Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![healthcare vendor risk management](/sites/default/files/styles/4_3_small/public/2023/02/07/healthcare%20vendor%20risk%20management.jpg.webp?itok=M4OX6k1V)
Delivering medical services involves hundreds of third-party vendors. We explore the criticality of healthcare vendor risk management and how organizations can overcome common challenges.
![benefits of successful vrm](/sites/default/files/styles/4_3_small/public/2022/12/13/benefits%20of%20successful%20vrm.jpg.webp?itok=PnELNEL3)
Traditional vendor risk management methods fail to capture new and evolving risks. Learn how a better approach to VRM can benefit your organization.
![Introducing Bitsight Portfolio Risk Analytics](/sites/default/files/styles/4_3_small/public/2023/12/04/Introducing%20Bitsight%20Portfolio%20Risk%20Analytics.jpg.webp?itok=yHNLrdkI)
See risk, drive action across your entire vendor portfolio.
![Cybersecurity News: The 15 Best Places To Get Great Info](/sites/default/files/styles/4_3_small/public/migration/images/Cybersecurity_news_newspaper_thumbnail_1.jpg.webp?itok=ECwCsjic)
Reading the top cybersecurity blogs is, of course, one of the best ways to stay up on the latest news in the security industry. But while these niche blogs do often address news stories, most often they’re doing so while also interjecting their own opinions. And sometimes you just need the straight, unbiased facts.
![IT Risk Assessment Template: 40 Questions To Ask Your Vendors](/sites/default/files/styles/4_3_small/public/migration/images/full-it-risk-assessment-template_1.jpg.webp?itok=gvdEsECl)
This post was originally published November 12, 2015 and has been updated for accuracy and comprehensiveness
![workflow](/sites/default/files/styles/4_3_small/public/2022/07/13/shutterstock_2102194204.jpg.webp?itok=YRSbAF8-)
Bitsight has integrated with Archer to bring vendor risk management to the next level of efficiency. Learn what the integration can bring to your third party risk management program.
![automate vendor assessments](/sites/default/files/styles/4_3_small/public/2023/01/22/Shutterstock_1341095657.png.webp?itok=-ctnvE84)
Security questionnaire automation can save time and reduce errors in your vendor risk management program. Learn how to quickly implement it at scale.
![third party breach](/sites/default/files/styles/4_3_small/public/2022/11/15/shutterstock_1407081185.jpg.webp?itok=H68LvNRh)
We are constantly evolving our offerings to meet customer needs and address market shifts. Read our blog to learn about our customer-first enhancements to the Bitsight for Third-Party Risk Management Platform.
![10 Frequently Asked Supplier Risk Management Questions](/sites/default/files/styles/4_3_small/public/migration/images/full-vendor-risk-management-questions-large_1.jpg.webp?itok=8qjZ5cpb)
Are you and your company at the early stages of implementing a supplier risk management program — or are you just beginning to explore the idea? Either way, there’s a lot to learn when it comes to assessing your digital supply chain vendors for cyber risk, and it may feel a little bit daunting at first. Perhaps you’re a bit afraid to ask some of the more basic questions that have you stumped.
![caiq sig questionnaires](/sites/default/files/styles/4_3_small/public/2023/02/07/caiq%20sig.jpg.webp?itok=BNLSCDke)
How is one questionnaire different from another, and how do you decide which ones to use in vendor risk assessments? We compare CAIQ vs. SIG.
![3 Cybersecurity IT Risk Assessment Templates](/sites/default/files/styles/4_3_small/public/migration/images/Thumb-3-Information-Security-Risk-Assessment-Templates-To-Get-You-Started-Quickly_1.jpg.webp?itok=jyE3Nzw_)
Developing a VRM plan from scratch or looking to scale your existing program? Here are some cybersecurity IT risk assessment templates to help you get started.
![supply chain resilience](/sites/default/files/styles/4_3_small/public/2022/09/16/shutterstock_2072769434.jpg.webp?itok=Ha6ObOvF)
Learn how to improve supply chain resilience and combat third-party risk through continuous, automated monitoring of your vendors’ risk postures.
![Technology Resiliency & Outsourcing (TRO): Familiarize Yourself](/sites/default/files/styles/4_3_small/public/migration/images/Technology_Resiliency__Outsourcing_TRO_Familiarize_Yourself_-_thumb_1.jpg.webp?itok=Fj6fURkG)
In a recent Huffington Post article, Shared Assessments senior director Tom Garrubba discussed how third-party risk management has become an important topic to many executives and board members around the world. He recalls a conversation he had with Robin Jones, a member of the U.K.’s Financial Conduct Authority (FCA), during a conference in London. Jones expressed that his “unit [has been] paying renewed focus on technology resiliency and outsourcing.”
![Third-Party Risk Management Best Practices for Enterprise](/sites/default/files/styles/4_3_small/public/migration/images/Third-Party%2520Risk%2520Management%2520Best%2520Practices%2520for%2520Enterprise%2520Blog_1.jpg.webp?itok=FUS6QwU5)
Companies are becoming increasingly reliant on third-party relationships, and cyber attacks originating in the systems of third parties are on the rise.
![Third Party Tiering: The Cornerstone of a Strong Third-Party Risk Management Program](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-Business-Hierarchy-Ranking-An-196512991_1.jpg.webp?itok=CXLZmNjX)
With the number of third parties connected to businesses increasing, risk and security teams need to ensure they are spending the right amount of attention on the right third parties. To do this, organizations need a clearly defined, tiered portfolio of third parties, vendors, and suppliers. Today, many companies tier their third parties based on the inherent risk they present, and the types of data they handle or have access to.