Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![risk quantification scale](/sites/default/files/styles/4_3_small/public/2022/11/21/Shutterstock_1135785197.jpg.webp?itok=-qLjy64N)
Cyber risk quantification methods can help you talk about risk in terms of business and financial impacts. Here’s how to find the right method for your organization.
![spend end of year budget](/sites/default/files/styles/4_3_small/public/2022/11/24/end%20of%20year%20budget%20spend.png.webp?itok=WDy219Ds)
Wondering how to leverage your remaining funds? As you decide how to use your end of year budget, ask yourself these questions.
![security risk leader](/sites/default/files/styles/4_3_small/public/2022/10/28/Shutterstock_2079263032.jpg.webp?itok=lomJa7o9)
Learn what really keeps security and risk leaders awake at night, plus solutions they can use to maximize their security resources and better manage an expanding attack surface.
![What Is Sensitive Data & Why You Need To Protect It](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1033113025_1.jpg.webp?itok=MWSw8lrO)
As a security professional navigating the new challenges 2020 is bringing to cybersecurity, it’s critical to understand the ways your organization’s data could be exposed. Sensitive data is critical, safeguarded information. Different information can be considered sensitive depending on the industry, but in general it can be anything your organization, your employees, your customers, or your third parties would expect to be private and protected.Below, we’ve outlined five examples of sensitive data your organization likely handles—and a few key ways to protect it from evolving cyber threats.
![Cybersecurity transparency across your vendor portfolio](/sites/default/files/styles/4_3_small/public/2022/10/14/Cybersecurity%20Transparency%2C%20SIZED.jpg.webp?itok=OkFdmouj)
Learn why cybersecurity transparency matters and how you can achieve it quickly and at scale across your vendor portfolio.
![vrm partner](/sites/default/files/styles/4_3_small/public/2022/09/13/shutterstock_1115081195_0.jpg.webp?itok=ZwNgVpL4)
Bitsight has launched our Vendor Risk Management product to help address the evolving needs of third-party risk managers, powered by our acquisition of ThirdPartyTrust.
![pane of glass](/sites/default/files/styles/4_3_small/public/2022/09/09/shutterstock_1171955884.jpg.webp?itok=Oz5EmQFY)
Improve visibility into third-party risk with a single pane of glass approach to vendor risk management – from onboarding through the life of the relationship.
![supplier due dilligence](/sites/default/files/styles/4_3_small/public/2022/09/02/shutterstock_1995058496.jpg.webp?itok=VcUSR-jp)
Supplier due diligence can protect your organization from third-party risk. Here are best practices for doing it effectively.
![Offboarding, Onboarding, Hiring, Recruit](/sites/default/files/styles/4_3_small/public/2022/08/26/The%20Case%20for%20Offboarding%20sized.jpg.webp?itok=E7A8ObtP)
Few organizations institute a thorough offboarding process for service providers, sometimes resulting in leftover certificates that expire after a time, stale records at the Regional Internet Registries, and other artifacts as organizations beat a retreat from contracts.
![Vendors, Diligence, Continuous monitoring](/sites/default/files/styles/4_3_small/public/2022/08/11/vendor%20due%20diligence%20process%20sized.jpg.webp?itok=bCzmtSzT)
Learn how to combat growing third-party cyber threats with automation and an effective vendor due diligence process.
![Bitsight_rensomware_in_third_party_networks](/sites/default/files/styles/4_3_small/public/2022/07/26/Bitsight_rensomware_in_third_party_networks_600x350_Opt2%20%281%29.png.webp?itok=dbWb-5Lh)
Ransomware can gain access to your network through your third party ecosystem - and it may be more likely than you think. Read our latest blog to learn the three most effective ways to defend against third party ransomware risk.
![What is a botnet, image shows a representation of a botnet](/sites/default/files/styles/4_3_small/public/2022/06/24/What%20is%20a%20Botnet%2C%20SIZED.jpg.webp?itok=iWqqujCC)
What is a botnet? A botnet is a collection of networked devices that are infected by malware and hijacked to carry out scams and data breaches.
![Third-Party Vendor Risk Management for Financial Institutions](/sites/default/files/styles/4_3_small/public/2022/02/18/Third-Party%20Vendor%20Risk%20Management%20for%20Financial%20Institutions.png.webp?itok=9j-pJubH)
According to the 2022 Verizon Data Breach Investigations Report, 62% of system intrusions came through an organization’s partner. Read our blog to learn how to assess your vendors to effectively reduce breach risk.
![cyber risk mitigation](/sites/default/files/styles/4_3_small/public/2021/11/16/cyberrisk%20mitigation.jpg.webp?itok=bH50Ze-R)
The federal government is using every tool possible to deter and disrupt retaliatory cyberattacks against critical national infrastructure. With the Strengthening American Cybersecurity Act, agencies are required to report cybersecurity incidents within a 72 hour period. Learn more.
![Cyber Preparedness](/sites/default/files/styles/4_3_small/public/2022/05/31/Cyber%20Preparedness.jpg.webp?itok=uCewOJx-)
Learn about the four pillars of cyber preparedness and why it’s everyone’s responsibility to get involved.