Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![Webinar: Managing Information Security Risk in Your Partner Ecosystem](/sites/default/files/styles/4_3_small/public/migration/images/webinar_1.jpg.webp?itok=-DXiou9A)
Bitsight has partnered with The iSMG Network for a webinar series beginning on October 24, 2013. Securosis analyst and President, Mike Rothman will present along side Bitsight CTO and Co-founder Stephen Boyer in a session titled, "Managing Information Security Risk in Your Partner Ecosystem."
![In Search of Useful Models](/sites/default/files/styles/4_3_small/public/migration/images/useful-models-for-security-risk-measurment_1.png.webp?itok=MbFvX1xS)
I was in graduate school when I first heard the well-known quote by statistician George Box: “Essentially, all models are wrong, but some are useful."
![Security Risk Management: Should You Take A Reactive or Proactive Approach?](/sites/default/files/styles/4_3_small/public/migration/images/reactive-or-proactive-security-risk-management_1.jpg.webp?itok=jNVbpeWO)
In a world of evolving threats, executives are faced with the challenge of deciding whether to allocate scarce security resources in proactive investments that may prevent attacks or in reactive investments in response to security failures. Some researchers have argued that the most effective security investments are those based on lessons from past attacks, particularly when defending against similar incidents.
![How is Partner Security Risk Being Managed Today?](/sites/default/files/styles/4_3_small/public/migration/images/Global-Business-Partners_1.png.webp?itok=M2i1sXQq)
Partner security risk is an important topic in the minds of risk officers today. With the number of companies being breached via third parties on the rise (New York Times, Bank of America, Twitter), this is clearly a big area of concern. In a survey conducted by Ponemon in February 2013, 65% of participants said their organization had a breach involving the loss or theft of their organization’s information when it was outsourced to a third party. In April 2013, the Information Security Forum (ISF) wrote "Of all the supply chain risks, information risk is the least well managed."