Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

Primary tabs

Recent data breaches impart third-party risk lessons

Joe Mont | October 11, 2017

It has been a bad time on the cyber-security battlefront.

In recent days, we learned that a 2013 data breach at Yahoo was underreported. The reality: every single user, all three billion of them, had their information compromised.

Watching the watchman, over at the Securities and Exchange Commission, it announced that an incident previously detected in 2016 provided the means for illicit trading gains. A software vulnerability in the test filing component of the Commission’s EDGAR system was exploited and resulted in access to non-public information.

And, of course, there was the headline-feeding revelation that a massive data breach that hit consumer credit rating firm Equifax, potentially exposed the personal information of 143 million customers.

While each of these parties struggles with internal investigations and external scrutiny, the rest of the corporate world needs to be on their guard. We look at three ways the recent breaches should...

Buy this article for $49, or subscribe to Compliance Week for a month at $149 and get unlimited article access for 30 days.