Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![4 Tips for Reducing Your Company’s Cyber Exposure](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1363031135_0.png.webp?itok=iN8eQUvX)
If your organization is like many others, its cyber exposure continues to grow over time. During the pandemic, as attackers sought to exploit unprecedented changes in work environments, 35% of cyberattacks used previously unseen malware or methods, up from the norm of 20%. And with the average enterprise using well over 1,000 cloud services, it can be very difficult to get a handle on potential vulnerabilities or to know when risks will pop up.
![What the Gramm-Leach-Bliley Act Means for Financial Services Cybersecurity](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_751455550_1.jpg.webp?itok=xI-yPwH_)
For obvious reasons, the financial services industry has had the unfortunate distinction of being one of the largest high value targets for threat actors. Research shows that financial services businesses experience 300 more cyber attacks than organizations in other industries. Many of those attacks come through third-party suppliers whose networks may not be as secure as the organizations they work with.
![Cybersecurity risk taxonomy, image of four cybsersecurity professionals, two individuals on cell phones](/sites/default/files/styles/4_3_small/public/2021/12/20/Cybersecurity%20Risk%20Taxonomy%20Sized_0.jpg.webp?itok=4o1QaFz3)
What is a cybersecurity risk taxonomy and how can you use it to guide your organization’s security program and investments?
![Verizon 2023 DBIR-Bitsight perspective](/sites/default/files/styles/4_3_small/public/2023/06/16/Verizon%202023%20DBIR-Bitsight%20perspective.jpg.webp?itok=53twQjG0)
Verizon’s much anticipated 2023 Data Breach Investigations Report (DBIR) is out and we have the missing pieces you need to convert its findings into action.
![How Policymakers Can Measure Critical Infrastructure Sector Cybersecurity Performance blog image](/sites/default/files/styles/4_3_small/public/2022/09/26/How-Policymakers-Can-Measure-Critical-Infrastructure-Sector-Cybersecurity-Performance-blog.jpg.webp?itok=oBHiTS5H)
Discover the performance areas policymakers should begin measuring, why these are important and how they should collect the data.
![cybersecurity baseline](/sites/default/files/styles/4_3_small/public/2023/06/05/cybersecurity%20baseline.jpeg.webp?itok=ZD1qDb6M)
Let’s look at how you can establish a cybersecurity baseline that works for your unique risks, industry, and business.
![IoT Cybersecurity: How Your Organization Can Tame the Wild West](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1462012349_0.png.webp?itok=cnzO3Eiz)
From sensors on the factory floor to those that guide autonomous vehicles, the Internet of Things (IoT) is transforming how we live and work. Over the coming years, IoT will continue to change our world, with the number of connected devices expected to grow from 13.8 billion units in 2021 to 30.9 billion by 2025.
![IT Security Manager Responsibilities: Oversight, Reporting, Personnel Management](/sites/default/files/styles/4_3_small/public/migration/images/IT_Security_Manager_Responsibilities_1.jpeg.webp?itok=e1RMqFiD)
The role of IT security manager, information security manager, or cybersecurity manager will vary depending on a number of factors — industry, business size, network sophistication, and so on. However, a person in this role can expect to be held to some or all of the following information security manager responsibilities:
![resilience framework](/sites/default/files/styles/4_3_small/public/2022/03/08/shutterstock_1997301182.jpg.webp?itok=8tI09jTU)
What is a cyber resilience framework? Learn how your organization can better prepare for, respond to, and recover from a cyber attack.
![what is zero trust](/sites/default/files/styles/4_3_small/public/2023/04/27/what%20is%20zero%20trust.jpg.webp?itok=hUIK6yl0)
Learn the basic principles of Zero Trust and how to apply them to your third-party risk management program to create more secure remote access connections.
![Vulnerability alert](/sites/default/files/styles/4_3_small/public/2023/04/26/Vulnerability%20alert-min.jpg.webp?itok=PREnq-Uj)
Researchers from Bitsight and Curesec have jointly discovered a high-severity vulnerability — tracked as CVE-2023-29552 — in the Service Location Protocol (SLP).
![mobile application protection](/sites/default/files/styles/4_3_small/public/2023/04/05/mobile%20application%20protection.jpg.webp?itok=E9D5NMqW)
What risks do mobile apps present to your business and how can you get ahead of these threats?
![What are Cyber Security False Positives & How To Prevent Them](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1840324507_0.png.webp?itok=O12SHPDH)
Imagine you've alerted your IT team to a critical infrastructure error plaguing your network. You ask them to drop their current work and focus on immediate remediation of this detected vulnerability. After further investigation, however, it is found to be a false positive.
![Practical advice to secure your expanding attack surface](/sites/default/files/styles/4_3_small/public/2023/03/21/Practical%20advice%20to%20secure%20your%20expanding%20attack%20surface.png.webp?itok=orBunXpe)
Bitsight published research identifying exposed webcams. In light of that, Orgs must develop an understanding of how to handle the expanding attack surface.
![Silicon Valley Bank Crisis - How Security and Financial Leaders Can Collaborate to Protect their Organizations](/sites/default/files/styles/4_3_small/public/2023/03/15/Silicon%20Valley%20Bank%20Crisis%20-%20How%20Security%20and%20Financial%20Leaders%20Can%20Collaborate%20to%20Protect%20their%20Organizations.png.webp?itok=1yHqkd3u)
How financial and security leaders can work together to protect their organizations in the wake of the recent crisis affecting Silicon Valley Bank (SVB).