Insights blog.

Investors are worried about cybersecurity—and for good reason. Yet despite growing concerns and the criticality of the issue, the dialogue between companies and investors need significant improvement. Here's why.

Atlassian Confluence has been impacted by vulnerability CVE-2022-26134 allowing for ransomware deployment, data theft, & more. See Bitsight's findings & analysis.

In November 2021, a new version of the Emotet botnet emerged. How did this happen? What is the botnet doing today? And how can organizations avoid becoming victims? Get the answers and more.

The latest report from Gartner® outlines several key areas that leaders need to pay close attention to if they want to create more resilient, trusted programs.

The UK Cyber Resilience 2022 strategy is a remarkable blueprint for any organization looking to improve cyber resilience. What lessons can be learned?

Bitsight has been collecting FluBot infection telemetry data since March 2021. In total, we have identified 1.3 million IPs used by infected Android devices. Of them, over half (61%) are in Germany and Spain. Additionally, we are tracking an increase in IPs over time, which likely indicates an increase in infected devices.

Rapidly evolving risk and the digitization of banking is creating new threats. Here are three cybersecurity in banking trends to watch this year.

As internet use continues moving toward a mobile-centric experience, it has become essential to consider mobile applications when crafting a security strategy. Bitsight’s latest research demonstrates exactly why. We are excited to announce that Bitsight Insights: Mobile Application Risk Report is available now.

Cybersecurity is a priority for any organization and a big-ticket budget line item. But before investments in security are made, your organization must understand what it is doing right and where improvements to your cybersecurity program are needed.

Typically, this involves conducting a periodic security audit. But these assessments only capture a point-in-time view of the effectiveness of your security controls – and are incredibly resource-intensive.

To serve your customers and realize efficiencies, your organization may work with dozens if not hundreds of third parties including partners, vendors, cloud service providers, and subcontractors.

Cybersecurity is one of the biggest threats to global commerce in the 21st century.

With the average cost of a data breach in the U.S. reaching nearly $8.6 million, your organization can’t afford to ignore cybersecurity risk. Indeed, the need for security risk management is greater than ever. When cyber risk is managed more effectively, you can focus on innovation and driving business growth.

With cyberattacks on the rise, security investments are more important than ever. Still, the pandemic has forced many organizations to reconsider how they allocate their IT dollars. Between the new work-from-home paradigm and the increasingly global nature of many modern workplaces, CIOs have had to accelerate investments in cloud solutions and remote technology.

In light of recent significant attacks targeting the U.S. government, the Biden administration issued an Executive Order (EO) on cybersecurity on May 8, 2021.

Overall, the EO starts to fill in some critical gaps in US government cybersecurity capabilities. The EO is designed primarily to protect Federal infrastructure, but will also have significant impact on private sector service providers (e.g. software providers) who will now be required to meet new security requirements in order to do business with the U.S. government.

The unfolding Hafnium attack is the latest event in the trend of cyber events. CISO’s are starting to recognize that enterprise cyber security is being redefined to mean me and all my suppliers, or  the combination of first and third party cyber risk is enterprise risk. NotPetya demonstrated that breaching a small accounting firm could cost a firm like Merck over $1B in damage.