» Risk Management Blog

RH-ISAC’s VP of Intelligence, Carlos Kizzee is featured in an article on Hospitality Tech. The below is an excerpt from the article. For the full post, visit: https://hospitalitytech.com/third-party-risks-abound-digital-world Today’s retail and hospitality world is increasingly interconnected, and customers expect to shop in the digital marketplace with minimal friction. Third-party systems are a critical component of…

Valimail has been doing rigorous analysis on the data behind email frauds since the company’s earliest days. And we’ve been publishing research reports based on that deep insight for several years. Valimail’s research program now sets the industry standard for reliable, hype-free data on the state of email fraud, email authentication, and identity-based email attacks….

Numerous attack campaigns in the past couple of months have demonstrated a common tactic used by cybercriminals and state-sponsored attackers alike―credential harvesting. According to the Verizon 2017 Data Breach Investigation Report, 81% of hacking-related breaches leverage either stolen, default or weak credentials. While credential harvesting is often seen as equivalent to phishing, it uses different…

By Brett McDowell, Executive Director, The FIDO Alliance With attacks shifting away from POS terminals to web and mobile channels, the risk of data breach and account fraud for online retailers is skyrocketing, but new global standards developed jointly by the FIDO Alliance and the W3C are being implemented by leading web browsers and consumer…

The threat landscape has transformed significantly over the last decade. As organizations have invested in security controls, tools and personnel to combat threats, threat actors have found other ways to infect systems and ultimately compromise organizations. As a result, threat actor groups have begun to target third-party vendors. Organizations rely heavily on their third-party vendors…