Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
Bitsight has identified nearly 100,000 exposed industrial control systems (ICS) potentially allowing an attacker to access and control physical infrastructure.
Marsh McLennan, the world’s largest insurance broker, recently studied whether Bitsight’s cybersecurity performance analytics are useful in understanding the likelihood of experiencing a cybersecurity incident. The findings were significant: Marsh McLennan found 14 Bitsight analytics to be significantly correlated with cybersecurity incidents.
It’s not hard to justify why you need property insurance when you’re surrounded by your physical goods that you don’t want to be lost or damaged in your home or business. So why isn’t cybersecurity the same?
As regulations shift and providers enter new markets, the telecom industry is changing rapidly. In preparation for these changes, telecom risk management professionals must become aware of new risks on the horizon. Privacy and net neutrality laws, new kinds of cyber threats, reputational dangers, and other factors are all poised to affect telecom companies deeply in 2019.
While the ongoing wave of digital transformation opens exciting opportunities for innovation, it also widens your attack surface.
Discover how automation can supercharge your Third-Party Risk Management program, saving you time and resources to enhance your security posture.
PrivateLoader is a loader from a pay-per-install malware distribution service that has been utilized to distribute info stealers, banking trojans, loaders, spambots, and ransomware on Windows machines.
5 strategies to reduce attack surface exposure with Bitsight, an Overall Leader in the 2023 KuppingerCole Analyst AG Leadership Compass for attack surface management.
Penetration tests (a.k.a. pen tests) are point-in-time cyber risk assessments. They allow IT and security professionals to assess the adequacy of security controls, including intrusion detection and response systems, and identify weaknesses that need attention.
Focus on cybersecurity is critical for boards, from both an investor and an operational perspective. Here are cybersecurity questions directors should be asking.
A new partnership with UP Education Network, a nonprofit school success organization to significantly improve formerly struggling Massachusetts schools.
Cyber insurers regularly get requests for new business and increased limits. Insurers need to measure an applicant's cyber hygiene with cyber metrics that are categorically proven to stand out.
Any seasoned vendor risk manager will tell you that determining whether a particular third party’s cybersecurity is up to your standards—and deciding how much risk to assume through your relations with your vendors—is not a simple task. Even so, there are technologies available that make handling vendor risk easier—and one of those is Bitsight Security Ratings.
Third parties are essential to helping your business grow and stay competitive. But if you’re not careful, your trusted partnerships can introduce unwanted cyber risk and overhead into your organization.
How do cyber insurers determine which organizations are going to be a risk worth taking? It’s more important than ever to continue underwriting good and opportunistic risks, while not overcorrecting for the high loss ratios the industry is seeing. Insureds need to answer two questions: what is good cyber hygiene and how do you measure it?