Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![cyber risk appetite](/sites/default/files/styles/4_3_small/public/2021/11/14/cyber%20risk%20appetite.jpg.webp?itok=0bl9Z0Hz)
As cyberattacks surge, you’re charged with protecting your organization’s expanding digital footprint. But what about the risk posed by vendors?
![Utilities](/sites/default/files/styles/4_3_small/public/2023/05/08/Utility.jpg.webp?itok=pZHzvcjX)
Bitsight has identified nearly 100,000 exposed industrial control systems (ICS) potentially allowing an attacker to access and control physical infrastructure.
![The top 5 cybersecurity analytics you need to focus on](/sites/default/files/styles/4_3_small/public/2022/11/15/The%20top%205%20cybersecurity%20analytics%20you%20need%20to%20focus%20on%20hero.png.webp?itok=UK-hVLqc)
Marsh McLennan, the world’s largest insurance broker, recently studied whether Bitsight’s cybersecurity performance analytics are useful in understanding the likelihood of experiencing a cybersecurity incident. The findings were significant: Marsh McLennan found 14 Bitsight analytics to be significantly correlated with cybersecurity incidents.
![Open Port Vulnerabilities: What's the Big Deal?](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-Cyber-Padlock-For-Internet-Pro-266085085_2.jpg.webp?itok=7qIVuL-H)
Open port vulnerabilities can increase cyber risk exposure. Learn what they are and how you can quickly find and fix them.
![What You Are and Aren’t Responsible for Under Cyber Risk Insurance](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1629139633_1.jpg.webp?itok=33l0q0uc)
It’s not hard to justify why you need property insurance when you’re surrounded by your physical goods that you don’t want to be lost or damaged in your home or business. So why isn’t cybersecurity the same?
![Top 5 Trends in Telecom Risk Management](/sites/default/files/styles/4_3_small/public/migration/images/top-5-trends-in-telecom-risk-management_2.jpeg.webp?itok=PnmzbAZA)
As regulations shift and providers enter new markets, the telecom industry is changing rapidly. In preparation for these changes, telecom risk management professionals must become aware of new risks on the horizon. Privacy and net neutrality laws, new kinds of cyber threats, reputational dangers, and other factors are all poised to affect telecom companies deeply in 2019.
![cyber risk mitigation](/sites/default/files/styles/4_3_small/public/2021/11/16/cyberrisk%20mitigation.jpg.webp?itok=bH50Ze-R)
While the ongoing wave of digital transformation opens exciting opportunities for innovation, it also widens your attack surface.
![Overcoming Cybersecurity Headwinds Part 2 - Automation and Repurposing Time Savings](/sites/default/files/styles/4_3_small/public/2023/09/26/Overcoming%20Cybersecurity%20Headwinds%20Part%202-%20Automation%20and%20Repurposing%20Time%20Savings.jpg.webp?itok=FC6bHJML)
Discover how automation can supercharge your Third-Party Risk Management program, saving you time and resources to enhance your security posture.
![Tracking PrivateLoader- Malware Distribution Service](/sites/default/files/styles/4_3_small/public/2024/03/27/Tracking%20PrivateLoader-%20Malware%20Distribution%20Service%20_0.jpg.webp?itok=BpXUBR04)
PrivateLoader is a loader from a pay-per-install malware distribution service that has been utilized to distribute info stealers, banking trojans, loaders, spambots, and ransomware on Windows machines.
![Bitsight Named an Overall Leader in 2023 KuppingerCole Leadership Compass](/sites/default/files/styles/4_3_small/public/2023/09/26/kc-blog-banner-min.png.webp?itok=YcayhyYV)
5 strategies to reduce attack surface exposure with Bitsight, an Overall Leader in the 2023 KuppingerCole Analyst AG Leadership Compass for attack surface management.
![Types of Penetration Testing: Which Is Right for Your Business?](/sites/default/files/styles/4_3_small/public/2023/06/08/Types-of-Penetration-Testing-Which-Is-Right-for-Your-Business.jpg.webp?itok=KHbnAe2k)
Penetration tests (a.k.a. pen tests) are point-in-time cyber risk assessments. They allow IT and security professionals to assess the adequacy of security controls, including intrusion detection and response systems, and identify weaknesses that need attention.
![Cyber Risk Protection and Resilience Planning for Boards](/sites/default/files/styles/4_3_small/public/2023/05/31/Cyber-Risk-Protection-and-Resilience-Planning-for-Boards.jpg.webp?itok=XT056oOG)
Focus on cybersecurity is critical for boards, from both an investor and an operational perspective. Here are cybersecurity questions directors should be asking.
![UP Education Network](/sites/default/files/styles/4_3_small/public/2023/09/21/up-education-network-min.jpg.webp?itok=7KKBDT3B)
A new partnership with UP Education Network, a nonprofit school success organization to significantly improve formerly struggling Massachusetts schools.
![cyber insurance metrics](/sites/default/files/styles/4_3_small/public/2023/06/28/Cyber%20Insurance%20Underwriting%202%2C%20SIZED.jpeg.webp?itok=LF-9QDcx)
Cyber insurers regularly get requests for new business and increased limits. Insurers need to measure an applicant's cyber hygiene with cyber metrics that are categorically proven to stand out.
![5 Reasons To Uncover Third-Party Risk With Security Ratings](/sites/default/files/styles/4_3_small/public/migration/images/What%2520Is%2520A%2520Security%2520Rating_1.jpg.webp?itok=0DueNjVX)
Any seasoned vendor risk manager will tell you that determining whether a particular third party’s cybersecurity is up to your standards—and deciding how much risk to assume through your relations with your vendors—is not a simple task. Even so, there are technologies available that make handling vendor risk easier—and one of those is Bitsight Security Ratings.