exposure. Customers with an average portfolio score of 75 and above are unlikely to endure a cyber incident from a provider in the supply chain.

With this approach, Sling helps organizations maintain a resilient cybersecurity posture by addressing vulnerabilities and staying current with the evolving threat landscape.

הפוסט Leveraging Darknet Intelligence for Accurate TPRM Score Calculation with Sling הופיע לראשונה ב-Sling Score.

Lack of Visibility in the Supply Chain:

While companies routinely prioritize the security of their supply chains as a necessity, they continue to struggle with the challenge of achieving real-time visibility into the hidden cyber risks within these chains. Consequently, if companies lack visibility into their supply chains, they may be vulnerable to cyber incidents originating from vendors. From data breaches to operational disruptions, the outcome of inadequate supply chain security can be extensive.

To tackle this issue, Sling prioritizes continuous real-time updates. In the cyber world, there is a brief window between recognizing a vulnerability and its potential exploitation, where every moment is of significant value. Acting fast in the face of potential threats, such as data breaches and operational disruptions, can make all the difference in safeguarding your assets and reputation.

False Positives (Noise) in the Supply Chain:

A common challenge in the management of cyber risks is the persistent and overwhelming flood of false positives. An inbox swamped with alerts significantly complicates the task of distinguishing genuine threats from unwanted noise. Dealing with this issue not only consumes valuable resources but also affects an organization’s ability to respond effectively to real dangers.

Sling utilizes automation mechanisms to filter out irrelevant cyber risks and digital assets during the risk assessment, and ranks the remaining ones by severity (Critical, High, Medium, Low, and Information) based on an in-house mechanism. This approach is oriented from the attacker’s perspective, considering the likelihood of exploitation by an attacker and its potential impact to the network. The enhanced visibility empowers organizations to make informed decisions, allocate resources efficiently, and strengthen incident response capabilities while mitigating false positives.

Communication Channels in the Supply Chain:

As supply chains are becoming more complex, it is necessary for companies to maintain direct communication with dozens of contacts. As a result, many cyber  issues remain unresolved while data continues to flow, and can create weak spots that cybercriminals may use to access a company’s sensitive data. It’s vital to provide a reliable method for alerting vendors to critical issues and maintain straightforward communication channels between businesses and their partners. This emphasizes the importance of quick identification and resolution of vulnerabilities through efficient communication.

Sling simplifies communication channels by allowing you to add vendors quickly and download reports in an instant. This streamlined approach complements our focus on addressing the cybersecurity challenges mentioned earlier, enabling companies to enhance collaboration and consistency with their partners and suppliers while ensuring swift and efficient management of their supply chain security.

Sling’s actionable third-party cyber risk management, can help you enhance visibility, reduce false positives, and improve communication channels within your supply chain. In conclusion, addressing the challenges associated with managing cyber risks from partners and suppliers is vital to the success of today’s businesses.

הפוסט Overcoming Market Challenges: Tackling Cyber Risks in Your Supply Chain הופיע לראשונה ב-Sling Score.