Third-Party Risk Management stories

Manufacturing was the most targeted sector for ransomware in 2025, as Check Point counted 1,466 attacks worldwide amid rising supply chain exposure.

Doppel secures three ISO certifications for AI governance, security and privacy, as enterprise buyers demand stronger assurance against AI-driven cyber threats.

Abacus secures CREST accreditation for penetration testing, bolstering its pitch to regulated sectors as demand rises for verified cyber security assurance.

Small US defence manufacturers face CMMC readiness shortfalls as cybersecurity checks tighten, with many underestimating the work needed to win contracts.

NetRise unveils Provenance, a tool to trace open source maintainers and stop risky dependencies before they spread through software.

Appdome unveils Vault, a mobile app compliance history workspace with an AI agent to track, audit and reconstruct security controls.

Risk Ledger names Maryland base as it steps up US push with Matthew Fox to lead growth amid rising demand for supply chain cyber tools.

UK supply chain cyber firm Risk Ledger opens a Maryland base to build its US team and tap growing demand for third-party risk oversight.

Drata rolls out agentic AI tools to speed third-party risk reviews, automate security questionnaires and rapidly build online trust centres.

Cloud Security Alliance launches new enterprise tiers, offering CISOs analyst-led roadmaps to turn cloud and AI security frameworks into action.

Black Kite weaves Open FAIR into its platform to automate financial loss estimates in third-party cyber risk assessments and reviews.

Cynomi is urging MSPs to tap booming demand for third-party risk services as supply chain attacks surge and compliance rules tighten.

Goldman Sachs Alternatives to take stake in Schellman, backing global expansion in AI governance, cybersecurity compliance and digital trust.

UpGuard debuts Risk Automations to link cyber risk findings with security workflows, promising faster fixes after USD $75 million raise.

UpGuard secures USD $75m Series C to scale its AI cyber risk platform, fuelling product development, global expansion and acquisitions.

Beachhead launches ComplianceEZ 2.0 with an AI chatbot, real-time scoring and alerts to help MSPs manage complex cybersecurity compliance.

Risk Ledger launches a zero-friction partner programme to streamline channel collaboration on active, continuous supply chain security.

Synechron secures EcoVadis silver rating, placing it among the top 15% globally for sustainability across environment, ethics and labour.

ANYbotics becomes first four-legged robot maker with ISO 27001, easing security reviews for scaling autonomous industrial inspections.

CISOs rate themselves strong on core cyber resilience but admit worrying gaps on AI-driven threats, deepfakes and software supply chain risk.