Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![BitSight Ratings Tree, person working on laptop utilizing the ratings tree](/sites/default/files/styles/4_3_small/public/2022/06/09/Reflect%20your%20Security%20Posture%20-%20Ratings%20Tree%20Blog.jpg.webp?itok=kTCkFv27)
The Bitsight Ratings Tree gives you insight into the different portions of your business to identify gaps and weaknesses in your program performance.
![external attack surface management - bitsight](/sites/default/files/styles/4_3_small/public/2023/08/21/Attack%20surface%20-%20%20bitsight.jpeg.webp?itok=Cf5lazLD)
Your attack surface is expanding everyday. Learn how external attack surface management can help you understand what you’re up against and inform remediation.
![Report to the Board Effectively With Financial Quantification](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1578659503.jpg.webp?itok=i7DnWPwh)
As the digital transformation of enterprises continues to accelerate, cyber risk remains a top concern for business leaders. But cyber risk is often thought about in technical terms as opposed to business terms — making it more important than ever for security leaders to educate their board and other non-technical stakeholders on what cyber risk really means to their organization.
![Cybersecurity Readiness: What Is It and How Do You Evaluate Yours?](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1746007235.png.webp?itok=fWewG2no)
Cybersecurity readiness is the ability to identify, prevent, and respond to cyber threats.
![Shadow IT: Your Urgent Questions Answered](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_294978146_1.jpg.webp?itok=iH8hy9Yy)
Your IT department spends a great deal of time distributing security information and maintaining your organization’s internal security processes. Unfortunately, a persistent threat, deemed shadow IT, is still making its way into your organization’s network.
![Adaptive security, continuous monitoring the global landscape](/sites/default/files/styles/4_3_small/public/2022/02/18/Adaptive%20Security%2C%20Sized.jpg.webp?itok=qdf5hfaT)
What is adaptive security? Explore the benefits of this approach to cyber risk reduction and how your organization can get started.
![critical security controls](/sites/default/files/styles/4_3_small/public/2021/11/14/shutterstock_1760911889.jpg.webp?itok=Sb5eM3Ws)
As cyber threats evolve and business models change, maintaining a mature cybersecurity program can be challenging. You need to be confident that your organization’s current security tools and techniques are effective.
![Person working on a computer that shows Bitsight's Control Insights capability](/sites/default/files/styles/4_3_small/public/2022/01/14/Introducing%20Control%20Insights-sized.png.webp?itok=5Y4dIxCJ)
Security professionals have an ambitious goal to prevent the majority of cyber attacks. Bitsight's Control Insights lets you consistently and reliably measure the effectiveness of security controls.
![Building Trust in the Digital Era -The Importance of Effective Cybersecurity and Exposure Management](/sites/default/files/styles/4_3_small/public/2023/03/22/Building%20Trust%20in%20the%20Digital%20Era-The%20Importance%20of%20Effective%20Cybersecurity%20and%20Exposure%20Management.jpg.webp?itok=NUyOwQNa)
How cybersecurity leaders can manage an expanding attack surface, increasing vulnerabilities, and growing demands from stakeholders.
![Threat Detection: What it is and How to Do it Effectively](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1304697985.jpg.webp?itok=FIjP6GzK)
We all know threat detection is important, but what exactly is it, and why is it so hard to do effectively? In light of recent cyber attacks on U.S. infrastructure and the ongoing threat from the group behind the SolarWinds breach, these questions loom large.
![Cyber Resilience vs. Cybersecurity: A Quick Comparison of Terms](/sites/default/files/styles/4_3_small/public/migration/images/Cybersecurity%2520Vs%2520Cyber%2520Resilience%2520-%2520thumb_1.jpg.webp?itok=oZ-Bd4h6)
If you operate in the cybersecurity or business continuity space, you’ve probably heard some reference to cyber resilience. While it has become a bit of an industry buzzword, it’s also a useful construct that should have important implications on your security strategy. Here are our thoughts on how cyber resilience compares to cybersecurity — and why the two terms cannot be used interchangeably.
![Why Cyber Risk Aggregation is Important to Your Organization’s Security](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1202577088.png.webp?itok=R-N-N9qq)
A single unauthorized device being used on your network. An unsanctioned application someone’s accessing from their non-secure home PC. A small vendor with a seemingly insignificant vulnerability.
![The top 5 cybersecurity analytics you need to focus on](/sites/default/files/styles/4_3_small/public/2022/11/15/The%20top%205%20cybersecurity%20analytics%20you%20need%20to%20focus%20on%20hero.png.webp?itok=UK-hVLqc)
Marsh McLennan, the world’s largest insurance broker, recently studied whether Bitsight’s cybersecurity performance analytics are useful in understanding the likelihood of experiencing a cybersecurity incident. The findings were significant: Marsh McLennan found 14 Bitsight analytics to be significantly correlated with cybersecurity incidents.
![Open Port Vulnerabilities: What's the Big Deal?](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-Cyber-Padlock-For-Internet-Pro-266085085_2.jpg.webp?itok=7qIVuL-H)
Open port vulnerabilities can increase cyber risk exposure. Learn what they are and how you can quickly find and fix them.
![Types of Penetration Testing: Which Is Right for Your Business?](/sites/default/files/styles/4_3_small/public/2023/06/08/Types-of-Penetration-Testing-Which-Is-Right-for-Your-Business.jpg.webp?itok=KHbnAe2k)
Penetration tests (a.k.a. pen tests) are point-in-time cyber risk assessments. They allow IT and security professionals to assess the adequacy of security controls, including intrusion detection and response systems, and identify weaknesses that need attention.