Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Bitsight and Google collaborate to reveal global cybersecurity performance
Bitsight and Google collaborate to reveal global cybersecurity performance
This joint study between Bitsight and Google arms organizations with actionable insights, providing the current status of global cybersecurity performance by analyzing nearly 100,000 global organizations across 16 cybersecurity controls and nine industries amid heightened stakeholder demands on cybersecurity strategy.
On July 26, 2023, the SEC voted to adopt new cybersecurity requirements for publicly traded companies, creating new obligations for reporting “material” cybersecurity incidents and requiring more detailed disclosure of cybersecurity risk management, expertise, and governance.
The financial services sector is one of the highest performing in terms of cybersecurity. One factor that contributes to this performance is regulation.
CVE-2023-35036 & CVE-2023-35708 — were identified on June 9th and June 15th in the latest series of high-profile software supply chain vulnerabilities.
Not all cybersecurity analytics are useful. Some are built on data and methodology that is scientifically shown to be correlated with risks and incidents.
Bitsight & Diligent launch extension partnership focused on correlated, independent, & comparable cyber ratings within Diligent’s Board Reporting for IT Risk.
Here are four best practices for maintaining cyber vigilance as your attack surface expands—to the cloud, across remote locations, and your supply chain.
What is exposure management? Learn how you can assess your organization’s cyber risk exposure and get ahead of cyber risk.
As cyber security threats proliferate, cyber risk conversations are no longer limited to the Security Operations Center (SOC); they command the attention of the C-suite and the boardroom.
Utilizing a continuous cyber security monitoring strategy for cybersecurity can give your security team higher visibility into your threat landscape. To get the most value when investing in continuous security monitoring you first need to understand how data can be compromised. The three main ways are:
Cyber insurers regularly get requests for new business and increased limits. Insurers need to measure an applicant's cyber hygiene with cyber metrics that are categorically proven to stand out.
Cyber risk exposure is the sum of the vulnerabilities and risks associated with your organization’s digital footprint. Here’s how to understand and manage it.
If you operate in specific sectors, cybersecurity maturity is more than a best practice, it’s a regulatory requirement. These regulations are complex and constantly changing. To help you better understand your organization's regulatory environment and the standards and controls they stipulate, let's break down key cyber compliance regulations by industry.
As economic pressures increase, CISOs are working more strategically with their resources and looking at the ROI of their technology investments to get the most out of their solutions. CISOs need to pay attention to three key areas when choosing which solutions to continue investing in, or how to work differently with what they have.
As digital transformation picks up pace, companies are working with more vendors than ever. According to Gartner, 60% of organizations now work with more than 1,000 third-party vendors — including partners, sub-contractors, and suppliers.
How do cyber insurers determine which organizations are going to be a risk worth taking? It’s more important than ever to continue underwriting good and opportunistic risks, while not overcorrecting for the high loss ratios the industry is seeing. Insureds need to answer two questions: what is good cyber hygiene and how do you measure it?