Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
Every year, companies spend billions of dollars on mergers and acquisitions. (The value of worldwide M&A deals in 2014 totaled $3.5 trillion.) Managing risk throughout the process is an important element of any merger, but there's one area of risk management that hasn't had the attention it deserves.
Anyone in the security space can agree that a solid cybersecurity policy goes a long way. But not everyone in your organization is a security expert. In fact, many employees may not know the first thing about firewalls or viruses—which is why cybersecurity employee training is such a critical matter.
As more of the world’s population gains access to the internet and more and more devices come online daily, there are new and emerging cyber threats around every corner.
The world of procurement has been fundamentally changed by the introduction of technology. Source-to-pay software has brought digital workflows and automation to time-consuming processes like creating RFPs, managing contracts, and remitting payments.
Using automated vendor risk assessment capabilities and tools you can eliminate manual processes, scale your VRM program, and quickly mitigate risk.
Whether you’re a security leader asked by the board to facilitate a cyber security audit, or a member of the board planning to request one, it’s crucial to know what is a cybersecurity audit & what it isn’t. You need to know precisely what is being asked for to make sure the right information is collected.
Utilizing a continuous cyber security monitoring strategy for cybersecurity can give your security team higher visibility into your threat landscape. To get the most value when investing in continuous security monitoring you first need to understand how data can be compromised. The three main ways are:
Learn how to automate cyber risk management across your third-party ecosystem from onboarding through the life of the relationship.
Learn how to protect your organization’s “crown jewels” with these do’s and don’ts of sensitive data sharing with vendors.
Today, 59% of data breaches originate with third-party vendors. And, as globalization brings more interconnected supply chains, that number is anticipated to grow.
An information security management system (ISMS) is a structured approach used to better manage your company’s most critical data and information. It can be achieved by adopting an ISMS standard like ISO 27001 or NIST 800-53 and through a certification process. But integrating an information security management system at your organization can be fraught with issues and complexities. Below, we’ve outlined five issues you should avoid while building out your ISMS.
Are you aware of the risks involved in doing business with parties sanctioned by the Office of Financial Assets Control (OFAC)?
Financial services is a wide industry, encompassing banks, insurance companies, investment firms, analysts, consultants, and many more. We’ve found financial services to be one of the best performing sectors in terms of cybersecurity. We’ve been able to pinpoint a handful of basic facts, ideas, and principles that make the financial sector so successful at cybersecurity, and we’ve outlined those “pillars” below. Take a look!
Traditional vendor risk management methods fail to capture new and evolving risks. Learn how a better approach to VRM can benefit your organization.
See risk, drive action across your entire vendor portfolio.