Black Kite

New Report: Black Kite’s 2025 Third-Party Breach Report is Here! Cyber threats targeting third-party vendors and supply chains reached new levels of sophistication in 2024. Our 6th annual Third-Party Breach Report uncovers how these incidents unfolded, the industries most affected, and the systemic vulnerabilities that allowed them to happen. Key insights from the report include: - Ransomware dominance – Third-party vendors remained a primary entry point for disruptive attacks. - Silent breaches – Many cyber incidents went unnoticed until their cascading effects disrupted entire industries. - Regulatory impact – Frameworks like GDPR, HIPAA, and DORA influenced cybersecurity improvements, but challenges remain. Read the full report and discover how to stay ahead of third-party cyber risks in 2025: https://lnkd.in/ewXjWiwq 

This week's Focus Friday analyzes critical vulnerabilities in Ivanti Connect Secure, FortiSwitch, and MinIO from a Third-Party Risk Management (TPRM) standpoint. We outline the implications and provide essential remediation best practices. Stay informed and strengthen your third-party security posture. Read more here: https://lnkd.in/gi2aPRDt

Behind every bit of our third-party risk management data is a team of expert researchers: the Black Kite Research & Intelligence Team (BRITE) led by Ferhat Dikbiyik, Ph.D., CTIA. They don’t just provide static data, they dig into the research and give TPRM professionals actionable insights into what’s happening behind the scenes with threat actors and in their cyber ecosystems. As Bob Maley, Black Kite’s Chief Security Officer says, "What truly sets Black Kite apart is the BRITE team. They're not just running scans; they're researchers digging into the data, revealing the critical connections that automated tools miss. That's the real game-changer." Read our latest blog to learn how BRITE provides Black Kite customers with unique, critical threat intelligence at industry-leading speed and accuracy.  https://lnkd.in/eqn9mE9m

We’re surrounded by some of the brightest minds in Third Party Risk Management this week, all coming together to tackle the big questions: 🛠️ How do we build more resilient ecosystems? 📊 What does modern TPRM look like? 🤝 How can we better collaborate across vendors? Whether you're here for the keynotes, deep dives, or just those unforgettable hallway conversations — this week is all about connection and innovation. If you're at TPRA's 2025 Third Party Risk Management Conference, drop a 👋 or stop by booth #3 and say hello! Bob Maley Michael Gall, CTPRP Alexandra Minuto Conor Coveney Kyle Bryan Third Party Risk Association (TPRA) - Third Party Risk Management

🚨New episode drop: Risk and Reels just got eclipsed 🌒 Jeffrey Wheatman sits down (again!) with the one and only 🤗Jayson E. Street🤗, who casually mentioned that he once robbed a bank during a solar eclipse. Yes, you read that right. This episode is packed with: - Why education > exploitation in security - How empathy makes you a better hacker (and human) - What hearing aids, rutabagas, and awkward hugs have to do with adversarial ops - And a wild story about social engineering so good it belongs in a heist movie Available now wherever you get your podcasts. And drop us your favorite hacker movie in the comments 👇 https://lnkd.in/eDd6uGUR

Your third-party’s vulnerabilities are YOUR risk exposures. In today's interconnected world, a single unpatched third-party vulnerability can trigger a cascading impact across your entire organization. But you can’t apply a traditional vulnerability management mindset to external risk. Authenticated internal scans aren’t possible, and even if they were, the sheer volume of CVEs creates overwhelming noise. That’s why we’re launching a new era of third-party cyber risk management (TPCRM) with an in-depth research report, “2025 Supply Chain Vulnerability Report: Navigating a New Era of Managing Vulnerability Risk in Third Parties” that shows CISOs and third-party risk managers the impact of vulnerability risks in third parties, pr, and collaborate with vendors to strengthen security across the entire supply chain. Start by reading the 2025 Supply Chain Vulnerability Report by the Black Kite Research & Intelligence Team (BRITE) led by Ferhat Dikbiyik, Ph.D., CTIA, Chief Research & Intelligence Officer — and join us in ushering in this new era of third-party cyber risk management! https://lnkd.in/e6FKVf2S #ThirdPartyRisk #Cybersecurity #VulnerabilityManagement #TPCRM #TPRM #SupplyChainSecurity #CyberThreats #BlackKite #CyberRisk

Looking for a complete picture of the 2025 third-party breach landscape? Our new resources roundup features Black Kite's eye-opening 2025 Third-Party Breach Report, plus other free resources like a video overview, expert perspectives, and practical guidance, to help you understand and address today's third-party risk. #Cybersecurity #RiskManagement #TPRM #ThirdPartyRisk #RiskIntelligence #CISO #CyberRisk #ProactiveSecurity #TPRMResources

We are so excited to have Jessica Stanford, David Sauer, and Allan Carey join the Black Kite team. Their leadership and hard work has already made a difference. https://lnkd.in/eqZkT2N2

In the relentless battle against evolving cyber threats, traditional methods of third-party risk management are falling short. The sheer volume of unstructured data, from dark web chatter to vendor reports, presents an insurmountable challenge for security teams. But what if AI could turn this data deluge into actionable intelligence? Our latest report, "Large Language Model Use Cases in Cyber Threat Intelligence: Enhancing Third-Party Risk Management Through AI," explores the transformative potential of Large Language Models (LLMs) in this critical area. We delve into how LLMs can streamline OSINT analysis, provide unprecedented supply chain visibility, and enable proactive risk prioritization. This isn't just about technology; it's about empowering security professionals to move beyond reactive measures and embrace a new era of proactive threat mitigation. Read the report to discover how LLMs can revolutionize your approach to cybersecurity. https://lnkd.in/eE7sHEC2

The eight most significant cyber incidents of 2024, each exposing vulnerabilities that rippled across industries, should be shaping your TPRM strategy. In our latest infographic, we break down key lessons from these incidents, reveal common trends, and highlight what security teams need to know to stay ahead of cascading risks. Read the blog and infographic here: https://lnkd.in/ezUHafbb