Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
Bitsight & Diligent launch extension partnership focused on correlated, independent, & comparable cyber ratings within Diligent’s Board Reporting for IT Risk.
Dealing with unpredictable vulnerabilities is one of today's greatest challenges. What is a zero day and why is it relevant for TPRM?
Whaling attacks are a form of spear phishing that target senior executives. Learn how to defend against these attacks.
Security performance management (SPM) helps security and risk leaders take a risk-based, outcome-driven approach to assessing and managing the performance of their organization’s cybersecurity program. With SPM, security leaders can continuously monitor and assess their organization’s current security state, analyze how security performance ranks against industry and peers, and create improvement plans that reduce cyber risk.
Read Bitsight breach research by looking at the evolution of reported incidents over the past years to identify trends and global patterns.
If your organization is entering into a relationship with a vendor or partner, vendor due diligence is key to mitigating third-party risk.
Network segmentation — the act of dividing a network into multiple smaller, isolated networks that are not visible from the outside — has long been used to reduce cyber risk. At its core, segmentation assumes a “zero trust” approach to protecting digital environments and minimizes access to digital assets for those who don’t need it, while enabling access for those who do. Should a breach occur, that threat is contained in the segmented network so it doesn’t propagate to other assets.
From an IT perspective, an important part of endpoint security refers to ensuring that the endpoint devices connected to your network—computers, laptops, mobile devices, tablets, etc.—are running on the latest version or patch to all operating systems or software.
Learn what is inherent risk, how to measure it, and why it's a useful tool for your vendor risk management program.
Malware can gain entry to your network in many ways. Once malware has penetrated a network, threat actors can use it to steal information, encrypt systems, spy on users, and remove files. Learn how to prevent dangerous malware.
Cybersecurity intelligence is a powerful weapon against risk. Learn how you can improve your cyber data collection, analysis, and sharing to mitigate emerging threats.
New SEC regulations mean that cybersecurity leaders are looking for ways to tell their company's story and looking for the right data to include. Independent cybersecurity benchmarking results are quickly becoming one of the primary data points included in any investor disclosure.
As the attack surface expands, vulnerability management offers a strategic approach to manage exposure and remediate on time. Here's what you need to know.
In today’s ever changing cyber risk landscape, your organization must adopt a vulnerability management framework to control exposure and remediate risks in a timely manner.
METI recommends ASM as a means to discover, manage internet assets, and continuously monitor for associated exposures and vulnerabilities allowing for remediations.