Insights blog.

I started in May 2019, so it’s been almost a year. I started as a sales development rep (SDR). As an SDR, my role and my focus was to find the best potential prospects for my representatives. I was looking in the UK market and in South Africa. Basically, my goal was to find not only the right people, but also the right companies and organizations to connect with. I didn’t want to waste my rep’s time with a call that wasn’t worth it, and it was quite a challenge in the beginning because I didn’t have a tech background and I had to learn and study a lot.
Of course you want to speak with the CISO, CTO, and CSO, but sometimes you have the ESOs who are really cool people to speak to as well. You have to balance all this when you’re doing research. In the EMEA market it’s a different approach from what you guys do here in the US. You need to be very

In the cybersecurity industry we deal with news of breaches or potential threats nearly every day, but when you really think about it, it’s bizarrely rare how little these events impact our everyday lives. Yes, they impact the professional lives of many and have serious business consequences, but perhaps one reason for the lack of urgency society seems to show on the issue is that these tend to be fairly low visibility events for the average person. Even something like the Target or Capital One breaches happened at a remove for most people in the world, with little impact on our daily lives.

Did you know that the volume of attacks on cloud services more than doubled in 2019? According to the 2020 Trustwave Global Security Report, cloud environments are now the third most targeted environment for cyber attacks. While these incidents are on the rise, migrating to the cloud is no longer optional for many organizations, due to the widespread shift to remote work. In today’s ever-evolving, dynamic security landscape, mitigating risk effectively requires thorough cloud security monitoring and continued visibility into your expanding attack surface.

What do you do at Bitsight and when did you start? 

I started at Bitsight in May 2018.

As companies continue to try and manage the massive changes to work driven by COVID-19, security teams have faced immense pressure to rise to the challenge and keep companies secure. In the face of the large scale shift to work from home, expansion of the vendor ecosystem and digital attack surface, and disruptions to operations, it’s vital that security teams focus their efforts on areas of risk concentration.

Did you know that 60% of breaches involve vulnerabilities for which a patch was available but not applied? Now, as business-targeted cyber attacks are on the rise, the ability to mitigate security vulnerabilities quickly and effectively is more important than ever. With malicious actors constantly on the hunt to discover any weaknesses within your infrastructure, it’s critical that you have the tools and insights you need to identify and defend against all possible exploits.

Back in May this year, President Trump issued an executive order banning US energy sector entities from acquiring electric equipment from foreign adversaries, citing potential cybersecurity threats.

There are layers of uncertainty plaguing security professionals when it comes to the time, money, and energy they spend focusing on their third-party risk management systems. Without the proper tools and analysis, it is hard to know if your program is effective.

As the biomedical community rushes to develop vaccines to combat COVID-19, malicious actors are seeking to steal the sensitive intellectual property that underpins treatment.

As your attack surface grows and the threat environment becomes increasingly complex, it’s more important than ever to take a risk-based approach to cybersecurity. By doing so, you can focus your limited resources on the areas that have the biggest impact on your security performance — empowering you to save time and money. 

In our ever-evolving, dynamic cybersecurity landscape, new vulnerabilities are being exploited daily and potential threats can escalate very quickly. Expectations and standards of care are constantly in flux — and what constituted “adequate” security yesterday may not be enough today. As the attack surface continues to grow, it’s more important than ever that you can quickly identify and remediate cybersecurity gaps that exist within your infrastructure.

Today’s businesses can’t succeed on their own, which is why they turn to third parties to grow and stay competitive. However, these partnerships can introduce unwanted cyber risk.

Given the recent security breaches and reported hacking attempts, it is increasingly important for companies to have a handle on their most sensitive data. Sensitive data can include employees’ personal information, customer information, trade secrets, and other types of data that would cause internal breaches to company information if obtained by a hacker. To identify your organizations’ sensitive data points, refer to our recent article highlighting 5 examples of sensitive data.

If you’re running a third-party risk management program, you’re probably no stranger to pressure. Between business owners demanding vendors be onboarded ever faster, to the ever present threat of a data breach, there is a lot to worry about. One of the biggest concerns in today’s security environment is the constantly evolving threat of a breach - especially with vendors.

Working from home introduces significant cyber risk to any organization. However, recent events reveal that it’s not a case of “if” but “when” bad actors will exploit the rampant vulnerabilities on home networks.