Third-Party Risk Management stories

Manufacturing was the most targeted sector for ransomware in 2025, as Check Point counted 1,466 attacks worldwide amid rising supply chain exposure.

Doppel secures three ISO certifications for AI governance, security and privacy, as enterprise buyers demand stronger assurance against AI-driven cyber threats.

Abacus secures CREST accreditation for penetration testing, bolstering its pitch to regulated sectors as demand rises for verified cyber security assurance.

Small US defence manufacturers face CMMC readiness shortfalls as cybersecurity checks tighten, with many underestimating the work needed to win contracts.

NetRise unveils Provenance, a tool to trace open source maintainers and stop risky dependencies before they spread through software.

Appdome unveils Vault, a mobile app compliance history workspace with an AI agent to track, audit and reconstruct security controls.

Drata rolls out agentic AI tools to speed third-party risk reviews, automate security questionnaires and rapidly build online trust centres.

Cloud Security Alliance launches new enterprise tiers, offering CISOs analyst-led roadmaps to turn cloud and AI security frameworks into action.

Black Kite weaves Open FAIR into its platform to automate financial loss estimates in third-party cyber risk assessments and reviews.

Cynomi is urging MSPs to tap booming demand for third-party risk services as supply chain attacks surge and compliance rules tighten.

Goldman Sachs Alternatives to take stake in Schellman, backing global expansion in AI governance, cybersecurity compliance and digital trust.

UpGuard debuts Risk Automations to link cyber risk findings with security workflows, promising faster fixes after USD $75 million raise.

Smart Communications secures CSA STAR Level 2 in Singapore for its AWS-hosted SmartCOMM and SmartIQ, boosting cloud security assurance.

UpGuard secures USD $75m Series C to scale its AI cyber risk platform, fuelling product development, global expansion and acquisitions.

AI is supercharging supply chain cyber attacks across Asia-Pacific, with Group-IB warning single hacks now threaten thousands of victims.

CISOs rate themselves strong on core cyber resilience but admit worrying gaps on AI-driven threats, deepfakes and software supply chain risk.

Bitsight launches an AI-driven dark web monitoring tool to give organisations earlier warning of cyber threats targeting key suppliers.

Synology secures ISO/IEC 27001:2022 certification, bolstering its global information security management and risk governance credentials.

Coverbase and Crowe forge AI-focused partnership to streamline vendor risk reviews and procurement oversight in tightly regulated sectors.

Nike is probing a suspected cyberattack after a hacker group claimed to leak 1.4TB of internal data, raising supply chain security fears.