Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![Information Security In Banking & Finance Industry: 3 Critical Vendor Risks](/sites/default/files/styles/4_3_small/public/migration/images/Information%2520Security%2520In%2520Banking%2520-%2520BitSight_1.jpg.webp?itok=TVGkWjOz)
The NCUA Board approved a proposed rule that would require a federally insured credit union (FICU) to notify the NCUA as soon as possible but no later than 72 hours after they reasonably believe that a reportable cyber incident has occurred.
![Bitsight_rensomware_in_third_party_networks](/sites/default/files/styles/4_3_small/public/2022/07/26/Bitsight_rensomware_in_third_party_networks_600x350_Opt2%20%281%29.png.webp?itok=dbWb-5Lh)
Ransomware can gain access to your network through your third party ecosystem - and it may be more likely than you think. Read our latest blog to learn the three most effective ways to defend against third party ransomware risk.
![BitSight Finds Critical Vulnerabilities in Popular GPS Tracker](/sites/default/files/styles/4_3_small/public/2022/07/15/BitSight%20Finds%20Critical%20Vulnerabilities%20in%20Popular%20GPS%20Tracker_New.jpg.webp?itok=AADpgFSJ)
Bitsight has discovered six severe vulnerabilities in a popular vehicle GPS tracker (MiCODUS MV720) potentially allowing hackers to track individuals without their knowledge, remotely disable fleets of corporate supply and emergency vehicles, abruptly stop civilian vehicles on dangerous highways, and more.
![NIST, Security Guidance](/sites/default/files/styles/4_3_small/public/2022/07/01/NIST%20Guidance_SIZED.jpg.webp?itok=W_NogpX6)
New guidance from the U.S. National Institute of Standards and Technology (NIST) provides important information for organizations seeking to improve their software supply chain security. NIST recommends a variety of best practices.
![What is a botnet, image shows a representation of a botnet](/sites/default/files/styles/4_3_small/public/2022/06/24/What%20is%20a%20Botnet%2C%20SIZED.jpg.webp?itok=iWqqujCC)
What is a botnet? A botnet is a collection of networked devices that are infected by malware and hijacked to carry out scams and data breaches.
![cybersecurity and investing](/sites/default/files/styles/4_3_small/public/2022/06/23/cybersecurity%20and%20investing_sized.jpg.webp?itok=4a1G2vr0)
Investors are worried about cybersecurity—and for good reason. Yet despite growing concerns and the criticality of the issue, the dialogue between companies and investors need significant improvement. Here's why.
![vendor risk management ransomware](/sites/default/files/styles/4_3_small/public/2021/12/06/ransomware-blog.jpg.webp?itok=58waN1-I)
In 2021, ransomware attacks on government agencies globally increased by 1,885% over 2020 attacks, and the trends are continuing so far in 2022. Learn how to protect your organization from ransomware with three best practices.
![Vulnerability alert](/sites/default/files/styles/4_3_small/public/2023/04/26/Vulnerability%20alert-min.jpg.webp?itok=PREnq-Uj)
Atlassian Confluence has been impacted by vulnerability CVE-2022-26134 allowing for ransomware deployment, data theft, & more. See Bitsight's findings & analysis.
![Third-Party Vendor Risk Management for Financial Institutions](/sites/default/files/styles/4_3_small/public/2022/02/18/Third-Party%20Vendor%20Risk%20Management%20for%20Financial%20Institutions.png.webp?itok=9j-pJubH)
According to the 2022 Verizon Data Breach Investigations Report, 62% of system intrusions came through an organization’s partner. Read our blog to learn how to assess your vendors to effectively reduce breach risk.
![5 Essential Tools for Supply Chain Risk Management Blog Hero](/sites/default/files/styles/4_3_small/public/2023/04/10/5-Essential-Tools-for-Supply-Chain-Risk-Management.jpg.webp?itok=kK2QVzoc)
While all areas of risk management involve blind spots, supply chain risk management might be the murkiest. To be effective in this field, risk professionals must account for risks from a wide variety of sources, from bad password management to geopolitical upheaval. Supply chain risks can be difficult to detect, unpredictable, and fast-moving.
![cyber risk mitigation](/sites/default/files/styles/4_3_small/public/2021/11/16/cyberrisk%20mitigation.jpg.webp?itok=bH50Ze-R)
The federal government is using every tool possible to deter and disrupt retaliatory cyberattacks against critical national infrastructure. With the Strengthening American Cybersecurity Act, agencies are required to report cybersecurity incidents within a 72 hour period. Learn more.
![Cyber Preparedness](/sites/default/files/styles/4_3_small/public/2022/05/31/Cyber%20Preparedness.jpg.webp?itok=uCewOJx-)
Learn about the four pillars of cyber preparedness and why it’s everyone’s responsibility to get involved.
![Global distribution of Emotet infected systems](/sites/default/files/styles/4_3_small/public/2022/05/19/Global%20distribution%20of%20infected%20systems-min.png.webp?itok=uiwqItNT)
In November 2021, a new version of the Emotet botnet emerged. How did this happen? What is the botnet doing today? And how can organizations avoid becoming victims? Get the answers and more.
![How Do I Know if I am at Risk for a Ransomware Attack?](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1228736578_0.png.webp?itok=JY0MfgIE)
Ransomware isn’t going away; security leaders need to get inside the brain of ransomware sleuths and learn how attacks develop to better identify early indicators of ransomware in their network. Read on to learn how ransomware attacks happen.
![Attack surface reduction examples, person working on computer](/sites/default/files/styles/4_3_small/public/2022/05/16/Attack%20Surface%20Reduction%20Examples%2C%20SIZED.jpg.webp?itok=oO7CXqJU)
Explore actionable attack surface reduction examples that can reduce risk across your expanding digital environment.