Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
The role of IT security manager, information security manager, or cybersecurity manager will vary depending on a number of factors — industry, business size, network sophistication, and so on. However, a person in this role can expect to be held to some or all of the following information security manager responsibilities:
Third-party vendors are a vital part of your business ecosystem. But if you’re not careful, these companies can introduce cyber risk. The SolarWinds supply chain hack is a notable example of the jeopardy that even the most trusted partnerships can yield.
Learn how to secure your expanding cybersecurity ecosystem, including your supply chain.
Learn how to centralize, automate, and streamline your VRM process to manage hundreds of vendors as effectively as you manage ten.
What is a cyber resilience framework? Learn how your organization can better prepare for, respond to, and recover from a cyber attack.
What is a SOC 2 report and why is it essential in due diligence and vendor risk management programs? Here's what you need to know.
Learn the basic principles of Zero Trust and how to apply them to your third-party risk management program to create more secure remote access connections.
People’s perception of your cyber risk will outweigh its actual performance. And when trust in cybersecurity takes a nosedive, it can make a big dent in your financials. Learn how to prove protection and build trust with three key stakeholder groups.
Researchers from Bitsight and Curesec have jointly discovered a high-severity vulnerability — tracked as CVE-2023-29552 — in the Service Location Protocol (SLP).
Our strategic direction is bolstered by an expanded partnership with Moody’s Corporation, enhanced Third-Party Vulnerability Detection & Response capabilities, and an improvement to our proprietary ratings algorithm.
We have made several adjustment to continue to provide Bitsight users with the best external indicator of the performance of cybersecurity controls.
At the upcoming RSA Conference, Bitsight’s Derek Vadala will moderate a panel to explain new cybersecurity disclosure requirements and how timely, consistent, and informative disclosure can benefit companies in the marketplace.
What risks do mobile apps present to your business and how can you get ahead of these threats?
The threat of ransomware has been increasingly prevalent, especially within the high-stakes industries like healthcare and those involved in the election.
Bitsight has recently observed a 15-year-old modular spambot called Tofsee being distributed by PrivateLoader (ruzki), a notorious malware distribution service we also closely monitor.