Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![4 Things to Know About FISMA](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1243021015%2520%25281%2529_1.jpg.webp?itok=FWzy_nsS)
Recently we wrote about the top cybersecurity frameworks to reduce cybersecurity risk, and the Federal Information Security Management Act (FISMA) certainly belongs in that list. But what is FISMA? Who does it apply to? Why is it so important?
![third party vendor risk management for financial institutions](/sites/default/files/styles/4_3_small/public/2023/03/02/third%20party%20vendor%20risk%20management%20for%20financial%20institutions%2C%20SIZED.jpg.webp?itok=4zogLtq9)
Learn how to automate and streamline the process for third-party vendor risk management at financial institutions.
![5 Steps to Creating a Cyber Security Roadmap](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_492340057.png.webp?itok=GQgLkX2o)
The recent rise in ransomware attacks and business-halting data breaches has made it clear that your organization must prioritize cyber security performance. But ad hoc security controls and defensive measures are not the answer. Instead, you need a strategic, risk-based approach with a cyber security road map as your guide.
![iso 27001 requirements vendor risk management](/sites/default/files/styles/4_3_small/public/2023/02/24/iso%2027001%20requirements%20vendor%20risk%20management.jpg.webp?itok=G6w3kWFF)
Learn what ISO 27001 controls apply to vendor risk management and how to successfully map them to your VRM framework.
![what is tprm](/sites/default/files/styles/4_3_small/public/2023/02/10/what%20is%20tprm.jpg.webp?itok=RlxIAxxc)
Third party risk management is trending following major data breaches affecting organizations through their vendors. But what is TPRM?
![system hacked](/sites/default/files/styles/4_3_small/public/2022/11/18/Shutterstock_1916985977%20%281%29.jpg.webp?itok=HLYjHJLd)
A study reveals the correlation between these security flaws and the likelihood of cybersecurity incidents. Learn more.
![BitSight Google Cloud](/sites/default/files/styles/4_3_small/public/2023/01/18/BitSight%2BGCloud_blog.png.webp?itok=cK_4Bi6H)
Bitsight is partnering with Google Cloud to provide customers with a centralized repository of Google Cloud questionnaires, certifications, and documentation, now available through Bitsight Vendor Risk Management. Learn more about the partnership in our blog.
![prevent third party attacks](/sites/default/files/styles/4_3_small/public/2023/01/20/Shutterstock_1357340402.jpg.webp?itok=tqmJ0ZAS)
Today, third-party data breaches pose the greatest cyber risk. Learn about the biggest breaches and steps you can take to protect your organization.
![supplier](/sites/default/files/styles/4_3_small/public/2022/12/28/Shutterstock_2015833799.jpg.webp?itok=E7nWgJra)
Your vendors’ vendors can pose significant cyber risk to your organization. Learn more about fourth-party risk and how to manage it.
![questions before buying vrm tool](/sites/default/files/styles/4_3_small/public/2023/01/10/questions%20before%20buying%20vrm%20tool.jpg.webp?itok=Mq3wKpbK)
These questions will help you choose the best VRM tool that will take your program to the next level.
![Schneider Announcement](/sites/default/files/styles/4_3_small/public/2023/10/13/bitsight-schneider-electric-blog-banner-min.jpg.webp?itok=gSophSL0)
Cybersecurity threats targeting operational technology (OT) present costly challenges for organizations globally. Learn why Bitsight partnered with Schneider Electric to bring customers enhanced Industrial Control System (ICS) detection capabilities. Read more.
![What is Vendor Risk Management (VRM)?](/sites/default/files/styles/4_3_small/public/migration/images/Vendor%2520Risk%2520Management%2520Definition%2520-%2520FB%2520Social%2520Graphic%2520Main%2520Blog%2520Image_1.jpg.webp?itok=VhW-jURH)
Vendor Risk Management is the practice of evaluating business partners, suppliers, or third-party vendors both before a business relationship is established and during the duration of your business contract. This is an important concept and practice to put in place during the evaluation of your vendors and the procurement process.
![fourth party supplier risk](/sites/default/files/styles/4_3_small/public/2022/12/16/Fourth%20Party%20Supplier%20Risk%2C%20SIZED.jpg.webp?itok=9pZMnFUC)
Gain visibility into fourth-party supplier risk, continuously monitor for emerging risks, and communicate program performance to stakeholders.
![creating trust with data](/sites/default/files/styles/4_3_small/public/2022/12/14/creating%20trust%20sized.png.webp?itok=Ib2JN0e9)
Your interconnected supply chain needs trust in you, and you in them. But how can you build trust when visibility is low and resources are limited?
![third party vs fourth party](/sites/default/files/styles/4_3_small/public/2022/12/08/Third%20Party%20vs%20Fourth%20Party%20SIZED.jpg.webp?itok=oxa1p1VB)
Learn the difference between third-party vs. fourth-party risk and how you can extend your risk management program to cover both.