Insights blog.

Reading the top cybersecurity blogs is, of course, one of the best ways to stay up on the latest news in the security industry. But while these niche blogs do often address news stories, most often they’re doing so while also interjecting their own opinions. And sometimes you just need the straight, unbiased facts. 

This post was originally published November 12, 2015 and has been updated for accuracy and comprehensiveness

Bitsight has integrated with Archer to bring vendor risk management to the next level of efficiency. Learn what the integration can bring to your third party risk management program.

Security questionnaire automation can save time and reduce errors in your vendor risk management program. Learn how to quickly implement it at scale.

We are constantly evolving our offerings to meet customer needs and address market shifts. Read our blog to learn about our customer-first enhancements to the Bitsight for Third-Party Risk Management Platform.

Are you and your company at the early stages of implementing a supplier risk management program — or are you just beginning to explore the idea? Either way, there’s a lot to learn when it comes to assessing your digital supply chain vendors for cyber risk, and it may feel a little bit daunting at first. Perhaps you’re a bit afraid to ask some of the more basic questions that have you stumped.

How is one questionnaire different from another, and how do you decide which ones to use in vendor risk assessments? We compare CAIQ vs. SIG.

Learn how to improve supply chain resilience and combat third-party risk through continuous, automated monitoring of your vendors’ risk postures.

In a recent Huffington Post article, Shared Assessments senior director Tom Garrubba discussed how third-party risk management has become an important topic to many executives and board members around the world. He recalls a conversation he had with Robin Jones, a member of the U.K.’s Financial Conduct Authority (FCA), during a conference in London. Jones expressed that his “unit [has been] paying renewed focus on technology resiliency and outsourcing.” 

Companies are becoming increasingly reliant on third-party relationships, and cyber attacks originating in the systems of third parties are on the rise.

With the number of third parties connected to businesses increasing, risk and security teams need to ensure they are spending the right amount of attention on the right third parties. To do this, organizations need a clearly defined, tiered portfolio of third parties, vendors, and suppliers. Today, many companies tier their third parties based on the inherent risk they present, and the types of data they handle or have access to.

If you’re involved in the cyber insurance underwriting process—from the transaction to the ongoing operations—you’re constantly looking for things to help you (and your team) select better risks. Here are three specific ways Bitsight’s Security Ratings platform can play an integral role in the underwriting process. 

As regulations shift and providers enter new markets, the telecom industry is changing rapidly. In preparation for these changes, telecom risk management professionals must become aware of new risks on the horizon. Privacy and net neutrality laws, new kinds of cyber threats, reputational dangers, and other factors are all poised to affect telecom companies deeply in 2019.

Any seasoned vendor risk manager will tell you that determining whether a particular third party’s cybersecurity is up to your standards—and deciding how much risk to assume through your relations with your vendors—is not a simple task. Even so, there are technologies available that make  handling vendor risk easier—and one of those is Bitsight Security Ratings.

Third parties are essential to helping your business grow and stay competitive. But if you’re not careful, your trusted partnerships can introduce unwanted cyber risk and overhead into your organization.