BitSight Security Ratings Blog

The latest security ratings happenings and advice to keep
your company’s security posture strong.


Over the last 5-10 years, we’ve seen a major uptick in the number of regulations across all sectors regarding cybersecurity. The following is a brief look at how cybersecurity regulations have been implemented across seven sectors and...

Read More

There have been a number of large healthcare breaches in recent years. In fact, the Washington Post called 2015 the “year of the health-care attack.” This chart, accessed from Modern Healthcare, represents 11 of the largest healthcare...

Read More

Do Investors Care About Cybersecurity?

Jake Olcott | May 25, 2016

Given the financial, reputational, and legal harm that can arise from cyber breaches, corporate shareholders and investors are increasingly concerned about the cybersecurity of the companies in their investment portfolio. How will...

Read More

Why You Need A Vendor Management Policy

Jake Olcott | March 3, 2016

A vendor management policy is put in place so an organization can tier their vendors based on risk. A policy like this identifies which vendors put the organization most at risk and then expresses which controls the company will implement...

Read More

TaxSlayer Breach: Dissecting The Latest Cyberhack

Jake Olcott | February 25, 2016

Cyberhacks in the online tax software service and software realm have been extremely prevalent in the last year. In August of 2015, the Internal Revenue Service (IRS) revealed that hackers had gained access to sensitive information about...

Read More

COBIT and ITIL are information technology management and IT governance frameworks, and both are popular around the world. They were created to provide management and guidance for IT services in businesses of all sizes.

Read More

Are you familiar with the National Institute of Standards and Technology’s “Framework for Improving Critical Infrastructure Cybersecurity”? It’s often referred to as the “NIST risk management framework.” The interesting thing about the...

Read More

Vendor risk management (VRM) is the practice of evaluating business partners, associates, or third-party vendors both before a business relationship is established and during the duration of your business contract. This is an important...

Read More

New SEC Exams Emphasize Vendor Risk Management

Jake Olcott | September 24, 2015

Last week, the SEC issued a Risk Alert, announcing that they will continue to assess cybersecurity risk and preparedness among brokers/dealers, investment advisors, and other financial institutions. The release details several focus areas...

Read More


We’d love to show you how you can simplify your risk management and take charge of your cyber security with these intuitive and powerful solutions.

Request Demo