Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![Do You Need to Create Segmented Networks to Protect Critical Assets?](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_591206291_1.jpg.webp?itok=vR-Owa5h)
Network segmentation — the act of dividing a network into multiple smaller, isolated networks that are not visible from the outside — has long been used to reduce cyber risk. At its core, segmentation assumes a “zero trust” approach to protecting digital environments and minimizes access to digital assets for those who don’t need it, while enabling access for those who do. Should a breach occur, that threat is contained in the segmented network so it doesn’t propagate to other assets.
![inherent risk](/sites/default/files/styles/4_3_small/public/2023/02/24/inherent%20risk.jpg.webp?itok=pCR1Wf3S)
Learn what is inherent risk, how to measure it, and why it's a useful tool for your vendor risk management program.
![4 Tips for Reducing Your Company’s Cyber Exposure](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1363031135_0.png.webp?itok=iN8eQUvX)
If your organization is like many others, its cyber exposure continues to grow over time. During the pandemic, as attackers sought to exploit unprecedented changes in work environments, 35% of cyberattacks used previously unseen malware or methods, up from the norm of 20%. And with the average enterprise using well over 1,000 cloud services, it can be very difficult to get a handle on potential vulnerabilities or to know when risks will pop up.
![exposure management](/sites/default/files/styles/4_3_small/public/2023/07/10/Exposure%20Management%2C%20SIZED.jpeg.webp?itok=WB1l31-n)
What is exposure management? Learn how you can assess your organization’s cyber risk exposure and get ahead of cyber risk.
![financial services cybersecurity](/sites/default/files/styles/4_3_small/public/2021/11/14/financial%20services.jpg.webp?itok=6nD94pl3)
The financial services sector is one of the highest performing in terms of cybersecurity. One factor that contributes to this performance is regulation.
![Supply chain risk and tools](/sites/default/files/styles/4_3_small/public/2022/02/14/shutterstock_1660696486.jpg.webp?itok=QutLe6Zu)
Make your vendor lifecycle more efficient and less fraught with cyber risk with these three tips for supply chain risk management.
![Creating A Successful Third Party Risk Management Program](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1499306735%2520%25281%2529_1.jpg.webp?itok=3SUPohY-)
As digital transformation picks up pace, companies are working with more vendors than ever. According to Gartner, 60% of organizations now work with more than 1,000 third-party vendors — including partners, sub-contractors, and suppliers.
![Continuous security testing, Continuous Monitoring, Third Party Risk](/sites/default/files/styles/4_3_small/public/2022/08/18/continuous%20security%20testing%20sized.jpg.webp?itok=vIOq2K-v)
What is continuous monitoring vs. continuous security testing and why you need both to protect your organization against third-party risk.
![Vendor, Security posture](/sites/default/files/styles/4_3_small/public/2022/07/15/How%20to%20Measure%20Your%20Vendors%E2%80%99%20Security%20Posture%20sized.jpg.webp?itok=sxgKuouB)
Learn how to onboard vendors securely and at speed with automated, data-driven insights into your vendors’ security postures.
![How to Mitigate Supply Chain Attacks](/sites/default/files/styles/4_3_small/public/2023/04/27/supply-chain-attack.jpg.webp?itok=WpqMP6kN)
Learn how to mitigate supply chain attacks by improving visibility into your third-party attack surface.
![Data exfiltration, continuous monitor, prevent risk](/sites/default/files/styles/4_3_small/public/2022/07/28/data%20exfiltration%20sized.jpg.webp?itok=B9Et2r1S)
Data exfiltration is the unauthorized transfer of data from a host device, such as an application, database, or server. Here’s how you can prevent it.
![Template - Everything you Need to Craft a Supplier Risk Management Plan.jpeg](/sites/default/files/styles/4_3_small/public/2022/02/02/Template%20Everything%20you%20Need%20to%20Craft%20a%20Supplier%20Risk%20Management%20Plan.jpeg.webp?itok=3Mm9sAEL)
Third-party vendors are a vital part of your business ecosystem. But if you’re not careful, these companies can introduce cyber risk. The SolarWinds supply chain hack is a notable example of the jeopardy that even the most trusted partnerships can yield.
![5 Keys to Building a Scalable VRM Program](/sites/default/files/styles/4_3_small/public/2023/06/29/Scalable%20VRM%20blog.jpg.webp?itok=HaU__r94)
Learn how to centralize, automate, and streamline your VRM process to manage hundreds of vendors as effectively as you manage ten.
![resilience framework](/sites/default/files/styles/4_3_small/public/2022/03/08/shutterstock_1997301182.jpg.webp?itok=8tI09jTU)
What is a cyber resilience framework? Learn how your organization can better prepare for, respond to, and recover from a cyber attack.
![what is zero trust](/sites/default/files/styles/4_3_small/public/2023/04/27/what%20is%20zero%20trust.jpg.webp?itok=hUIK6yl0)
Learn the basic principles of Zero Trust and how to apply them to your third-party risk management program to create more secure remote access connections.