Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Slicing through CISA’s KEV Catalog
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
What is cyber insurance underwriting, how has it evolved, and what you can expect when you apply for cyber insurance.
The latest report from Gartner® outlines several key areas that leaders need to pay close attention to if they want to create more resilient, trusted programs.
Are organizations prepared to meet new cyber incident disclosure requirements? The latest report from Bitsight's data analysts shows it might be easier said than done.
Organizations remain concerned about the potential implications to their own security posture as a result of the Okta cyber attack. It's important to identify where risks are present throughout your third parties landscape.
A vendor security audit can reduce third-party risk. Learn how you can mature your assessment process while saving time and resources.
Over 70% of executives are bullish about their organization’s ransomware resilience. Here’s how security leaders can temper that overconfidence.
New features in Bitsight's Security Performance Management (SPM) solution help you quickly get better insights of your attack surface so you reduce the risk of data breaches, ransomware, and cyber attacks.
The UK Cyber Resilience 2022 strategy is a remarkable blueprint for any organization looking to improve cyber resilience. What lessons can be learned?
The situation between Russia and Ukraine has been escalating since the start of January, when Russia stationed more than 100,000 troops along the Ukrainian Border. Although cyber security is not the primary concern in the current situation, there is a cyber security component that absolutely should not be overlooked.
We believe a war in the region would have a direct impact on the cyber threat landscape. Both Poland and Lithuania have recently raised their countries' alert level, just hours after Ukraine reported its defense ministry and two banks had been hacked. In the US, CISA has issued a recommendation for all organizations, regardless of size, to adopt a heightened posture when it comes to cybersecurity. Meanwhile, Russia launched a full scale attack on Ukraine territory, which is still developing, and its full reach still remains to be seen.
We believe a war in the region would have a direct impact on the cyber threat landscape. Both Poland and Lithuania have recently raised their countries' alert level, just hours after Ukraine reported its defense ministry and two banks had been hacked. In the US, CISA has issued a recommendation for all organizations, regardless of size, to adopt a heightened posture when it comes to cybersecurity. Meanwhile, Russia launched a full scale attack on Ukraine territory, which is still developing, and its full reach still remains to be seen.
As cyber attacks evolve and your attack surface increases, learn how you can protect your digital perimeter.
Disrupting the flow of goods and services is a keen priority for threat actors and critical infrastructure has long been a favored target. In 2021, the Colonial Pipeline ransomware attack caused a devastating impact to the economy when Russia-based hackers halted fuel movement along the critical U.S. Gulf and East Coast pipeline.
But this and other attacks may only be the beginning of an alarming ransomware trend aimed at U.S. critical infrastructure. Ransomware-as-a-service tools make ransomware easy to execute, making it the dominant cyber threat to enterprises in 2022. Indeed, the FBI recently warned that hackers have already developed ransomware code designed to disrupt critical infrastructure or industrial processes.
But this and other attacks may only be the beginning of an alarming ransomware trend aimed at U.S. critical infrastructure. Ransomware-as-a-service tools make ransomware easy to execute, making it the dominant cyber threat to enterprises in 2022. Indeed, the FBI recently warned that hackers have already developed ransomware code designed to disrupt critical infrastructure or industrial processes.
From the start, it was clear that the Log4j vulnerability, also referred to as Log4Shell, would be widespread and present major challenges for organizations. But, why is addressing Log4j so challenging?
Learn how to reduce the threat of cyber intrusion with a detection and prevention approach grounded in continuous monitoring.
Bitsight has been collecting FluBot infection telemetry data since March 2021. In total, we have identified 1.3 million IPs used by infected Android devices. Of them, over half (61%) are in Germany and Spain. Additionally, we are tracking an increase in IPs over time, which likely indicates an increase in infected devices.
Learn what the disturbing ransomware trends means for your organization and third-party vendors.