Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
Amid a rise in regulatory pressure for cybersecurity leaders in Europe, with DORA and NIS2 as the most recent examples, cyber risk analytics emerge as an instrumental tool in ensuring compliance. Here's why.
A strong, collaborative, and informed relationship between the Chief Information Security Officer (CISO) and the Board of Directors is essential for maintaining a robust cybersecurity program.
As cyber threats evolve and business models change, maintaining a mature cybersecurity program can be challenging. You need to be confident that your organization’s current security tools and techniques are effective.
As regulations shift and providers enter new markets, the telecom industry is changing rapidly. In preparation for these changes, telecom risk management professionals must become aware of new risks on the horizon. Privacy and net neutrality laws, new kinds of cyber threats, reputational dangers, and other factors are all poised to affect telecom companies deeply in 2019.
In 2023, the SEC adopted new cybersecurity disclosure requirements. Learn how shareholders can leverage cybersecurity information for investment decisions and more.
Government agencies in the United States are yet again suffering from a widespread data hack, this time originating from Microsoft Exchange servers. This breach comes less than five months after the SolarWinds breach exposed vulnerabilities across dozens of industries, including government agencies. How is the government pivoting to protect their network from these increasingly widespread attacks?
The Australian Prudential Regulation Authority (APRA) has introduced CPS 234. Learn about the regulation and how cybersecurity is now at the forefront.
We delve into the purpose of these EU regulations, the challenges they present, the timeframe for adoption, and the keys to comply.
The SEC’s New Cybersecurity Regulations: Understanding the Impact for Companies & Their Shareholders
In Part 1 of this multi-part series, we describe the new SEC cybersecurity regulations and assess potential impact on both shareholders and companies.
Companies will be required to disclose risks in their annual reports beginning on 12/15/2023. For many CISOs, they may have some real questions. Here's where to start.
New SEC regulations mean that cybersecurity leaders are looking for ways to tell their company's story and looking for the right data to include. Independent cybersecurity benchmarking results are quickly becoming one of the primary data points included in any investor disclosure.
METI recommends ASM as a means to discover, manage internet assets, and continuously monitor for associated exposures and vulnerabilities allowing for remediations.
On July 26, 2023, the SEC voted to adopt new cybersecurity requirements for publicly traded companies, creating new obligations for reporting “material” cybersecurity incidents and requiring more detailed disclosure of cybersecurity risk management, expertise, and governance.
Discover the performance areas policymakers should begin measuring, why these are important and how they should collect the data.
What is a SOC 2 report and why is it essential in due diligence and vendor risk management programs? Here's what you need to know.