<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=26304&amp;fmt=gif">


Read about the latest cybersecurity news and get advice on vendor risk management, reporting to the board, managing cyber risks, benchmarking security performance, and more.

Breach Reporting & The Need for More Transparency

Fact: due to inconsistent breach regulation and reporting standards, when a breach occurs, consumers and businesses can't assume that they will always be notified.  


Cyber security, risk and privacy hot topics at 2014 World Economic Forum

Once a year, political leaders and business executives gather in Davos, Switzerland to discuss political and economic issues of global importance at the World Economic Forum (WEF).  This meeting occurred last week, and I was pleased to see...


Target Breach Investigation Shows Tangled Web of Third Party Risks

As more and more details surrounding the Target breach continue to unfold, it's becoming evident just how complicated it can be for investigators and journalists to follow the trail of evidence left behind. The latest reports suggest that...


Addressing Third Party Risk Management in PCI DSS 3.0

On January 1, several of the new compliance standards of the Payment Card Industry Data Security Standard v. 3.0 (PCI DSS 3.0) became effective. These standards were issued in order to ensure that businesses are utilizing best practices to...


The Ripple Effect: Impact of Target’s Data Breach is Felt Throughout the Partner Ecosystem

Many of the facts surrounding the Target breach still remain unclear, even as details continue to emerge publicly. We still don’t know what the final tally of breached organizations will be, but the list keeps growing. In addition to who...


Security Success is Found When Continuously Measuring the Right Things, Across Your Ecosystem

Security monitoring and measuring needs to be expanded to trusted third parties; here’s why. 

When it comes to securing sensitive data from attack, there’s certainly no lack of evidence that current tactics are falling short. This is...


Target and Neiman Marcus Are Not Alone: Malware Abounds in the Retail Sector

The past few weeks have been full of news regarding cyber attacks in the retail sector. First Target, and then Neiman Marcus. Now news outlets are reporting that three other well-known retailers may announce breaches that occurred in the...


Risk 101: Using Data to Better Understand Information Security Risk

The answer to the question of how organizations can evaluate information security risk depends on how we first think about risk in cyberspace. Good security risk management is a combination of data, processes, technology, and education....


Target & Neiman Marcus: Security Ratings Uncover Decline in Security Posture of U.S. Retailers in Q4 2013

In light of the recent news of retailers being attacked late last year, we at BitSight looked into our SecurityRatings (an external measure of a company’s security posture) to gain some insight into these attacks. In our November 2013...


Risk Universe Explores Vendor Risk Management with Mike Duffy

With increased emphasis on third party risk management coming down from regulators and executive boards alike, cyber risk in the extended enterprise is shaping up to be a hot topic in 2014.

BitSight board member Mike Duffy recently...


On-Demand Webinar: Managing Information Security Risk in Your Partner Ecosystem

Serious network threats, including botnets, malware and phishing attacks put businesses at risk of costly and damaging data breaches every day. But bolstering internal network security is not enough to ensure the protection of valuable...

Load More

Subscribe to get security news and updates in your inbox.