<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=26304&amp;fmt=gif">

BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Calculating The Cost Of A Data Breach: Factors You Should Keep In Mind

A recent IBM study found that the average cost of a data breach has hit $4 million—up from $3.8 million in 2015. There are countless factors that could affect the cost of a data breach in your organization, and it’s virtually impossible to...

READ MORE »

Forbes Names BitSight as one of the Next Billion-Dollar Startups of 2016

On October 19th, Forbes released its second annual list of soon-to-be billion-dollar startups. BitSight is proud to be part of this years’ list and excited about what the future holds for the company.

READ MORE »

Ransomware's Impact On Government Cybersecurity

In our most recent BitSight Insights report, we discuss the pervasive issue that is ransomware. The report states that education has the highest rate of ransomware across all industries—and government comes in second. 

READ MORE »

What Is Cyber Risk and How Does It Affect Selecting Vendors?

When using dozens, hundreds, even thousands of vendors, how safe is a company’s digital assets? According to a recent Ponemon Institute study, almost half of respondents (49%) said that they had experienced a data breach caused by a vendor...

READ MORE »

DNS Outage Sheds Light on Service Provider Reliance and Cyber Risk Aggregation

Written with the assistance of Dan Dahlberg, Ethan Geil, and Ross Penkala.

Last Friday morning, a distributed denial of service (DDoS) attack was carried out against Dyn, a managed DNS provider that offers Internet services for Twitter,...

READ MORE »

Cybersecurity Audit Vs. Cybersecurity Assessment: Which Do You Need?

Whether you’re a CIO or a CISO that has been asked by the board to facilitate a cybersecurity audit or you’re a member of the board and are planning to request one, it’s extremely important to know what a cybersecurity audit is and what it

READ MORE »

Technology Resiliency & Outsourcing (TRO): Familiarize Yourself

In a recent Huffington Post article, Shared Assessments senior director Tom Garrubba discussed how third-party risk management has become an important topic to many executives and board members around the world. He recalls a conversation...

READ MORE »

13% Of The Higher Education Sector Has Been Infected With Ransomware

Hackers look at ransomware as a quick payday, so they are very opportunistic in terms of their ransomware attack strategy. They cast a wide net, but tend to focus on target industries they think are more likely to click their links.

READ MORE »

Ideas For Incorporating Continuous Risk Assessment Software Into New Vendor Selection

Onboarding third-party vendors that will have access to your network and data can have dire consequences if you don’t have the ability to gauge vendor risk.

READ MORE »

Bolek – An evolving botnet targets Poland and Ukraine

Bolek is a recent malware from the Kbot/Carberp family. We first heard about this malware from the cert.pl blog post in May 2016, and since then, a few others have published additional information about it (links below).

READ MORE »

Takeaways From Yahoo's 500-Million-Account Breach

Last month, email giant Yahoo announced the compromise of 500 million user accounts—which is being called the largest breach from a single site in history. The breach compromised names, email addresses, telephone numbers, dates of birth,...

READ MORE »

Simplifying Vendor Selection Criteria Using Security Ratings

Ponemon Institute’s study, Data Risk in the Third-Party Ecosystem, highlights the challenges that companies face in protecting sensitive and confidential information shared with third parties.

  • Of the respondents surveyed, 37 percent do...
READ MORE »

Debunking Security Rating Myths

Security Ratings are still a relatively new phenomenon. As a result, many security and risk professionals are still familiarizing themselves with how ratings work, the data used to compute ratings, and how ratings are put into action. We...

READ MORE »
Load More

Subscribe to get security news and updates in your inbox.