Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![Championing Supply Chain Cybersecurity Amid Evolving Regulations](/sites/default/files/styles/4_3_small/public/2024/04/16/Championing%20Supply%20Chain%20Cybersecurity%20Amid%20Evolving%20Regulations%204.png.webp?itok=Kcw6EuVo)
Explore how CISOs can secure supply chains and meet evolving cyber regulations with strategies from our new ebook on cybersecurity resilience.
![mitre system of trust](/sites/default/files/styles/4_3_small/public/2023/05/29/mitre%20system%20of%20trust.jpeg.webp?itok=-JjFmAtt)
Learn how the System of Trust framework can help you understand and address supply chain risks.
![supply chain risk management](/sites/default/files/styles/4_3_small/public/2022/08/16/supply%20chain%20risk%20management-min.jpg.webp?itok=YCWeqDTv)
Traditional supply chain risk management strategies are becoming increasingly unsound amid the rise of unorthodox threats. These evolving supply chain risks require organizations to not only rethink supply chain risk but to act accordingly. Every organization should form a cyber supply chain risk management strategy for the modern era.
![As Cyber Insurance Claims Soar, Businesses Need to Demonstrate a Standard of Care](/sites/default/files/styles/4_3_small/public/migration/images/913%2520Blog_1.jpg.webp?itok=ArOQNWUr)
Hardly a day goes by without the emergence of a disturbing new trend in cyber crime or headline-grabbing hack. Hackers are getting smarter and threat vectors are constantly evolving. The escalating threat is forcing businesses to file more cyber insurance claims than ever. But are they taking the proactive steps necessary to boost their security postures and become a better underwriting risk?
![supply chain resilience](/sites/default/files/styles/4_3_small/public/2022/09/16/shutterstock_2072769434.jpg.webp?itok=Ha6ObOvF)
Learn how to improve supply chain resilience and combat third-party risk through continuous, automated monitoring of your vendors’ risk postures.
![How to Conduct a Supply Chain Risk Assessment at Scale](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1458256181_1.jpg.webp?itok=dQ0YPTdc)
Vendors and third party partners are essential to helping your business grow and stay competitive. But outsourcing to third parties also dramatically increases your attack surface. A recent independent study by Opinion Matters found that 92% of U.S. organizations have experienced a breach that originated with a vendor.
![What are Software Supply Chain Attacks?](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1704511693.jpg.webp?itok=ZfNHl-A8)
Digital vendors are now the avenue of choice for cybercriminals to perpetrate cyberattacks. Learn how you can defend your organization against a software supply chain attack.
![cyber threat prevention digital footprint](/sites/default/files/styles/4_3_small/public/2023/06/12/cyber%20threat%20prevention%20digital%20footprint.jpeg.webp?itok=S2oMadJ-)
We look at five ways you can reduce cyber threats without putting additional pressure on stretched resources.
![What Role Does Procurement Play in Supply Chain Risk Management?](/sites/default/files/styles/4_3_small/public/2022/02/18/What%20Role%20Does%20Procurement%20Play%20in%20Supply%20Chain%20Risk%20Management.png.webp?itok=Iy3E_rXa)
Thanks to globalization and rapidly developing technology, enterprise involves more connections than ever before, and more connections means more risk in the supply chain.
![what is a zero day - zero day exploit](/sites/default/files/styles/4_3_small/public/2023/03/10/what%20is%20a%20zero%20day.jpg.webp?itok=FotfSweF)
Dealing with unpredictable vulnerabilities is one of today's greatest challenges. What is a zero day and why is it relevant for TPRM?
![Supply chain risk and tools](/sites/default/files/styles/4_3_small/public/2022/02/14/shutterstock_1660696486.jpg.webp?itok=QutLe6Zu)
Make your vendor lifecycle more efficient and less fraught with cyber risk with these three tips for supply chain risk management.
![New research reveals rapid remediation of MOVEit Transfer vulnerabilities](/sites/default/files/styles/4_3_small/public/2024/03/27/New%20research%20reveals%20rapid%20remediation%20of%20MOVEit%20Transfer%20vulnerabilities_0.jpg.webp?itok=3HH1Rrk6)
CVE-2023-35036 & CVE-2023-35708 — were identified on June 9th and June 15th in the latest series of high-profile software supply chain vulnerabilities.
![Continuous security testing, Continuous Monitoring, Third Party Risk](/sites/default/files/styles/4_3_small/public/2022/08/18/continuous%20security%20testing%20sized.jpg.webp?itok=vIOq2K-v)
What is continuous monitoring vs. continuous security testing and why you need both to protect your organization against third-party risk.
![How to Mitigate Supply Chain Attacks](/sites/default/files/styles/4_3_small/public/2023/04/27/supply-chain-attack.jpg.webp?itok=WpqMP6kN)
Learn how to mitigate supply chain attacks by improving visibility into your third-party attack surface.
![Data exfiltration, continuous monitor, prevent risk](/sites/default/files/styles/4_3_small/public/2022/07/28/data%20exfiltration%20sized.jpg.webp?itok=B9Et2r1S)
Data exfiltration is the unauthorized transfer of data from a host device, such as an application, database, or server. Here’s how you can prevent it.