Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![Digital Transformation Risk, woman working from home as part of digital transformation and cloud](/sites/default/files/styles/4_3_small/public/2023/05/19/Digital%20Transformation%20Risk%20SIZED.jpg.webp?itok=IlycouRX)
Learn how to identify and mitigate digital transformation risks—internally and across your software supply chain.
![Common Vulnerabilities Associated With Remote Access](/sites/default/files/styles/4_3_small/public/2023/04/26/common-cyber-vulnerabilities-min.jpeg.webp?itok=azxTevBS)
As the world adjusts to more working from home, IT teams worked overtime to enable remote access for millions of employees.
![workforce cybersecurity](/sites/default/files/styles/4_3_small/public/2023/06/07/Workforce%20cybersecurity.jpg.webp?itok=RwYpaw3C)
Work from home practices introduce significant cyber risk to any organization. Worryingly, Bitsight research discovered that remote office networks are 7.5 times more likely to have at least five distinct malware families on them than a corporate network.
As remote workforces become the norm, this should ring alarm bells for security leaders. When an employee uses a corporate device on a home network, malware can propagate to the corporate network. This is especially problematic given user behavior and the dynamics of home networks. In 52% of cases, corporate-issued devices are used by family members or trusted friends. These assets also share the same network as potentially insecure IoT devices such as alarm systems, smart TVs, refrigerators, and more.
As remote workforces become the norm, this should ring alarm bells for security leaders. When an employee uses a corporate device on a home network, malware can propagate to the corporate network. This is especially problematic given user behavior and the dynamics of home networks. In 52% of cases, corporate-issued devices are used by family members or trusted friends. These assets also share the same network as potentially insecure IoT devices such as alarm systems, smart TVs, refrigerators, and more.
![Secure Remote Work: New Threats Require a Shift in Policy and Training](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_431935282_1.jpg.webp?itok=kpxfqnAC)
Working from home introduces significant cyber risk to any organization. However, recent events reveal that it’s not a case of “if” but “when” bad actors will exploit the rampant vulnerabilities on home networks.
![Russian Hackers Validate BitSight WFH Data](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_625624946_1.jpg.webp?itok=vndU-9tP)
This week the New York Times released a report warning that a group of Russian hackers going by the name “Evil Corp” has been attempting to exploit the rampant vulnerabilities presented by the US workforce shifting to working from home at remote offices, raising fears that major U.S. brands, news organizations, or even election systems could be disrupted with ransomware attacks. The research, conducted by Symantec, revealed that 31 large U.S. corporations, including Fortune 500 companies and news organizations, have fallen victim to Evil Corp, and those are just the ones we know about.
![Government Teleworking Could Last for Months, Exacerbating Cyber Risk](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1110675746_1.jpg.webp?itok=bB0yp2Ux)
As federal government guidance on social distancing due to the COVID-19 pandemic is extended through April, a new reality is setting in for federal workers — a prolonged period of telework, even beyond the coronavirus crisis.