penetration testing Tag

What’s Missing in Third-Party Risk Assessments

Assessments are important. You’d be hard pressed to find any cybersecurity professional who would argue they aren’t needed, but the problem with third-party risk assessments is that they are far from comprehensive. Understanding the hygiene and potential vulnerabilities of an organization is incredibly important. But it doesn’t reveal the full picture.  Point-in-time assessment of an organization is not enough because it doesn’t offer an exhaustive understanding of the risks. There are dynamic--and often undetected--problems specific to malware delivered by extremely sophisticated and versatile threat actors. These actors have the ability to...

Share Post