Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![How to Conduct a Supply Chain Risk Assessment at Scale](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1458256181_1.jpg.webp?itok=dQ0YPTdc)
Vendors and third party partners are essential to helping your business grow and stay competitive. But outsourcing to third parties also dramatically increases your attack surface. A recent independent study by Opinion Matters found that 92% of U.S. organizations have experienced a breach that originated with a vendor.
![Tips for Explaining Technical Things in Simple Terms to Non-Technical Executives](/sites/default/files/styles/4_3_small/public/migration/images/1.22-Technical-Terms-Blog-Thumb_1.png.webp?itok=DwS7V6Nh)
You don’t have to be a CIO to know that a great IT department is crucial to the success of any large organization. With the rise of big data, artificial intelligence, and the Internet of Things, technology promises to become an even more fundamental part of competitive corporate strategies in every industry.
![The top 5 cybersecurity analytics you need to focus on](/sites/default/files/styles/4_3_small/public/2022/11/15/The%20top%205%20cybersecurity%20analytics%20you%20need%20to%20focus%20on%20hero.png.webp?itok=UK-hVLqc)
Marsh McLennan, the world’s largest insurance broker, recently studied whether Bitsight’s cybersecurity performance analytics are useful in understanding the likelihood of experiencing a cybersecurity incident. The findings were significant: Marsh McLennan found 14 Bitsight analytics to be significantly correlated with cybersecurity incidents.
![cyber risk mitigation](/sites/default/files/styles/4_3_small/public/2021/11/16/cyberrisk%20mitigation.jpg.webp?itok=bH50Ze-R)
While the ongoing wave of digital transformation opens exciting opportunities for innovation, it also widens your attack surface.
![5 Best Practices for Conducting Cyber Security Assessments](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_631975841_2.jpg.webp?itok=ty2MaVd6)
Third parties are essential to helping your business grow and stay competitive. But if you’re not careful, your trusted partnerships can introduce unwanted cyber risk and overhead into your organization.
![cloud cyber security](/sites/default/files/styles/4_3_small/public/2021/11/14/shutterstock_1733556281.png.webp?itok=rsFQ2ZTe)
To protect your organization against cyber security risks, it’s important to have a cyber risk management program in place. But does your organization’s program take into consideration its entire attack surface – including the cloud?
![How to Set a Cybersecurity Baseline for Your Vendors – and Hold Them to It](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_568128427.png.webp?itok=fFCFBqId)
Your supply chain is more critical now than ever. Vendors and third parties are essential to helping your organization scale to meet demand, gain access to greater resources, respond to new work models, and remain competitive.
![5 vendor evaluation tools to add to your cyber risk management toolkit](/sites/default/files/styles/4_3_small/public/2021/12/10/5%20vendor%20evaluation%20tools%20to%20add%20to%20your%20cyber%20risk%20management%20toolkit.png.webp?itok=5jgMMpvG)
Five of the most critical vendor evaluation tools that you should have in your cybersecurity risk management toolkit.
![5 Tips to Improve Cyber Security Monitoring of Your Vendors](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_239364013_1.jpg.webp?itok=Kz7cTys7)
What’s the biggest struggle your vendor risk managers face when establishing cyber security monitoring processes? From sudden increases in the use of third-parties by your organization, to not knowing which vendors might be impacted by the current data breach, vendor risk managers are plagued by challenges and roadblocks that impede their program efficiency.
![cybersecurity due dilligence](/sites/default/files/styles/4_3_small/public/2021/11/14/Cybersecurity%20due%20diligence.jpg.webp?itok=30i3UhEx)
If your organization is entering into a relationship with a vendor or partner, vendor due diligence is key to mitigating third-party risk.
![what is malware](/sites/default/files/styles/4_3_small/public/2022/06/13/shutterstock_1326113375.jpg.webp?itok=1HZUZvHB)
Malware can gain entry to your network in many ways. Once malware has penetrated a network, threat actors can use it to steal information, encrypt systems, spy on users, and remove files. Learn how to prevent dangerous malware.
![Independent benchmarking for SEC disclosure strategy](/sites/default/files/styles/4_3_small/public/2023/08/03/Benchmarking%20data%20SEC%2C%20SIZED.jpeg.webp?itok=o0UYIR-0)
New SEC regulations mean that cybersecurity leaders are looking for ways to tell their company's story and looking for the right data to include. Independent cybersecurity benchmarking results are quickly becoming one of the primary data points included in any investor disclosure.
![Following METI’s Attack Surface Guidance](/sites/default/files/styles/4_3_small/public/2023/08/01/METI%20Blog%2C%20SIZED.jpeg.webp?itok=V4n3s-rl)
METI recommends ASM as a means to discover, manage internet assets, and continuously monitor for associated exposures and vulnerabilities allowing for remediations.
![4 Tips for Reducing Your Company’s Cyber Exposure](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1363031135_0.png.webp?itok=iN8eQUvX)
If your organization is like many others, its cyber exposure continues to grow over time. During the pandemic, as attackers sought to exploit unprecedented changes in work environments, 35% of cyberattacks used previously unseen malware or methods, up from the norm of 20%. And with the average enterprise using well over 1,000 cloud services, it can be very difficult to get a handle on potential vulnerabilities or to know when risks will pop up.
![Supply chain risk and tools](/sites/default/files/styles/4_3_small/public/2022/02/14/shutterstock_1660696486.jpg.webp?itok=QutLe6Zu)
Make your vendor lifecycle more efficient and less fraught with cyber risk with these three tips for supply chain risk management.