Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![quantitative risk](/sites/default/files/styles/4_3_small/public/2022/11/11/shutterstock_758356729.jpg.webp?itok=LaIFQMW_)
Quantitative risk assessments in cybersecurity draw on data and analytics to help you understand the probability of risk and inform strategic management decisions.
![healthcare vendor risk management](/sites/default/files/styles/4_3_small/public/2023/02/07/healthcare%20vendor%20risk%20management.jpg.webp?itok=M4OX6k1V)
Delivering medical services involves hundreds of third-party vendors. We explore the criticality of healthcare vendor risk management and how organizations can overcome common challenges.
![workflow](/sites/default/files/styles/4_3_small/public/2022/07/13/shutterstock_2102194204.jpg.webp?itok=YRSbAF8-)
Bitsight has integrated with Archer to bring vendor risk management to the next level of efficiency. Learn what the integration can bring to your third party risk management program.
![third party breach](/sites/default/files/styles/4_3_small/public/2022/11/15/shutterstock_1407081185.jpg.webp?itok=H68LvNRh)
We are constantly evolving our offerings to meet customer needs and address market shifts. Read our blog to learn about our customer-first enhancements to the Bitsight for Third-Party Risk Management Platform.
![caiq sig questionnaires](/sites/default/files/styles/4_3_small/public/2023/02/07/caiq%20sig.jpg.webp?itok=BNLSCDke)
How is one questionnaire different from another, and how do you decide which ones to use in vendor risk assessments? We compare CAIQ vs. SIG.
![5 Best Practices for Conducting Cyber Security Assessments](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_631975841_2.jpg.webp?itok=ty2MaVd6)
Third parties are essential to helping your business grow and stay competitive. But if you’re not careful, your trusted partnerships can introduce unwanted cyber risk and overhead into your organization.
![vendor risk management checklist](/sites/default/files/styles/4_3_small/public/2023/06/16/vendor%20risk%20management%20checklist.jpeg.webp?itok=xGsunN94)
A vendor risk management checklist will ensure you capture relevant information from your vendors during the onboarding process. Here’s what to include.
![5 Keys to Building a Scalable VRM Program](/sites/default/files/styles/4_3_small/public/2023/06/29/Scalable%20VRM%20blog.jpg.webp?itok=HaU__r94)
Learn how to centralize, automate, and streamline your VRM process to manage hundreds of vendors as effectively as you manage ten.
![vendor risk managementq uestions for third party vendor](/sites/default/files/styles/4_3_small/public/2022/12/29/vendor-risk-management-questions-for-third-party-vendor.jpg.webp?itok=M2et8Viv)
Third-party vendors need to be properly evaluated before entering your data ecosystem. Use these questions in your vendor risk management program.
![vendor risk management questionnaires](/sites/default/files/styles/4_3_small/public/2023/01/10/vendor%20risk%20management%20questionnaires.jpg.webp?itok=02ZKoXsI)
We explore the most common security questionnaires and how to integrate them into your overall VRM process.
![Third-Party Vendor Risk Management for Financial Institutions](/sites/default/files/styles/4_3_small/public/2022/02/18/Third-Party%20Vendor%20Risk%20Management%20for%20Financial%20Institutions.png.webp?itok=9j-pJubH)
According to the 2022 Verizon Data Breach Investigations Report, 62% of system intrusions came through an organization’s partner. Read our blog to learn how to assess your vendors to effectively reduce breach risk.
![Information risk management](/sites/default/files/styles/4_3_small/public/2022/01/10/Information%20Risk%20Management%2C%20sized.jpg.webp?itok=sdCY7OM4)
What is information risk management? Learn more about how the classic equation of threat x vulnerability x consequence helps inform your cybersecurity risk management strategy.
![mitigate risk](/sites/default/files/styles/4_3_small/public/2021/12/29/shutterstock_1924087544.jpg.webp?itok=X0KojRun)
Cyber risk mitigation and remediation are often talked about in the same terms. But they are different. Learn how you can optimize both.
![Measuring an acceptable level of supply chain risk](/sites/default/files/styles/4_3_small/public/2021/12/23/Inherent%20Cyber%20Risk%2C%20Sized.jpg.webp?itok=Qeb3gWyw)
What does your organization consider an acceptable level of inherent cyber risk in its vendor portfolio? Learn how to establish that threshold and focus resources where they’re needed most.
![cyber risk banner](/sites/default/files/styles/4_3_small/public/2021/12/08/cyber%20risk%20banner.jpg.webp?itok=FiIIwzUe)
You can’t reduce the cyber risks faced by your organization if you don’t know what you’re up against. That’s the purpose of a vulnerability probe.