Every week the news is full of new exposures of protected health information (PHI) and personally identifiable information (PII). These security incidents are not only more common but also more costly.
The average cost of a data breach is now nearly $4 million globally and third-party vendors, cyber attacks, and misconfiguration are three of the main culprits.
Many of these exposures are caused by accidental data leaks rather than deliberate data breaches, which is why cyber risk management and vendor risk management are top priorities for CISOs, Vice Presidents of Security, and senior management. And they're increasingly important at the board level.
Every organization must now invest in tools to prevent data breaches and reduce cybersecurity risk: particularly risks stemming from third and fourth-parties.
The introduction of general data protection laws around the world has introduced or widened the scope of mandatory data breach notification laws, significantly increasing reputational and regulatory impact.
In the United States, California has introduced CCPA, Florida has introduced FIPA, and New York has launched the SHIELD Act. Outside of the United States, two well-known examples are the European Union's GDPR and Brazil's LGPD.
Additionally, many of these laws have broadened the definition of sensitive data. This means what were once small security incidents are now reportable data breaches, adding to the impact of inadequate risk management.
Security teams have more to worry about than ever before. Their job now not only involves developing information security policies and improving cybersecurity postures but increasingly, translating technical terms for non-technical stakeholders.
There are tools that can help, such as UpGuard, the issue it's hard to know which one is the best for you. We wrote this guide with all this in mind, to give you a clear comparison between Black Kite (formerly known as NormShield) and UpGuard, so you can make an informed decision and choose the tool that is right for you.
Black Kite Overview
Black Kite is a cyber risk rating platform that leverages open-source threat intelligence and non-intrusive cyber reconnaissance to provide information about your vendor risk at scale.
It collects a wide range of information without touching the target customer. It leverages advances in data science and machine learning to provide higher frequency and precise real-time risk assessments.
Like other security ratings services (SRS), its data collection provides continuous risk monitoring of third-parties. Black Kite's latest funding round was a $3.5m seed round.
