Third-Party Risk Managment (TPRM)

The MGM Cyber Attack: A Masterclass in Risk Management

by

Image of a man pulling on a gear device marked high and low risk, and the words “Robust risk management strategies can prevent a cyber attack” in the background.

The MGM Cyber Attack and Lessons in Risk Management

In the ever-evolving landscape of the digital world, cybersecurity has taken center stage. The MGM cyber attack serves as a stark reminder of the constant threat lurking in the shadows of the web. This unfortunate incident, though disconcerting, offers us a valuable lesson in risk management.

It is crucial to learn from these events and take proactive steps to safeguard our digital assets. In this article, we will explore the MGM cyber attack, the lessons it imparts on risk management, and provide practical mitigation steps and solution examples to help organizations

Understanding the MGM Cyber Attack

Before delving into risk management solutions, let’s take a moment to understand what happened during the MGM cyber attack. In September 2023, MGM Resorts suffered a data breach, leading to the exposure of personal information belonging to customers who transacted with MGM Resorts prior to March 2019. This included names, contact information, gender, dates of birth and driver license number. For a limited number of customers, the hackers also accessed Social Security numbers and passport details. According to Bloomberg, the breach stemmed from a social engineering breach of the company’s information technology help desk. MGM’s experience highlights the importance of robust cybersecurity practices.

Read more

Share

Third-Party Risk Management Framework

by

Image of a colored circle with the words "Risk Management" at the center surrounded by five sections wth the words "Identify, "Analyze", "Action", "Monitor", and "Control".

Introduction

Small businesses often rely on external partners, suppliers, and vendors to thrive and grow. While these collaborations can be beneficial, they also expose small businesses to third-party risks that can potentially harm their operations, reputation, and bottom line. To mitigate these risks effectively, small businesses need a robust third-party risk management (TPRM) framework. In this article, we will explore the best technology framework for TPRM in a small business environment and discuss why it’s crucial to implement such a system.

What is  A Third-Party  and Third-Party Risk?

The term “third party” refers to any entity or body that a company will collaborate with, do business with, or hire. This includes vendors, contract manufacturers, business partners, suppliers, resellers, agents, distributors, and brokers.

Third-party risk is the potential for a primary organization to suffer a data breach, or be negatively impacted or compromised via connections to external organizations and entities.

Read more

Share

NIST Cybersecurity Framework (CSF) is a Crucial Tool for Cybersecurity

by

Image showing business data analytics, platform charts and diagram with text of the five functions of the NIST Cybersecurity Framework: Identify, Protect, Detect, Respond and Recover.

Understanding the NIST Cybersecurity Framework (CSF)

The NIST Cybersecurity Framework (CSF) is a crucial tool in today’s cybersecurity environment, providing organizations with a structured and flexible approach to managing and improving their cybersecurity efforts. It was developed by the National Institute of Standards and Technology (NIST) in response to the increasing cyber threats that organizations face, and to help them navigate these challenges.

In this article, we will discuss why the NIST CSF matters, delve into its implementation tiers, and provide guidance on how organizations can use this framework to protect their infrastructure.

Read more

Share
Share
Share