Risk Ledger Blog

Risk Ledger CEO joins high profile panel discussion on public sector cyber secur...

Risk Ledger CEO participates in high profile panel discussion on how to harden public sector supply chain security in the UK, and increase operational resilience.

Defend-as-One: The Case for Collaboration in Defending Against Cyber Attacks

To harden the cyber security of our supply chains, there is a need for greater collaboration and collective defence. This article introduces Risk Ledger's Defend-as-One approach to third party risk ma...

Securing Public Sector Supply Chains: Moving Beyond Third-Party Risk Management

Discover how escalating state-sponsored cyber attacks, especially on weak links in organisations' supply chains, are threatening public sector organisations, and how best to harden public sector suppl...

WS_FTP Server: Emerging Threat published on Risk Ledger

All versions of Progress Software’s WS_FTP Server are affected by two critical vulnerabilities. These vulnerabilities allow for arbitrary code execution and file traversal on the server. This article ...

The Future of Supply Chain Cyber Security: Identifying concentration risk to enh...

To enhance operational resilience, identifying concentration risk deep in your supply chains is key. Find out how to do this and how Risk Ledger can help.

The Future of Supply Chain Cyber Security: Taking a Social Network Approach

Attacks on organisations' supply chains are on the rise and new approaches are urgently needed. Find out about Risk Ledger's approach to shape the future of supply chain cyber security.

Discovering the ‘Unknown Unknowns’ of Financial Services Supply Chain Cyber Risk

Read about the major geopolitical and technological changes that have been escalating cyber risks in the financial services industry. The article discusses recent announcements made by Russian threat ...

Blast Radius of MOVEit Transfer Attack Widening

Last week, Risk Ledger published a quick and dirty analysis on the blast radius of the evolving MOVEit Transfer breach and the problems that the lack of visibility into risks lurking further down orga...

Risk Ledger Case Study: The Civil Aviation Authority

The Risk Ledger platform enabled the Civil Aviation Authority to qualitatively take its supply chain risk management efforts to the next level, by automating risk assessments, providing continuous mon...

MOVEit Transfer Vulnerability: Emerging Threat published on Risk Ledger

A critical SQL injection vulnerability has been identified in Progress Software’s MOVEit Transfer product that is proven to result in unauthorised access to files and the ability for arbitrary code ex...

MOVEit Transfer Vulnerability: Lack of Supply Chain Visibility Exacerbates Breac...

The latest Risk Ledger article discusses the recent MOVEit Transfer vulnerability and associated Zellis breach, and the importance of supply chain visibility in mitigating such incidents. With thousan...

Vendor Risk Management: What Is It & How Do I Conduct It?

Read our ultimate guide to vendor risk management, why it’s important and how to use vendor risk management tools can help you through the process.

Supply Chain Risk Management Case Study: Schroders Personal Wealth

Risk Ledger’s social network model gives SPW unprecedented visibility in real-time over their entire supply chain beyond third parties, to fourth, fifth and even sixth parties, facilitating the swift ...

The State of Cyber Security in the Supply Chain: Data Insights 2023

The State of Cyber Security in the Supply Chain: Data Insights 2023 report surveyed 2500+ suppliers on the Risk Ledger platform that have shared data against more than 200 security controls, offering ...

A spotlight on legacy systems

Which industries have the highest proportion of legacy systems which are no longer supported by manufacturers and no longer receive security updates?

The State Of Security: Finance

Our report shows what more than 200 vendors supplying the financial industry have reported what practises they've implemented when it comes to physical security, cyber security, third-party risk manag...

Did the Big 4s predictions for TPRM come true?

We’ve looked back at what the Big 4 consultancy firms’ TPRM predictions were for 2022, and analysed if they actually came true or not.

Risk Ledger Wins Financial Times' Tech Champion 2022 Award

As hacking threats increase worldwide, The FT names Risk Ledger as one of their Tech Campions and takes a look at how we help companies check their suppliers’ security status.

What Is The NIS 2 Directive and What Does It Mean For You?

The NIS 2 directive was drafted to increase cyber security resilience across EU member states’ CNI. Find out what this means for you.

Optimising your third-party management: 3 Tips and strategies to consider

Third-party management is more important than ever before. Usage is up across all industries, especially as more and more companies are looking to take advantage of cloud-based vendors, however, the m...

What the Uber Hack Shows Us About Third-Party Risk Management

We believe this hack opportunity to talk about the mindset shift companies need to adopt in order to minimize the risk involved with cybersecurity incidents.

PRGloo Case Study

Samantha Deeks, CEO of PRgloo, says Risk Ledger makes supplier assessments a breeze and every profile share improves information security.

Avoid the pitfalls of vendor complexity

As organisations grow and scale, they often bring on a number of new vendors, third-parties, and partners that have a range of technical integrations and non-technical inter-dependencies.

How we approach virus scanning uploaded files

Risk Ledger allows our customers to efficiently work with suppliers towards improving their supply chain security. Find out how we approach virus scanning.

Increasing response speed for critical security threats

We noticed that clients and suppliers struggled to respond effectively when a new, urgent threat was discovered. We wanted to fix that. Find out how.

Brexit & Covid are nearly over. Are you ready for the next supply chain crisis?

The more we speak about Brexit or Covid-related disruption, the more we lose sight of the most insidious threat: cyberattacks.

Supplier Suffered a Data Breach? Here’s What You Need to Know

So you’ve heard there’s been a breach and you’re worried your company’s data might have been stolen? Here's what you can do to protect your company and customers.

Building our Public API Alpha

This week, we are excited to share with you the alpha launch of our Public API, but what exactly goes into designing, implementing and documenting an API? What APIs do you even build?

What are Third Party Risk Management Tools & Which Is Right For Me?

51% of companies have suffered a data breach with an average cost of $3.92 million. Learn how to use third-party risk management tools to protect your business.

Yieldbroker case study: a view from both sides of the platform

The team at Yieldbroker share what it’s like to use Risk Ledger as both a client and supplier

Third-Party Risk Management: 4 ways CISOs can work smarter

Cybersecurity no longer begins and ends at one source. Here are our top 4 ways CISOs can work smarter.

Third-Party Data Breaches

What are third-party data breaches and how do you prevent them?

Selecting a Third Party Risk Management Framework

What are Third-Party Risk Management (TPRM) Frameworks and how do you select one?

What is Third Party Risk Management (TPRM)?

What is Vendor Risk Management, third party risk management and how can cybersecurity professionals protect themselves from third party risks?

How to deal with emerging threats (eg: log4j) in your supply chain

When new vulnerabilities are discovered and threats emerge, organisations have to quickly figure out to what extent their supply chain is affected.

Supply Chain Risk Management Case Study: NHS Test & Trace & Risk Ledger

Risk Ledger gives NHS Test and Trace unparalleled visibility of their supplier connections and exposes supply chain risks in real-time.

How useful are certifications when figuring out supply chain security risk?

In a recent poll, 37% of people said certifications are their best tool for managing supply chain security. I've been thinking about why this might be and how we can do better.

How Risk Ledger can help you with your operational resilience

Organisations, particularly in the financial sector, are having to manage the growing burden of operational resilience regulation. Find out how Risk Ledger can help you comply.

Case study: Gnatta on turning a no into a yes

Jack Barmby, Gnatta founder and CEO, explains how being honest about information security builds trust, strengthens relationships and encourages collaboration with your clients.

Daniel Saul on building Risk Ledger

Read the latest CTO interview and find out how Daniel chooses his tech stack and how organisations can enhance each other’s cyber security.

What is a floating point number, and why do they suck

Find out what a floating point number is and why they suck in this in-depth blog from one of our engineers.

Cyber attacks: why organisations must defend as one

An organisation’s defences are only as strong as those of the other organisations in the ecosystem. So when it comes to defending against cyber attacks, collaboration is vital.

How we make it easy to comply with EBA guidelines and DORA

Risk Ledger makes identifying, monitoring, assessing and managing third party risk a simple and streamlined process that complies with EBA outsourcing guidelines.

Critical National Infrastructure Case Study - Affinity Water & Risk Ledger

Check out our case study on critical national infrastructure with Affinity Water, the largest water-only supplier in the UK.

Risk Ledger raises £2.1m

Last week, we announced our £2.1 million seed funding round, which is the cherry on top of an incredible couple of years of growth.

Breeze Through Supplier Assurance Questionnaires Using Risk Ledger

Find out how Risk Ledger can save you from ever completing another security questionnaire through a shareable supplier assurance questionnaire.

A Tale of DNS & BGP: Facebook Outage Post Mortem Oct 2021

A brief look into what we know about the Facebook outage so far.

An introduction to the Network and Information Systems (NIS) Directive in 2021

A brief introduction to the NIS-D, who it applies to and what it it is designed to achieve.

Top 3 things you should know about securing your supply chain

Top 3 things you should know about securing your supply chain in line with the Network and Information Systems (NIS) Directive.

Network and Information Systems (NIS) Directive Authorities

We have put together a list of all the NIS Directive Competent Authorities in the UK.

Git Techniques at Risk Ledger

A deep dive into common Git techniques our Product Engineers use at Risk Ledger.

Risk Ledger featured in The Times for work with the NHS supply chain

Risk Ledger CEO Haydn Brooks quoted heavily in a piece titled 'Healthcare CIOs battle Covid Cybercrime' looking at the evolution of cyber challenges faced by the sector during the Covid-19 pandemic

Manage ESG risks with Risk Ledger

We have updated our standardised Supplier Assessment Framework (SAF) to include a risk domain assessing ESG risk factors in the supply chain. Read on to find out more.

NHS Test and Trace picks Risk Ledger to secure supply chain

Risk Ledger’s technology promises ‘unparalleled’ visibility into NHS Test and Trace’s supply chain.

Supply Chain Risks Insight Report - IT Operations

A close up look at the implementation of IT Operations security risk controls across the supply chain ecosystem

British Cyber Security Startup Conquers Spanish Innovation Competition

British cyber security startup Risk Ledgerhas been announced as the winner of the South Summit Industry 4.0 Competition hosted virtually in Madrid on Thursday. The company pitched their supply chain c...

Supply Chain Risks Insight Report - Security Governance

A close up look at security governance risk controls across the supply chain ecosystem.

Risk Ledger Supply Chain Risks Insight Report - Data Protection

A close up look at the implementation of data protection risk controls in the supply chain ecosystem.

Zerohour Podcast with CEO & Co-Founder Haydn Brooks

In today’s episode we are joined by Risk Ledger CEO Haydn Brooks. Learn his story from working in cyber risk and what drove him to co-found Risk Ledger.

Supply Chain Security & Financial Resilience During COVID-19

We have published a white paper setting out how the COVID-19 crisis and its economic impact,will drastically increase the risk of security and in supply chains.

Why we started Risk Ledger

We have developed an NCSC award-winning platform to help organisations make their supply chains more secure and resilient. This is the story about why we started the journey.

Risk Ledger Supplier Assessment Framework

The Risk Ledger Supplier Assessment Framework is a comprehensive, standardised, assessment of a supplier's security posture covering a range of security domains.

Winners - Most Innovative SME Cyber 2019

Last week techUK held its inaugural techUK Cyber Innovation Den with keynote contributions from the National Cyber Security Centre and the Department for Digital, Culture, Media and Sport. Risk Ledger...

CyberDen - Cyber entrepreneurs compete in front of ‘Dragons’

The CEO of NCSC, Ciaran Martin announces the winner as Risk Ledger. Their founder, Haydn Brooks, is ecstatic over more recognition for his supply chain assurance business that has gone from strength t...

Risk Ledger Co-Founders named on Forbes 30 under 30 Europe list

Co-founders, Daniel Saul and Haydn Brook were named on the Forbes 30 under 30 Europe list of business leaders to watch in 2019.