Insights blog.

Cloud computing is not new to the cyber world; it’s here to stay. Web services are common in our everyday lives and workplaces, with things like Facebook, Salesforce, JIRA, Adobe, and GSuite all falling into the cloud-based category. But who is responsible for breaches in the cloud data, the service provider or the organization using their services?

The term “digital resilience” has gained momentum over the past few years as cybersecurity threats have grown, but what does it really mean? And how can a company become digitally resilient?

Bitsight & Diligent launch extension partnership focused on correlated, independent, & comparable cyber ratings within Diligent’s Board Reporting for IT Risk.

Security performance management (SPM) helps security and risk leaders take a risk-based, outcome-driven approach to assessing and managing the performance of their organization’s cybersecurity program. With SPM, security leaders can continuously monitor and assess their organization’s current security state, analyze how security performance ranks against industry and peers, and create improvement plans that reduce cyber risk. 

Read Bitsight breach research by looking at the evolution of reported incidents over the past years to identify trends and global patterns.

If your organization is entering into a relationship with a vendor or partner, vendor due diligence is key to mitigating third-party risk.

Network segmentation — the act of dividing a network into multiple smaller, isolated networks that are not visible from the outside — has long been used to reduce cyber risk. At its core, segmentation assumes a “zero trust” approach to protecting digital environments and minimizes access to digital assets for those who don’t need it, while enabling access for those who do. Should a breach occur, that threat is contained in the segmented network so it doesn’t propagate to other assets.

Cybersecurity intelligence is a powerful weapon against risk. Learn how you can improve your cyber data collection, analysis, and sharing to mitigate emerging threats.

As the attack surface expands, vulnerability management offers a strategic approach to manage exposure and remediate on time. Here's what you need to know.

If your organization is like many others, its cyber exposure continues to grow over time. During the pandemic, as attackers sought to exploit unprecedented changes in work environments, 35% of cyberattacks used previously unseen malware or methods, up from the norm of 20%. And with the average enterprise using well over 1,000 cloud services, it can be very difficult to get a handle on potential vulnerabilities or to know when risks will pop up.

For obvious reasons, the financial services industry has had the unfortunate distinction of being one of the largest high value targets for threat actors. Research shows that financial services businesses experience 300 more cyber attacks than organizations in other industries. Many of those attacks come through third-party suppliers whose networks may not be as secure as the organizations they work with.

What is a cybersecurity risk taxonomy and how can you use it to guide your organization’s security program and investments?

Verizon’s much anticipated 2023 Data Breach Investigations Report (DBIR) is out and we have the missing pieces you need to convert its findings into action.

Discover the performance areas policymakers should begin measuring, why these are important and how they should collect the data.

From sensors on the factory floor to those that guide autonomous vehicles, the Internet of Things (IoT) is transforming how we live and work. Over the coming years, IoT will continue to change our world, with the number of connected devices expected to grow from 13.8 billion units in 2021 to 30.9 billion by 2025.