Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![password security world password day](/sites/default/files/styles/4_3_small/public/2023/05/03/network-security-system-perforated-paper-padlock.jpg.webp?itok=6wfixP92)
Passwords are only as strong as we make them. Explore the findings of our research around password usage and get the top tips on password security.
![Vulnerabilities and Exploits From CISA](/sites/default/files/styles/4_3_small/public/2022/09/12/Vulnerabilities%20and%20Exploits.png.webp?itok=Cm6umxOr)
A quick list of Android vulnerabilities as outlined and catalogued by CISA.
![Vulnerabilities and Exploits From CISA](/sites/default/files/styles/4_3_small/public/2022/09/12/Vulnerabilities%20and%20Exploits.png.webp?itok=Cm6umxOr)
A quick list of Apple vulnerabilities as outlined and catalogued by CISA.
![Are Your Payment Card Vendors Maintaining PCI Security Standards?](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_123621112_1.jpg.webp?itok=YnquhAUp)
The payment card industry (PCI) has long been a Holy Grail target for bad actors for obvious reasons. Visa, Mastercard, and American Express account for the bulk of the consumer financial activity in the United States. Breaching them would be an unimaginable windfall for hackers--and, undoubtedly, an unmitigated disaster for the world’s economy.
![CIDR, ICANN, RIR](/sites/default/files/styles/4_3_small/public/2022/08/03/Internet%20Registry%20Sized.jpg.webp?itok=5i8sVBvt)
The process of removing an association with a CIDR range can be time consuming and frustrating; in light of this, Bitsight has created a program to facilitate and simplify the process.
![cybersecurity scanning](/sites/default/files/styles/4_3_small/public/2021/11/18/cybersecurity%20scanning.jpg.webp?itok=36Ri2W50)
Taking back control of your network in light of hackers’ growing sophistication can be time-consuming. Even well-established organizations with money to spend on solid cybersecurity programs are still falling victim to some of the new sneaky breach attempts, as seen with this year's ransomware attacks.
But as your digital infrastructure expands, understanding where cyber risk lies hidden can be challenging. In this increasingly diverse environment, your security team ends up buried in a sea of data and alerts — and may end up missing something important. They are also hopping between multiple tools and lack a complete picture of your company’s security posture.
Rather than play whack-a-mole with threats, here are three reasons you should focus on attack surface scanning to mitigate risk.
But as your digital infrastructure expands, understanding where cyber risk lies hidden can be challenging. In this increasingly diverse environment, your security team ends up buried in a sea of data and alerts — and may end up missing something important. They are also hopping between multiple tools and lack a complete picture of your company’s security posture.
Rather than play whack-a-mole with threats, here are three reasons you should focus on attack surface scanning to mitigate risk.
![benefits of successful vrm](/sites/default/files/styles/4_3_small/public/2022/12/13/benefits%20of%20successful%20vrm.jpg.webp?itok=PnELNEL3)
Traditional vendor risk management methods fail to capture new and evolving risks. Learn how a better approach to VRM can benefit your organization.
![Bitsight is a proud participant in the Microsoft Security Copilot Partner Private Preview](/sites/default/files/styles/4_3_small/public/2023/11/14/Bitsight%20is%20a%20proud%20participant%20in%20the%20Microsoft%20Security%20Copilot%20Partner%20Private%20Preview.jpg.webp?itok=eSvmgpI4)
Bitsight today announced its participation in the Microsoft Security Copilot Partner Private Preview. Bitsight was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft.
![Adaptive security, continuous monitoring the global landscape](/sites/default/files/styles/4_3_small/public/2022/02/18/Adaptive%20Security%2C%20Sized.jpg.webp?itok=qdf5hfaT)
What is adaptive security? Explore the benefits of this approach to cyber risk reduction and how your organization can get started.
![More Security Tools Hinder Response Efforts: Better Planning Pays Off](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_553264531_1.jpg.webp?itok=26a0ITwR)
The global cybersecurity market is currently worth $173 billion and expected to grow to $270 billion by 2026. Yet as organizations invest more in security technology, a new global survey by IBM Security and the Ponemon Institute suggests that security response efforts are “hindered by the use of too many security tools, as well as a lack of specific playbooks for common attack types.” Of those surveyed, 74% of respondents report that their response plans are ad-hoc, applied inconsistently, or that they have no plans at all.
![What Are the Responsibilities of Chief Information Security Officer?](/sites/default/files/styles/4_3_small/public/migration/images/cybersecurity-money-managers-cartoon_1.jpg.webp?itok=5OoS60Pf)
In today’s business environment, companies are often focused on how to best use technology to acquire new customers and improve the customer experience, as these IT applications help generate revenue for the organizations. But every CISO knows the more IT infrastructure connected to a system, the larger the organization’s attack surface is—which translates to more cyber risk.
![CISO Education Requirements: Degrees, Training Courses, and Certifications](/sites/default/files/styles/4_3_small/public/2022/06/08/AdobeStock_232968888_1.jpg.webp?itok=BinrDNl-)
About 25 years ago, the evolution of the overall digital ecosystem necessitated the creation of the first CISO role. Now, 61% of companies have a CISO.
![CISO's Board Report Cyber Security Toolkit](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1031044363_2.jpg.webp?itok=1z2cfhuT)
When it comes to reporting to the board, there are plenty of tools at the CISO’s disposal. Looking at the right metrics and putting them in the right context can help turn your next board meeting into a source of confidence, not stress. Here are some helpful tips to create successful frameworks for your board reports.
![CISOs Tactics To Win Every Budget Battle Blog](/sites/default/files/styles/4_3_small/public/2023/02/09/CISOs-Tactics-To-Win-Every-Budget-Battle-Blog.png.webp?itok=NRMtUT5e)
A recent report from Forrester called CISOs’ Tactics to Win Every Budget Battle suggests that companies turn towards “growing revenue, customer retention, and operating in specific verticals and regions” to gain security budget.
![Person working on a computer that shows Bitsight's Control Insights capability](/sites/default/files/styles/4_3_small/public/2022/01/14/Introducing%20Control%20Insights-sized.png.webp?itok=5Y4dIxCJ)
Security professionals have an ambitious goal to prevent the majority of cyber attacks. Bitsight's Control Insights lets you consistently and reliably measure the effectiveness of security controls.