Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
Security leaders have got to be ready to direct the conversation on security in a manner that resonates with directors. Here's how.
In an era of rapid threat expansion, proper storytelling by CISOs can be the key to build confidence with customers, regulators, board members, and other stakeholders.
Key risk indicators (KRIs) can help monitor and control cyber risk. But what KRIs should you focus on?
A monthly or quarterly report is a great way to summarize a SOC’s performance and uncover insights for executive leadership. But as a security and risk manager or executive, what information should you request from the managers who report to you?
Give your security teams critical digital risk monitoring tools to discover, prioritize, and remediate risk across the expanding attack surface.
No one should be surprised to learn that IT and cybersecurity jobs can be extremely stressful. Now, a convergence of trends has, in many cases, brought this stress to a breaking point.
While many IT, security, and risk professionals have developed good metrics and visuals for communicating internally about cyber risk, such as the safety cross and pareto charts, reporting on cybersecurity to non-technical individuals remains challenging.
Bitsight and Google have collaborated to study global organizational performance across cybersecurity controls in the Minimum Viable Secure Product (MVSP) framework.
You don’t have to be a CIO to know that a great IT department is crucial to the success of any large organization. With the rise of big data, artificial intelligence, and the Internet of Things, technology promises to become an even more fundamental part of competitive corporate strategies in every industry.
Special thanks to Venky Ganesan, the managing director of Menlo Ventures, for his insights into this topic.
Most Boards today know that cybersecurity is a critical issue that simply cannot be overlooked — which means many Boards today receive regular briefings on the topic. If you’re a new CIO or CISO (or your organization has just begun this practice) it’s absolutely critical that you establish credibility when you present to your Board of Directors. If you’ve been asked to present and you’ve never briefed a Board of Directors on cybersecurity before, your questions are going to be far different than they would be if you had seven or eight presentations under your belt. So below, we’ve detailed some of the topics you should include in your cybersecurity Board of Directors presentations — for both first timers and seasoned presenters.
The red lights are flashing everywhere. News stories are warning about a sharp rise in ransomware attacks, a 2000X fold increase in cybersecurity breaches, and more cyber-related doomsday scenarios. Meanwhile, the Biden Administration released a much-anticipated cybersecurity plan earlier this year, calling for more investments in cybersecurity.
A majority of boards now see cyber risk as business risk, so they’re asking hard questions around risk and exposure. Security leaders must have processes in place to inform and educate executives, boards, and stakeholders as to the security posture of the organization as well as the postures of important third parties.
A vulnerability scanner evaluates security weaknesses and gaps in your digital infrastructure. Learn what to look for in a robust solution.
Executive performance and cyber risk management are now inextricably linked. Learn how CISOs can help executives be more accountable for cyber risk.