Insights blog.

Learn what really keeps security and risk leaders awake at night, plus solutions they can use to maximize their security resources and better manage an expanding attack surface.

Moody’s Investor Services published new research indicating worldwide cyber risk is rising, particularly among critical infrastructure entities.

The Bitsight Badge enables an organization to prove their focus on security, increase transparency, and showcase the hard work they put into enhancing security performance.

Discover how Bitsight’s GPS vulnerability research can help your organization and third party managers reduce IoT device cyber risk.

Atlassian Confluence has been impacted by vulnerability CVE-2022-26134 allowing for ransomware deployment, data theft, & more. See Bitsight's findings & analysis.

In November 2021, a new version of the Emotet botnet emerged. How did this happen? What is the botnet doing today? And how can organizations avoid becoming victims? Get the answers and more.

As cyber attacks evolve and your attack surface increases, learn how you can protect your digital perimeter.

Cybersecurity is one of the biggest threats to global commerce in the 21st century.

With the average cost of a data breach in the U.S. reaching nearly $8.6 million, your organization can’t afford to ignore cybersecurity risk. Indeed, the need for security risk management is greater than ever. When cyber risk is managed more effectively, you can focus on innovation and driving business growth.

The threat from malicious email represents one of the greatest risks to IT security. That threat continued unabated in 2020, especially in the wake of the COVID-19 pandemic. Research indicated that in 2020 the number of nefarious emails increased dramatically, reaching about 1.5 million malicious emails per day during one particularly intense three month period.

As time goes on, organizations are taking on more and more new digital transformation initiatives to become increasingly agile and boost productivity — dramatically transforming the number of digital touchpoints employees interact with on a day-to-day basis.

Following an increase in ransomware cyber attacks, most notably May 2017’s WannaCry attack, U.S. public sector entities are starting to see the effects of these attacks on the almost $4 trillion municipal debt market. As a result, issuers are now starting to consider the cybersecurity posture of borrowers at the town, city, and local levels when they apply for bonds.

This year marked another great Gartner Security & Risk Management Summit with over 3,000 attendees, bringing together CEOs, CIOs, CISOs, IT Directors, Risk Managers, and other risk and security professionals to National Harbor, MD from June 12-15. An underlying theme emerged from the numerous sessions I attended and the various conversations I had: all roads lead back to business value. Whether it’s a new vendor that a company is looking to onboard, or a cloud technology the organization is implementing, everything should tie back to a business decision.

Stress and worry are emotions that are often linked with the period between the beginning of a new year and mid-April, the federal tax filing deadline. Modern technology has brought with it techniques and applications that reduce this burden by making it easier for consumers to prepare a tax return. Unfortunately the age of e-filing has come with increased risk of tax fraud due to cybercrime. According to IRS statistics, investigations, prosecutions, and convictions for tax crimes, including those involving identity theft, have been on the decline over the last three years.

On Thursday, February 23rd, Cloudflare announced a serious bug in its caching infrastructure that caused uninitialized memory to be printed on a number of its customers’ websites. This information included sensitive data such as passwords, cookies, tokens, private messages, and while it believes the bug was limited to roughly a thousand websites, it caused sensitive data to be dumped from potentially any Cloudflare reverse proxy customer. Some observers have stated this issue has similarities with “Heartbleed” and have thus referred to it as “Cloudbleed.”