Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![Why Third-Party Risk Management Has Never Been More Important](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1088000534_1.jpg.webp?itok=_7KDdJeB)
Over recent weeks, the ongoing spread of the COVID-19 coronavirus has forced companies around the country to make difficult decisions about how they can do their part to protect their employees — as well as their communities as a whole.
![Lack of Cyber Metrics Hamper U.S. Ability to Respond to Cyberattacks](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1218735091_1.jpg.webp?itok=B59XqqBM)
As the nation struggles to come to terms with the coronavirus and questions linger around our readiness for such a pandemic, government leaders are already grappling with the next potential catastrophe — a major cyberattack against the U.S.
![Novel Coronavirus Brings New Challenges For Security Teams](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1643947495_1.jpg.webp?itok=BQ9JZ4Oe)
As the world wrestles with the spread of the COVID-19 coronavirus, many businesses are instituting new work from home (WFH) policies to keep employees safe and do their part to help halt the rate of infection. While remote work has long been a reality for many employees and businesses, remote work on such a large scale is frankly unprecedented and has the potential to open entirely new problems for security teams. It may make already challenging but essential work more difficult, and will require a careful reexamination of long standing policies, systems, and procedures.
![Hackers Target Defense Contractors in an Effort to Reach the Pentagon](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_508154416_1.jpg.webp?itok=FY6Q8FhS)
The Department of Defense (DoD) has one of the largest supply chains in the world, scaling to hundreds of thousands of different vendors and partners. Yet, these vital partners in our nation’s defense infrastructure pose a huge cyber risk.
![Joint Effort with Microsoft to Disrupt Massive Criminal Botnet Necurs](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_661115089_1.jpg.webp?itok=XlbsTP-G)
Since 2017 Bitsight has been working together with Microsoft’s Digital Crimes Unit (DCU) to understand the inner workings of the Necurs malware, its botnets and command and control infrastructure in order to take disruptive action against the threat, including reverse engineering, malware analysis, modules updates, infection telemetry and command and control updates and forensic analysis. This week, an action took place to disrupt all Necurs botnets, followed by mitigation and eradication actions.
![Could Hackers Target Healthcare Next with Coronavirus Scam?](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_608032916_1.jpg.webp?itok=yha_D4K8)
Cyber hackers are an opportune group of people, hunting like predators and shifting their approach as needed. And now, they’re leveraging the concern and — in some cases — hysteria about the coronavirus outbreak to advance their nefarious objectives.
![Government Cyber Alert Highlights Growing Threat to Utilities Sector](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1050436496-1_1.jpg.webp?itok=XMO4_Vx8)
In mid-February, the Cybersecurity and Infrastructure Agency (CISA) alerted owners and operators in all critical infrastructure sectors to review their cybersecurity programs. The alert came in the wake of a ransomware attack against an unnamed natural gas compression facility that resulted in a two-day shutdown of the facility’s operations.
![Mitigating Risk in Your Expanding Digital Ecosystem](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1160196997_1.jpg.webp?itok=ULBeLJl9)
As time goes on, organizations are taking on more and more new digital transformation initiatives to become increasingly agile and boost productivity — dramatically transforming the number of digital touchpoints employees interact with on a day-to-day basis.
![FBI Alerts Companies of Cyber Attacks Aimed at Supply Chains](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1243021015_1.jpg.webp?itok=y99dVI45)
Earlier this month, ZDNet broke the news that the FBI had sent a cybersecurity alert to the U.S. private sector warning of an ongoing hacking campaign against supply chain software providers. According to the FBI, hackers are attempting to infect upstream companies — particularly those in the energy sector — with the Kwampirs malware, a remote access trojan (RAT).
![BitSight Partners with OneTrust Vendorpedia to Offer Advanced Third-Party Risk Monitoring](/sites/default/files/styles/4_3_small/public/migration/images/onetrust%2520partnership_1.png.webp?itok=Vz-hUGM9)
When it comes to monitoring the third-party cyber risk associated with vendors, suppliers, and others, companies and organizations all over the world rely on Bitsight and OneTrust Vendorpedia. When used together, the two platforms empower third-party risk management teams with enhanced vendor visibility, rich monitoring capabilities, and increased automation throughout the vendor risk management lifecycle.
![Get Ahead of the Quantum Computing Security Threat](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_707534518_1.jpg.webp?itok=9EXFBA7s)
Quantum computing has the ability to change the world, both for better and worse, and while it may be far off in the future, security teams need to start preparing for the new reality it will usher in.
![BitSight’s John Kelly Recognized by CRN as a 2020 Channel Chief](/sites/default/files/styles/4_3_small/public/2022/07/28/CRN%20channel%20chief%202020.png.webp?itok=ussqrxOr)
Bitsight is proud to announce that John Kelly, Bitsight’s vice president of global channel sales, has been named to CRN’s 2020 Channel Chiefs list. The annual award recognizes an elite group of IT channel leaders who drive the channel agenda and evangelize the importance of channel partnerships.
![ElevenPaths CyberSecurity Report Outlines Cyber Risk Ratings by Sector](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1096465133_1.jpg.webp?itok=3PxCiRhW)
ElevenPaths, Telefonica’s Cybersecurity Unit, recently released a new report that summarizes the latest cybersecurity insights from the second half of 2019 — covering everything from relevant incidents and vulnerabilities to cyber risk ratings by sector. The information presented is mostly based on the collection and synthesis of internal data that has been contrasted with public information from high-quality sources, including Bitsight Security Ratings.
![Employee Spotlight](/sites/default/files/styles/4_3_small/public/2022/02/18/employee%2520spotlight%2520banner_13.png.webp?itok=WGk1kwQh)
What do you do at Bitsight and when did you start?
![New Study Reveals Cybersecurity Risks in the World’s Largest Airports](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1189545343_1.jpg.webp?itok=aKYJ_nXB)
Back in 1990, Hollywood producers imagined a complex plot in which an army of mercenaries with malicious intent hack into and take over the air traffic control system at Washington Dulles International Airport. The result was the classic movie, Die Hard 2.