Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![pane of glass](/sites/default/files/styles/4_3_small/public/2022/09/09/shutterstock_1171955884.jpg.webp?itok=Oz5EmQFY)
Improve visibility into third-party risk with a single pane of glass approach to vendor risk management – from onboarding through the life of the relationship.
![UK cyber resilience cyber security strategy webpage](/sites/default/files/styles/4_3_small/public/2022/02/28/UK%20Cyber%20Resilience%2C%20Sized.jpg.webp?itok=EZJ1xllP)
The UK Cyber Resilience 2022 strategy is a remarkable blueprint for any organization looking to improve cyber resilience. What lessons can be learned?
![Information risk management](/sites/default/files/styles/4_3_small/public/2022/01/10/Information%20Risk%20Management%2C%20sized.jpg.webp?itok=sdCY7OM4)
What is information risk management? Learn more about how the classic equation of threat x vulnerability x consequence helps inform your cybersecurity risk management strategy.
![mitigate risk](/sites/default/files/styles/4_3_small/public/2021/12/29/shutterstock_1924087544.jpg.webp?itok=X0KojRun)
Cyber risk mitigation and remediation are often talked about in the same terms. But they are different. Learn how you can optimize both.
![cyber risk banner](/sites/default/files/styles/4_3_small/public/2021/12/08/cyber%20risk%20banner.jpg.webp?itok=FiIIwzUe)
You can’t reduce the cyber risks faced by your organization if you don’t know what you’re up against. That’s the purpose of a vulnerability probe.
![Use the right cybersecurity analytics to make a business case for risk management](/sites/default/files/styles/4_3_small/public/migration/images/Use%2520the%2520right%2520cybersecurity%2520analytics%2520to%2520make%2520a%2520business%2520case%2520for%2520risk%2520management_1.jpg.webp?itok=2PNqWuUF)
Not long ago, corporate executives would give only passing thoughts to their organization’s cybersecurity postures. Leadership and board members would take notice in the wake of a major data breach, for example, or a couple of times a year as a “check the box” exercise to maintain compliance with regulations. Overall, however, cybersecurity analytics didn’t really garner much attention.
![Protecting Sensitive Data: 4 Things To Keep In Mind](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_382458778_1.jpg.webp?itok=p4SUQiuE)
Given the recent security breaches and reported hacking attempts, it is increasingly important for companies to have a handle on their most sensitive data. Sensitive data can include employees’ personal information, customer information, trade secrets, and other types of data that would cause internal breaches to company information if obtained by a hacker. To identify your organizations’ sensitive data points, refer to our recent article highlighting 5 examples of sensitive data.
![Australian Companies Now Have 6 Months For APRA Compliance](/sites/default/files/styles/4_3_small/public/migration/images/bigstock---July----Canberra-Austra-276708157_1.jpg.webp?itok=NllxUk-X)
Early in 2019, unknown threat actors attempted to hack the Australian federal Parliament’s computer network and the servers used by every politician, staffer, and security officer in Parliament House. Authorities believe there is a strong chance this could have been executed by a state-based actor.
![3 Ways to Avoid the Top Causes of Data Breaches](/sites/default/files/styles/4_3_small/public/migration/images/3%2520Ways%2520to%2520Avoid%2520blog%2520post-1_1.png.webp?itok=Ny6AlRDp)
As the number and costs of cyber-attacks and data breaches continue to rise, more money is being thrown at the problem. IDC projects that by 2022, organizations will spend $133.8 billion to protect their IT infrastructures against cybersecurity threats.
![Third-Party Vendor Risk Management for Financial Institutions](/sites/default/files/styles/4_3_small/public/2022/02/18/Third-Party%20Vendor%20Risk%20Management%20for%20Financial%20Institutions.png.webp?itok=9j-pJubH)
The nature of financial services necessitates global connections and vast third-party ecosystems, with connections to millions of users and devices. This makes financial services firms a favorite target for cyber criminals, accounting for a full 10% of global breaches in 2018.
![Is Your Risk Management Program Ready for the New European Banking Authority’s Guidelines?](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-Euro-Coins-Stacked-On-Each-Oth-223184503_1.jpg.webp?itok=RFOUPRap)
In June 2018, the European Banking Authority (EBA) put forth guidelines on outsourcing arrangements that highlighted the importance of risk management within financial organizations. The notice of these guidelines was announced in June 2018 and will be enforced later in 2019.
![Software Risk Management: 3 Tips for Project & Product Managers](/sites/default/files/styles/4_3_small/public/migration/images/2.19-software-risk-management-tips-blog-image_1.jpg.webp?itok=3sztYmaO)
The development and deployment of software applications is inherently risky; a number of things can go wrong both during development and after launch. Project and product managers must stay aware of risks coming from a variety of areas, including:
![The Board’s Role in Cyber Risk Management: Advice from Top Directors](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-Business-Team-Meeting-Present--253202224_1.jpg.webp?itok=pYohAbIJ)
In today’s evolving threat landscape, corporate directors are increasingly asking for security performance updates from Chief Information Officer, Chief Information Security Officers, Chief Risk Officers, and other executives.