Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![Empty piggy bank to show cut budgets](/sites/default/files/styles/4_3_small/public/2023/06/30/Budget%20Scrutiny%2C%20SIZED.jpeg.webp?itok=p1fmoKSA)
Economic pressures push CISOs to justify resources and consolidate tech for data, operational, and cost efficiency. Bitsight aids with comprehensive risk data and solutions.
![Blog CloudSync Azure GCP Launch hero](/sites/default/files/styles/4_3_small/public/2024/06/17/Blog%20CloudSync%20Azure%20GCP%20Launch%20v2.png.webp?itok=-7dO794P)
As more IT resources shift to cloud service providers, it becomes increasingly complex to get a full digital footprint picture. See how Bitsight helps.
![The Race to Secure Operational Technologies is On](/sites/default/files/styles/4_3_small/public/2024/05/21/The%20Race%20to%20Secure%20Operational%20Technologies%20is%20On.jpg.webp?itok=emcvwIRC)
Attacks targeting operational technology & industrial control systems are rising while many cut security budgets. Comprehensive strategies and monitoring are essential now more than ever.
![Analyzing Utilities Sector Cybersecurity Performance](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-High-voltage-Power-Lines-Ele-283705351_1.jpg.webp?itok=GT8Rcaqe)
With economic sanctions being levied by the US against Iran and a trade war heating up with China, some security experts are cautioning that attacks targeting US critical infrastructure may be inevitable. Are electric utilities prepared to defend themselves and their facilities against these attacks?
![Navigating Cybersecurity Risk Management- Aligning Stakeholder Expectations in Response to Regulations](/sites/default/files/styles/4_3_small/public/2024/04/04/Navigating%20Cybersecurity%20Risk%20Management-%20Aligning%20Stakeholder%20Expectations%20in%20Response%20to%20Regulations.jpg.webp?itok=PpUS2fDb)
Discover how executives and investors are aligning to fortify resilience in the face of evolving cyber threats.
![What is an Incident Response Plan?](/sites/default/files/styles/4_3_small/public/2023/10/17/5%20Steps%20to%20Creating%20an%20Incident%20Response%20Plan.jpg.webp?itok=x1eATd2Q)
Implementing a cybersecurity incident response plan can help you effectively address a cyber event, reduce disruptions to business, and ensure compliance.
![Key Risk Indicators (KRIs) Examples](/sites/default/files/styles/4_3_small/public/2023/07/10/Key%20Risk%20Indicators%20Blog.jpg.webp?itok=g42q0uXe)
Key risk indicators (KRIs) can help monitor and control cyber risk. But what KRIs should you focus on?
![Cybersecurity Frameworks to Reduce Cyber Risk](/sites/default/files/styles/4_3_small/public/migration/images/7%2520Cybersecurity%2520Frameworks%2520To%2520Reduce%2520Cyber%2520Risk_Banner_1.jpg.webp?itok=dWoU66xM)
While security ratings are a great way to demonstrate that you’re paying attention to the cyber health of the organization you also need to show that you’re adhering to industry and regulatory best practices for IT security and making informed decisions for the long-term. A cybersecurity framework can help.
![Mapping digital footprint](/sites/default/files/styles/4_3_small/public/2022/01/31/Map%20Digital%20Footprint%2C%20Sized.jpg.webp?itok=odikNyvb)
Consider these three best practices for mapping your digital footprint and using these insights to better assess cyber risk and drive continuous improvement in your security program.
![Cyber Resilience Metrics](/sites/default/files/styles/4_3_small/public/2022/05/24/Cyber%20Resilience%20Metrics.jpg.webp?itok=kbz4TaC8)
To improve cyber resilience, you must first measure it. Learn the 4 metrics to track to gain insights into your cybersecurity posture.
![5 Core Elements of a Risk-Based Cybersecurity Dashboard](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1100046194_1.jpg.webp?itok=d-jND-8O)
Curated cyber risk reports are essential to ensuring that security performance management information gets communicated effectively to the right stakeholders across your organization. Of course, reporting falls on a long list of ever-evolving responsibilities for security and risk managers.
![Weekly Security Risk Management News Round-Up - 9/16/13](/sites/default/files/styles/4_3_small/public/migration/images/6-cybersecurity-kpis-examples-for-your-next-report_4.jpeg.webp?itok=upEyW9VB)
While many IT, security, and risk professionals have developed good metrics and visuals for communicating internally about cyber risk, such as the safety cross and pareto charts, reporting on cybersecurity to non-technical individuals remains challenging.
![3 Critical CISO Roles and Responsibilities](/sites/default/files/styles/4_3_small/public/migration/images/Thumb_-_3_Critical_CISO_Roles_And_Responsibilities_1.jpg.webp?itok=iTpv-8fM)
A chief information security officer (CISO)'s roles and responsibilities include many hats in the realm of cybersecurity — but they are primarily responsible for translating complex business problems into effective information security controls.
![3 Attack Vectors That Lead to Cybersecurity Breaches](/sites/default/files/styles/4_3_small/public/migration/images/3_Attack_Vectors_That_Lead_To_Cybersecurity_Breaches_-_thumb_1.jpg.webp?itok=MvnqRL5T)
When we talk about cybersecurity events, we often discuss “the three principles of security” — which can be abbreviated as “CIA”:
![quantitative risk](/sites/default/files/styles/4_3_small/public/2022/11/11/shutterstock_758356729.jpg.webp?itok=LaIFQMW_)
Quantitative risk assessments in cybersecurity draw on data and analytics to help you understand the probability of risk and inform strategic management decisions.