Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![How Objectivity, Standardization & Context Reduce Cyber Risk](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-Businessmen-Tab-On-Tablet-Touc-289962532_1.jpg.webp?itok=mOZUiItI)
There are numerous areas of business and enterprise risk that have been measured for years in a standardized fashion — these include financial risk, market risk, operational risk, legal risk, and even IT risk.
![How Policymakers Can Measure Critical Infrastructure Sector Cybersecurity Performance blog image](/sites/default/files/styles/4_3_small/public/2022/09/26/How-Policymakers-Can-Measure-Critical-Infrastructure-Sector-Cybersecurity-Performance-blog.jpg.webp?itok=oBHiTS5H)
Discover the performance areas policymakers should begin measuring, why these are important and how they should collect the data.
![How to Scale a Cybersecurity Program Across the Expanding Attack Surface](/sites/default/files/styles/4_3_small/public/2023/03/24/Scale%20Cyber%20Program%2C%20SIZED.jpg.webp?itok=t5aLWf2K)
Learn how to scale your cybersecurity program with automation, continuous monitoring, and powerful data insights.
![How Secure is that Third Party Mobile App?](/sites/default/files/styles/4_3_small/public/migration/images/bigstock-Hand-using-phone-with-centrali-231266215_1.jpg.webp?itok=zCAR72Rw)
In a world where business is increasingly conducted on mobile devices, it is imperative that organizations offer mobile applications to serve their customer base. In fact, for many businesses, mobile applications are one of the primary channels used to interact with customers and to sell products and services.
![Driving Operational Efficiency in Your Cybersecurity Remediation Process](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1391331053_1.jpg.webp?itok=9lAaUUtc)
Let’s face it: In order to get the most out of your limited time and resources, you need to rethink the traditional processes you have in place throughout your risk management program — from the initial discovery and assessment phases to ongoing performance monitoring. By finding new operational efficiencies in each stage, you can maximize your cybersecurity ROI and ultimately do more with less.
![third party data breach](/sites/default/files/styles/4_3_small/public/2023/06/06/third%20party%20data%20breach.jpeg.webp?itok=OpkVMLhJ)
Third parties may have weaker security controls than the organizations they provide services to. Learn how to prevent a third party data breach.
![cybersecurity baseline](/sites/default/files/styles/4_3_small/public/2023/06/05/cybersecurity%20baseline.jpeg.webp?itok=ZD1qDb6M)
Let’s look at how you can establish a cybersecurity baseline that works for your unique risks, industry, and business.
![The Importance of Continuous Improvement in Security Performance Management](/sites/default/files/styles/4_3_small/public/migration/images/bigstock--202892632_1.jpg.webp?itok=NCBg2BSz)
When it comes to managing their organization’s cybersecurity performance, security and risk leaders must take a risk-based, outcome-driven approach. They can do so through targeted measurement, continuous monitoring, and detailed planning and forecasting in an effort to measurably reduce cyber risk.
![Cybersecurity risk remediation plan, people at a conference table discussing security](/sites/default/files/styles/4_3_small/public/2022/01/03/Risk%20Remediation%20Plan%2C%20Sized.jpg.webp?itok=oE46OAzc)
Does your organization have a cybersecurity risk remediation plan? Follow these 5 tips for crafting one.
![SOC Cyber Vulnerability Awareness](/sites/default/files/styles/4_3_small/public/2023/04/13/security%20operations%20center.jpg.webp?itok=WpC19SUq)
To be effective as a security leader you must find ways to help your SOC teams improve cyber vulnerability awareness and time to remediate. Let’s explore how.
![New vulnerability discovered by Bitsight can lead to dos attack](/sites/default/files/styles/4_3_small/public/2023/05/26/New-vulnerability-discovered-by-bitsight-dos-attack.jpg.webp?itok=14z66npl)
The other week, Bitsight released a piece of high-profile research alerting the public to a high-severity vulnerability. Here’s a summary of what happened and why it matters.
![digital infrastructure, IT worker in a server room](/sites/default/files/styles/4_3_small/public/2023/05/19/Digital%20Infrastructure%20SIZED.jpg.webp?itok=mqVWwSY3)
Learn how to reduce exposure and manage cybersecurity risk across your expanding digital infrastructure.
![How to Introduce Information Security Risk Assessment Methodology](/sites/default/files/styles/4_3_small/public/migration/images/How_To_Introduce_Information_Security_Risk_Assessment_Methodology_To_Your_Company_-_thumb_1.jpg.webp?itok=3mC6QCQQ)
Today, performing information security risk analysis is an accepted part of managing any business, and it’s something most CEOs and board members take very seriously. They don’t just want to “check a box” for information risk management—they understand that their ability to manage risk adequately is a fundamental part of their long-term success. What’s more, they want to meet the standards of care that similarly-situated, like-minded organizations are meeting.
![IoT Cybersecurity: How Your Organization Can Tame the Wild West](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1462012349_0.png.webp?itok=cnzO3Eiz)
From sensors on the factory floor to those that guide autonomous vehicles, the Internet of Things (IoT) is transforming how we live and work. Over the coming years, IoT will continue to change our world, with the number of connected devices expected to grow from 13.8 billion units in 2021 to 30.9 billion by 2025.
![Is Your Cyber Security Communication Strategy Effective?](/sites/default/files/styles/4_3_small/public/migration/images/Is%2520your%2520communcation%2520effective%2520blog%2520post%2520image_1.jpg.webp?itok=YHyZ6K3j)
One of the more challenging aspects of third party risk management is effectively communicating risk. Often the risks posed by vendors are highly technical, and it can be tempting to simply put together a slide or list to review with business owners, executives or board members. But this can often create an obstacle to buy in, as few people have the expertise to understand what these risks mean.