Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![How to Develop a Vendor Cyber Risk Management Framework](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_588813473_1.jpg.webp?itok=TRqqSHOe)
Third-party vendors are an essential part of today’s business ecosystem. A study by Gartner finds that, in 2019, 60% of organizations work with more than 1,000 third parties and those networks are only expected to grow.
![Why Bayer Chose BitSight](/sites/default/files/styles/4_3_small/public/migration/images/BAYER_1.png.webp?itok=D11R9vdN)
Companies must build a “trust and verify” strategy when it comes to managing third party risk. Requesting documentation about a supplier’s security performance is good – but how can you verify it? How can you continuously review performance?
![Forecasting and Advanced Analytics: Building a Solid Security Strategy For 2020](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_450875209_1.jpg.webp?itok=kS62fC-M)
2020 is not only the beginning of a new year, but the start of a new decade, and with it comes the dawn of a new era for the digital world. We’re now in the midst of the once far-off, “futuristic” time periods old books and movies used to dream about. But does your security performance management strategy match the functionality of today’s technology?
![BitSight Honored as CRN® Tech Innovator Award Winner](/sites/default/files/styles/4_3_small/public/migration/images/2019_CRN%2520Tech%2520Innovators_Winner_Social%2520Image_1.jpg.webp?itok=rUBjuOop)
In recognition of our groundbreaking innovation and true differentiation in serving the IT channel, we’re proud to announce that the Bitsight Peer Analytics solution has been selected as a winner in the CRN 2019 Tech Innovator Awards.
![Cyber-Attack on Indian Nuclear Power Plant Exposes Threat of “Snooping” Malware](/sites/default/files/styles/4_3_small/public/migration/images/nuclear%2520plant%2520breach_1.jpg.webp?itok=S5vxQxrD)
On October 20th, 2019, authorities in India confirmed that one of its nuclear power plants had been hacked. The malware attack on the Kudankulam Nuclear Power Plant (KKNPP), first noticed on September 4th, has since been attributed to the North Korean state-sponsored threat group known as Lazarus.
![Texas Senate Bill 820: New Regulation Takes Aim at Cyber Threats in Education Sector](/sites/default/files/styles/4_3_small/public/migration/images/Texas%2520bill%2520820%2520blog%2520post_1.png.webp?itok=Vi-Cj-ZV)
Schools and colleges are facing an alarming increase in cybersecurity incidents. Some hackers seek ransoms while others see value in scooping up personally identifiable information to sell to identity thieves.
![Cloud outsourcing poses new challenges for regulators and Financial Services](/sites/default/files/styles/4_3_small/public/migration/images/Strategic%2520cloud%2520outsourcing_EMEABlog_1.jpg.webp?itok=XpAY-Ml1)
Cyber risk and regulatory compliance are two sides of the same coin in the Financial Services sector. Together, they spur Financial Services companies to take action to protect customers, their business and the global financial ecosystem from the malicious cyber attacks or the risk of critical system failures.
![The Biggest Challenge for CISOs Isn't What You Think](/sites/default/files/styles/4_3_small/public/migration/images/AdobeStock_173503359-min_1.jpeg.webp?itok=tx89Vi7n)
The biggest challenge for CISOs in the next five years won’t be blockbuster malware, shadow IT, the explosion of connected devices, or even regulatory pressure.
![3 Ways to Avoid the Top Causes of Data Breaches](/sites/default/files/styles/4_3_small/public/migration/images/3%2520Ways%2520to%2520Avoid%2520blog%2520post-1_1.png.webp?itok=Ny6AlRDp)
As the number and costs of cyber-attacks and data breaches continue to rise, more money is being thrown at the problem. IDC projects that by 2022, organizations will spend $133.8 billion to protect their IT infrastructures against cybersecurity threats.
![Financial services in Asia Pac face regulatory driven scrutiny of cyber risk management](/sites/default/files/styles/4_3_small/public/migration/images/blog_apac_financial_services_regulations_1.jpg.webp?itok=qaqYjmeb)
The evolution of the technology environment and related security threats is so fast paced it often seems businesses and regulators are playing an endless game of catch-up.
![Get Ready For Ransomware Season](/sites/default/files/styles/4_3_small/public/migration/images/holiday%2520ransomware_1.jpg.webp?itok=lQ4z7W6Y)
As retailers and consumers across the country begin gearing up for the 2019 holiday shopping season, hackers are also preparing for the days between Thanksgiving and Christmas. And all signs point to ransomware as their preferred method of attack.
![Control and Accountability: The New Watchwords for Regulatory Compliance](/sites/default/files/styles/4_3_small/public/migration/images/control_accountability_blog_1.jpg.webp?itok=qkHuwdMy)
The regulatory environment is evolving rapidly as national and international regulatory bodies attempt to keep pace with changing business models, technology infrastructure and continuously escalating cyberthreats.
![Third-Party Vendor Risk Management for Financial Institutions](/sites/default/files/styles/4_3_small/public/2022/02/18/Third-Party%20Vendor%20Risk%20Management%20for%20Financial%20Institutions.png.webp?itok=9j-pJubH)
The nature of financial services necessitates global connections and vast third-party ecosystems, with connections to millions of users and devices. This makes financial services firms a favorite target for cyber criminals, accounting for a full 10% of global breaches in 2018.
![New Study: Why Cybersecurity Breach Survivors Are Your Firm’s Most Valued Asset](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1357654529-3_1.png.webp?itok=y87ZvMem)
No one wants to talk about their failures, especially in the cybersecurity realm where the stakes are high. But new insight from Symantec and Goldsmiths, University of London, finds that security professionals who have lived through a cybersecurity attack or breach could be the answer to protecting your organization against future threats.
![A Security Score vs. A Security Rating: What’s The Difference?](/sites/default/files/styles/4_3_small/public/migration/images/scorevsrating-stock-big_1.jpg.webp?itok=0TGcRhBA)
This post was originally published July 18, 2016 and has been updated for accuracy and comprehensiveness.