Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
What is a backdoor attack and how can you protect your organization from becoming a victim? Let’s explore this stealthy threat.
On July 26, 2023, the SEC voted to adopt new cybersecurity requirements for publicly traded companies, creating new obligations for reporting “material” cybersecurity incidents and requiring more detailed disclosure of cybersecurity risk management, expertise, and governance.
The financial services sector is one of the highest performing in terms of cybersecurity. One factor that contributes to this performance is regulation.
CVE-2023-35036 & CVE-2023-35708 — were identified on June 9th and June 15th in the latest series of high-profile software supply chain vulnerabilities.
Not all cybersecurity analytics are useful. Some are built on data and methodology that is scientifically shown to be correlated with risks and incidents.
Bitsight & Diligent launch extension partnership focused on correlated, independent, & comparable cyber ratings within Diligent’s Board Reporting for IT Risk.
Here are four best practices for maintaining cyber vigilance as your attack surface expands—to the cloud, across remote locations, and your supply chain.
What is exposure management? Learn how you can assess your organization’s cyber risk exposure and get ahead of cyber risk.
As cyber security threats proliferate, cyber risk conversations are no longer limited to the Security Operations Center (SOC); they command the attention of the C-suite and the boardroom.
Utilizing a continuous cyber security monitoring strategy for cybersecurity can give your security team higher visibility into your threat landscape. To get the most value when investing in continuous security monitoring you first need to understand how data can be compromised. The three main ways are:
Cyber insurers regularly get requests for new business and increased limits. Insurers need to measure an applicant's cyber hygiene with cyber metrics that are categorically proven to stand out.
Cyber risk exposure is the sum of the vulnerabilities and risks associated with your organization’s digital footprint. Here’s how to understand and manage it.
If you operate in specific sectors, cybersecurity maturity is more than a best practice, it’s a regulatory requirement. These regulations are complex and constantly changing. To help you better understand your organization's regulatory environment and the standards and controls they stipulate, let's break down key cyber compliance regulations by industry.
As economic pressures increase, CISOs are working more strategically with their resources and looking at the ROI of their technology investments to get the most out of their solutions. CISOs need to pay attention to three key areas when choosing which solutions to continue investing in, or how to work differently with what they have.
As digital transformation picks up pace, companies are working with more vendors than ever. According to Gartner, 60% of organizations now work with more than 1,000 third-party vendors — including partners, sub-contractors, and suppliers.