Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![KEV cutting room floor hero](/sites/default/files/styles/4_3_small/public/2024/07/12/KEV-cutting-room-floor-hero.png.webp?itok=cfJBjp-Z)
Curious about software vulnerabilities and their fixes? Check out my latest blog on KEV exposures and common weaknesses for surprising insights!
![Empty piggy bank to show cut budgets](/sites/default/files/styles/4_3_small/public/2023/06/30/Budget%20Scrutiny%2C%20SIZED.jpeg.webp?itok=p1fmoKSA)
Economic pressures push CISOs to justify resources and consolidate tech for data, operational, and cost efficiency. Bitsight aids with comprehensive risk data and solutions.
![The Impact of the Kaspersky Ban](/sites/default/files/styles/4_3_small/public/2024/07/08/The%20Impact%20of%20the%20Kaspersky%20Ban%20hero.png.webp?itok=s-Xf1UdO)
How will the prohibition of Kaspersky Lab, Inc. impact global users? Read our analysis of the prevalence of Kaspersky products used by organizations around the globe.
![NIS2 Requirements- Get a Handle on Critical Supplier Assessments](/sites/default/files/styles/4_3_small/public/2024/07/02/NIS2%20Requirements-%20Get%20a%20Handle%20on%20Critical%20Supplier%20Assessments.png.webp?itok=EEzpHRu6)
How do you determine who is a 'critical supplier'? Delve into practical strategies to identify crucial partners and ensure compliance with NIS2 requirements.
![Painted image of a poppy](/sites/default/files/styles/4_3_small/public/2024/06/18/Evaluating%20dependence%20on%20NVD_0.png.webp?itok=EYCAVUyl)
Learn about what the latest reduction in capacity in the NVD means for the state of vulnerabilities.
![Blog CloudSync Azure GCP Launch hero](/sites/default/files/styles/4_3_small/public/2024/06/17/Blog%20CloudSync%20Azure%20GCP%20Launch%20v2.png.webp?itok=-7dO794P)
As more IT resources shift to cloud service providers, it becomes increasingly complex to get a full digital footprint picture. See how Bitsight helps.
![Latrodectus hero 2](/sites/default/files/styles/4_3_small/public/2024/06/18/Latrodectus-hero-2.png.webp?itok=xpSzsyE2)
This article provides a technical analysis of Latrodectus, offering insights into its campaigns and victims up until Operation Endgame.
![A Vendor Risk Management Questionnaire Template](/sites/default/files/styles/4_3_small/public/migration/images/AdobeStock_79440695_1.jpeg.webp?itok=rvbYWLaf)
Digital relationships with third-party vendors increase opportunities for growth, but they also increase opportunities for cyberattacks — a recent study found that 61% of U.S. companies said they have experienced a data breach caused by one of their vendors or third parties (up 12% since 2016).
![Navigating NIS2 Requirements- Transforming Supply Chain Security](/sites/default/files/styles/4_3_small/public/2024/06/05/Navigating%20NIS2%20Requirements-%20Transforming%20Supply%20Chain%20Security.png.webp?itok=ajiDJ62o)
The NIS2 Directive recognizes this and has placed a significant emphasis on supply chain security. But what does this mean for your organization? Let’s break it down.
![7 Types of exposures to manage beyond CVEs hero](/sites/default/files/styles/4_3_small/public/2024/06/04/7%20Types%20of%20exposures%20to%20manage%20beyond%20CVEs%20hero.png.webp?itok=_EINAV82)
The following are seven types of exposures that security teams should seek to manage beyond CVEs.
![A Quantitative Look at KEV Prevalence Across Europe](/sites/default/files/styles/4_3_small/public/2024/05/30/A%20Quantitative%20Look%20at%20KEV%20Prevalence%20Across%20Europe.png.webp?itok=GCetQHgG)
Discover key differences in KEV prevalence across Europe and how they impact cybersecurity strategies in this detailed blog.
![Ivanti EPM Cloud Services Appliance - Taking advantage of a backdoor to detect a vulnerability hero](/sites/default/files/styles/4_3_small/public/2024/05/22/Ivanti%20EPM%20Cloud%20Services%20Appliance%20-%20Taking%20advantage%20of%20a%20backdoor%20to%20detect%20a%20vulnerability%20hero.jpeg.webp?itok=YbNKZw7d)
This blog post details how `CVE-2021-44529` was researched as well as the current method being used to detect it.
![Person reviewing proxy reports](/sites/default/files/styles/4_3_small/public/2023/06/01/Proxy%2C%20SIZED.jpg.webp?itok=j-cjxUtj)
It's proxy season, and investors want information from companies about cyber risk. Investors are leveraging Bitsight’s data analytics to better understand the risks of their investments.
![Integrating your TPRM Stack for Seamless Vendor Lifecycle Management](/sites/default/files/styles/4_3_small/public/2024/03/07/Integrating%20your%20TPRM%20Stack%20for%20Seamless%20Vendor%20Lifecycle%20Management.jpg.webp?itok=io6e_kXK)
Cybersecurity teams face mounting pressure to optimize resources and secure complex digital supply chains. Discover a new, integrated solution to automate vendor risk assessments and leverage comprehensive cyber risk data for streamlined TPRM.