Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
With economic sanctions being levied by the US against Iran and a trade war heating up with China, some security experts are cautioning that attacks targeting US critical infrastructure may be inevitable. Are electric utilities prepared to defend themselves and their facilities against these attacks?
Discover how executives and investors are aligning to fortify resilience in the face of evolving cyber threats.
Implementing a cybersecurity incident response plan can help you effectively address a cyber event, reduce disruptions to business, and ensure compliance.
While security ratings are a great way to demonstrate that you’re paying attention to the cyber health of the organization you also need to show that you’re adhering to industry and regulatory best practices for IT security and making informed decisions for the long-term. A cybersecurity framework can help.
Consider these three best practices for mapping your digital footprint and using these insights to better assess cyber risk and drive continuous improvement in your security program.
To improve cyber resilience, you must first measure it. Learn the 4 metrics to track to gain insights into your cybersecurity posture.
Curated cyber risk reports are essential to ensuring that security performance management information gets communicated effectively to the right stakeholders across your organization. Of course, reporting falls on a long list of ever-evolving responsibilities for security and risk managers.
While many IT, security, and risk professionals have developed good metrics and visuals for communicating internally about cyber risk, such as the safety cross and pareto charts, reporting on cybersecurity to non-technical individuals remains challenging.
A chief information security officer (CISO)'s roles and responsibilities include many hats in the realm of cybersecurity — but they are primarily responsible for translating complex business problems into effective information security controls.
When we talk about cybersecurity events, we often discuss “the three principles of security” — which can be abbreviated as “CIA”:
Your attack surface is expanding everyday. Learn how external attack surface management can help you understand what you’re up against and inform remediation.
Cybersecurity readiness is the ability to identify, prevent, and respond to cyber threats.
What is adaptive security? Explore the benefits of this approach to cyber risk reduction and how your organization can get started.
Open port vulnerabilities can increase cyber risk exposure. Learn what they are and how you can quickly find and fix them.
As cyberattacks against cloud services and infrastructure increase, follow these best practices to improve your cloud security posture management.