Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
In a world of evolving threats, executives are faced with the challenge of deciding whether to allocate scarce security resources in proactive investments that may prevent attacks or in reactive investments in response to security failures. Some researchers have argued that the most effective security investments are those based on lessons from past attacks, particularly when defending against similar incidents.
Partner security risk is an important topic in the minds of risk officers today. With the number of companies being breached via third parties on the rise (New York Times, Bank of America, Twitter), this is clearly a big area of concern. In a survey conducted by Ponemon in February 2013, 65% of participants said their organization had a breach involving the loss or theft of their organization’s information when it was outsourced to a third party. In April 2013, the Information Security Forum (ISF) wrote "Of all the supply chain risks, information risk is the least well managed."