Third-Party Risk Management stories

Manufacturing was the most targeted sector for ransomware in 2025, as Check Point counted 1,466 attacks worldwide amid rising supply chain exposure.

Doppel secures three ISO certifications for AI governance, security and privacy, as enterprise buyers demand stronger assurance against AI-driven cyber threats.

Abacus secures CREST accreditation for penetration testing, bolstering its pitch to regulated sectors as demand rises for verified cyber security assurance.

Small US defence manufacturers face CMMC readiness shortfalls as cybersecurity checks tighten, with many underestimating the work needed to win contracts.

NetRise unveils Provenance, a tool to trace open source maintainers and stop risky dependencies before they spread through software.

Appdome unveils Vault, a mobile app compliance history workspace with an AI agent to track, audit and reconstruct security controls.

Drata rolls out agentic AI tools to speed third-party risk reviews, automate security questionnaires and rapidly build online trust centres.

Cloud Security Alliance launches new enterprise tiers, offering CISOs analyst-led roadmaps to turn cloud and AI security frameworks into action.

Black Kite weaves Open FAIR into its platform to automate financial loss estimates in third-party cyber risk assessments and reviews.

Cynomi is urging MSPs to tap booming demand for third-party risk services as supply chain attacks surge and compliance rules tighten.

Goldman Sachs Alternatives to take stake in Schellman, backing global expansion in AI governance, cybersecurity compliance and digital trust.

UpGuard debuts Risk Automations to link cyber risk findings with security workflows, promising faster fixes after USD $75 million raise.

UpGuard secures USD $75m Series C to scale its AI cyber risk platform, fuelling product development, global expansion and acquisitions.

CISOs rate themselves strong on core cyber resilience but admit worrying gaps on AI-driven threats, deepfakes and software supply chain risk.

Bitsight launches an AI-driven dark web monitoring tool to give organisations earlier warning of cyber threats targeting key suppliers.

Coverbase and Crowe forge AI-focused partnership to streamline vendor risk reviews and procurement oversight in tightly regulated sectors.

Nike is probing a suspected cyberattack after a hacker group claimed to leak 1.4TB of internal data, raising supply chain security fears.

Ricoh's CloudStream service has achieved SOC 2 Type II audit status, bolstering its cloud security credentials for regulated industries.

Over 70% of major retailers and nearly 60% of wholesalers have exposed credentials, leaving shared supply chains ripe for attack.

Privacy is shifting from a legal checkbox to a strategic differentiator as watchdogs and customers demand proof of real-world data protection.