Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![As Cyber Insurance Claims Soar, Businesses Need to Demonstrate a Standard of Care](/sites/default/files/styles/4_3_small/public/migration/images/913%2520Blog_1.jpg.webp?itok=ArOQNWUr)
Hardly a day goes by without the emergence of a disturbing new trend in cyber crime or headline-grabbing hack. Hackers are getting smarter and threat vectors are constantly evolving. The escalating threat is forcing businesses to file more cyber insurance claims than ever. But are they taking the proactive steps necessary to boost their security postures and become a better underwriting risk?
![Marsh McLennan and BitSight-Make Better Cybersecurity Decisions with Data Analytics Blog](/sites/default/files/styles/4_3_small/public/2022/10/14/Marsh%20McLennan%20and%20BitSight-Make%20Better%20Cybersecurity%20Decisions%20with%20Data%20Analytics%20Blog.jpg.webp?itok=xFLXcV3B)
These 14 cybersecurity analytics can help you make better cyber insurance decisions for underwriters, insurance buyers, and security professionals.
![Cyber Insurance Underwriting: What Role Do Security Ratings Play?](/sites/default/files/styles/4_3_small/public/migration/images/Cyber%2520Insurance%2520Underwriting%2520-%2520thumb_1.jpg.webp?itok=2mi-Yqqs)
If you’re involved in the cyber insurance underwriting process—from the transaction to the ongoing operations—you’re constantly looking for things to help you (and your team) select better risks. Here are three specific ways Bitsight’s Security Ratings platform can play an integral role in the underwriting process.
![What You Are and Aren’t Responsible for Under Cyber Risk Insurance](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_1629139633_1.jpg.webp?itok=33l0q0uc)
It’s not hard to justify why you need property insurance when you’re surrounded by your physical goods that you don’t want to be lost or damaged in your home or business. So why isn’t cybersecurity the same?
![cyber insurance metrics](/sites/default/files/styles/4_3_small/public/2023/06/28/Cyber%20Insurance%20Underwriting%202%2C%20SIZED.jpeg.webp?itok=LF-9QDcx)
Cyber insurers regularly get requests for new business and increased limits. Insurers need to measure an applicant's cyber hygiene with cyber metrics that are categorically proven to stand out.
![cyber insurance hygiene](/sites/default/files/styles/4_3_small/public/2023/06/28/Cyber%20Insurance%20Underwriting%201%2C%20SIZED.jpeg.webp?itok=JOdsKVLM)
How do cyber insurers determine which organizations are going to be a risk worth taking? It’s more important than ever to continue underwriting good and opportunistic risks, while not overcorrecting for the high loss ratios the industry is seeing. Insureds need to answer two questions: what is good cyber hygiene and how do you measure it?
![Why You Should Consider Aggregate Portfolio Risk In Your Book Of Business](/sites/default/files/styles/4_3_small/public/migration/images/Aggregate%2520Portfolio%2520Risk%2520In%2520Your%2520Book%2520Of%2520Business%2520-%2520thumb_1.jpg.webp?itok=P_iMLpvy)
Considering aggregate portfolio risk is critical for insurance companies—which means it’s important to differentiate between concentration risk and aggregation risk.
![A Mere Five Percent of Vulnerable Enterprises Fix Their Issues Every Month- How to Help Them Do Better](/sites/default/files/styles/4_3_small/public/2023/06/22/A%20Mere%20Five%20Percent%20of%20Vulnerable%20Enterprises%20Fix%20Their%20Issues%20Every%20Month-%20How%20to%20Help%20Them%20Do%20Better.jpg.webp?itok=xOQwZhwr)
People’s perception of your cyber risk will outweigh its actual performance. And when trust in cybersecurity takes a nosedive, it can make a big dent in your financials. Learn how to prove protection and build trust with three key stakeholder groups.
![Cyber insurance guiding security program](/sites/default/files/styles/4_3_small/public/2023/01/10/Practitioner%27s%20Corner_%20Cyber%20Insurance%2C%20SIZED.jpg.webp?itok=S4MqJQp4)
While many organizations look at cyber insurance as a way to transfer risk and mitigate financial losses, the assessment process used by cyber insurers can help shape your security program for the better.
![How to influence cyber insurance coverage](/sites/default/files/styles/4_3_small/public/2022/10/19/Cyber%20Insurance%20Influence%2C%20SIZED.jpg.webp?itok=iFwmqDV5)
Although Bitsight cannot influence the risk appetite of an insurance company, we can help you understand your cyber hygiene while proving to insurers that you are actively invested in your security posture, which influences the coverage decision.
![Cyber insurance underwriting evolution and expectations](/sites/default/files/styles/4_3_small/public/2022/04/04/Cyber%20Insurance%20Underwriting%2C%20Sized.jpg.webp?itok=sXAliu2l)
What is cyber insurance underwriting, how has it evolved, and what you can expect when you apply for cyber insurance.
![The Financial Impact of SolarWinds Breach](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_755847970_2.jpg.webp?itok=7n3eVAke)
The SolarWinds breach is already one of the most significant cybersecurity incidents ever. And as with any unprecedented cyber event, this will have long-term effects on the way businesses and government consider their security programs. While many questions remain unanswered, the SolarWinds impact on the insurance sector has become clearer after an analysis we’ve completed with one of our partners. So, what should we expect the financial impact of SolarWinds on cyber insurers? And how can cyber insurers quantify a breach of this scale in the future?
![The Financial Impact of SolarWinds Breach](/sites/default/files/styles/4_3_small/public/migration/images/shutterstock_755847970_2.jpg.webp?itok=7n3eVAke)
The SolarWinds breach is already one of the most significant cybersecurity incidents ever. And as with any unprecedented cyber event, this will have long-term effects on the way businesses and government consider their security programs. While many questions remain unanswered, the SolarWinds impact on the insurance sector has become clearer after an analysis we’ve completed with one of our partners. So, what should we expect the financial impact of SolarWinds on cyber insurers? And how can cyber insurers quantify a breach of this scale in the future?
![A Security Score vs. A Security Rating: What’s The Difference?](/sites/default/files/styles/4_3_small/public/migration/images/scorevsrating-stock-big_1.jpg.webp?itok=0TGcRhBA)
This post was originally published July 18, 2016 and has been updated for accuracy and comprehensiveness.
![BitSight EXCHANGE Sound Bites: Transferring Risk Through Cyber Insurance](/sites/default/files/styles/4_3_small/public/migration/images/jake-exchange-2_1.jpg.webp?itok=OQ1jNtQP)
In the months since Bitsight’s inaugural EXCHANGE forum inaugural EXCHANGE forum, we have been digesting and processing the incredible sessions and discussions that came about from this forum. It was a great event that brought together security executives from all over to discuss the challenges they face in their roles every day.