Insights blog.

This post was originally published November 12, 2015 and has been updated for accuracy and comprehensiveness

With compliance deadlines approaching, where should CISOs start? Bitsight experts share five strategies to navigate the complexities of cyber regulations.

Bitsight has integrated with Archer to bring vendor risk management to the next level of efficiency. Learn what the integration can bring to your third party risk management program.

Security questionnaire automation can save time and reduce errors in your vendor risk management program. Learn how to quickly implement it at scale.

The Moody’s Analytics supply chain, credit, insurance, compliance and investment management offerings now feature Bitsight’s leading cyber risk analytics.

Cybersecurity readiness is the ability to identify, prevent, and respond to cyber threats.

Bitsight today announced its participation in the Microsoft Security Copilot Partner Private Preview. Bitsight was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft.

Amid a rise in regulatory pressure for cybersecurity leaders in Europe, with DORA and NIS2 as the most recent examples, cyber risk analytics emerge as an instrumental tool in ensuring compliance. Here's why.

Your IT department spends a great deal of time distributing security information and maintaining your organization’s internal security processes. Unfortunately, a persistent threat, deemed shadow IT, is still making its way into your organization’s network.

Within the Bitsight Security Ratings platform, we analyze risk vectors specifically chosen to help organizations identify and manage risks across their own networks and the networks of their third parties. Over the past few months, Bitsight has added new risk vectors to enhance the insights across the “spectrum of risk” and provide a more comprehensive picture of an organization’s security posture. These risk vectors will not be factored into our rating calculation until we update and expand the rating algorithm once every year. However, they still provide extremely valuable information to Bitsight users. As new threats emerge, Bitsight understands the important role that these threats play in the security ratings industry. This is why we continuously add to our list of risk vectors — it is critical that security ratings services are dynamic in nature and able to incorporate the identification of these risks into their service. 

We are constantly evolving our offerings to meet customer needs and address market shifts. Read our blog to learn about our customer-first enhancements to the Bitsight for Third-Party Risk Management Platform.

Bitsight dissects SmokeLoader's plugins received by an infected computer from the botnet "0020". We explore their inner workings, capabilities, and threat vectors.

The global cybersecurity market is currently worth $173 billion and expected to grow to $270 billion by 2026. Yet as organizations invest more in security technology, a new global survey by IBM Security and the Ponemon Institute suggests that security response efforts are “hindered by the use of too many security tools, as well as a lack of specific playbooks for common attack types.” Of those surveyed, 74% of respondents report that their response plans are ad-hoc, applied inconsistently, or that they have no plans at all. 

Recently, our Threat Research team discovered a new malware sample, distributed by the PrivateLoader and Amadey loaders. Learn more.

In the security ratings market, some offerings claim that a staggering percentage of the data they leverage is proprietary, and downplay the value of externally sourced data. While these companies may state that (close to) 100% of their data collection on IP maps, DNS records, event data and more is proprietary, there are several reasons why this is problematic. Let’s break down the myths surrounding this issue one at a time.