Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
Explore the importance of long-term planning, unified solutions, and innovation in third-party cyber risk management.
Discover how automation can supercharge your Third-Party Risk Management program, saving you time and resources to enhance your security posture.
Five of the most critical vendor evaluation tools that you should have in your cybersecurity risk management toolkit.
Government agencies in the United States are yet again suffering from a widespread data hack, this time originating from Microsoft Exchange servers. This breach comes less than five months after the SolarWinds breach exposed vulnerabilities across dozens of industries, including government agencies. How is the government pivoting to protect their network from these increasingly widespread attacks?
What’s the biggest struggle your vendor risk managers face when establishing cyber security monitoring processes? From sudden increases in the use of third-parties by your organization, to not knowing which vendors might be impacted by the current data breach, vendor risk managers are plagued by challenges and roadblocks that impede their program efficiency.
Dealing with unpredictable vulnerabilities is one of today's greatest challenges. What is a zero day and why is it relevant for TPRM?
Network segmentation — the act of dividing a network into multiple smaller, isolated networks that are not visible from the outside — has long been used to reduce cyber risk. At its core, segmentation assumes a “zero trust” approach to protecting digital environments and minimizes access to digital assets for those who don’t need it, while enabling access for those who do. Should a breach occur, that threat is contained in the segmented network so it doesn’t propagate to other assets.
Learn what is inherent risk, how to measure it, and why it's a useful tool for your vendor risk management program.
If your organization is like many others, its cyber exposure continues to grow over time. During the pandemic, as attackers sought to exploit unprecedented changes in work environments, 35% of cyberattacks used previously unseen malware or methods, up from the norm of 20%. And with the average enterprise using well over 1,000 cloud services, it can be very difficult to get a handle on potential vulnerabilities or to know when risks will pop up.
What is exposure management? Learn how you can assess your organization’s cyber risk exposure and get ahead of cyber risk.
The financial services sector is one of the highest performing in terms of cybersecurity. One factor that contributes to this performance is regulation.
Make your vendor lifecycle more efficient and less fraught with cyber risk with these three tips for supply chain risk management.
As digital transformation picks up pace, companies are working with more vendors than ever. According to Gartner, 60% of organizations now work with more than 1,000 third-party vendors — including partners, sub-contractors, and suppliers.
What is continuous monitoring vs. continuous security testing and why you need both to protect your organization against third-party risk.
Learn how to onboard vendors securely and at speed with automated, data-driven insights into your vendors’ security postures.