Read news articles covering Bitsight, the leader in security ratings. We're proud to be featured in these leading business & technology publications, journals, blogs, and broadcasts.
In The News
A recent report found that the average tenure of a chief information security officer (CISO) is only 18 to 24 months, citing constant stress and urgency of the job as the core reasons. For comparison, the average tenure of a chief financial officer is 6.2 years and the average tenure of a chief executive officer is 8.4 years.
“Our national security is at risk and it's well past time to address this challenge with leadership and resources,” argued Jake Olcott, VP of government affairs at Bitsight. “The entire defense supply chain has been under attack for years, and it's not just the small companies that are vulnerable. Defense agencies must gain visibility immediately. We can't afford to wait.”
“Financial success, brand perception, business continuity and company reputation now all hinge on security performance,” said Tom Turner, CEO, Bitsight, which commissioned the report. “But in order to effectively manage performance, you have to measure it. We think this study should serve as a...call for security leaders and their executives and boards to take a close look at their strategies for security performance measurement and reporting, after all, their businesses are now on the line.”
Cybersecurity performance is critical to achieving commercial success, according to a Bitsight study.
Do executives understand and effectively measure risk, and adequately communicate it to their board, customers and critical stakeholders? A study conducted by Forrester Consulting on behalf of Bitsight, suggested they may not be, with 40% of enterprises losing business due to their cybersecurity performance.
In a survey of 207 business people responsible for managing cyber risk at their company, 38% admitted that they have lost business because of a poor security performance. And it’s not just a company’s actual security hygiene that loses them cash – even the perception of sub-par cybersecurity is enough to put off customers. Conducted by cybersecurity ratings firm Bitsight and market research company Forrester, the study also found that 80% of surveyed customers experienced a cybersecurity incident in the past year alone.
Bitsight has announced the availability of a new study that evaluates how executives understand and effectively measure their cybersecurity performance and adequately communicate it to the board, senior executives, customers and critical stakeholders. The September 2019 commissioned study conducted by Forrester Consulting on behalf of Bitsight titled, Better Security And Business Outcomes With Security Performance Management, indicates that cybersecurity performance is critical to achieving commercial success. Among the study’s most interesting findings is that nearly two in five (38%) of enterprises admit they have lost business due to either a real or perceived lack of security performance within their organisation.
British firms are putting their livelihoods at risk by failing to ensure they are properly secure, new research has found. A study by Bitsight discovered that many companies have lost potential business due to failing to demonstrate they ensure their online safety.
It’s not just a handful of companies that are experiencing repercussions due to cybersecurity incidents. The reality is that cybersecurity is hitting the corporate bottom line for companies across the board. According to a recent study conducted by Forrester Consulting on behalf of Bitsight, nearly two in five (38%) of enterprises admit that they have lost business due to either a real or perceived lack of security performance within their organization. Nearly half of all executives surveyed in that same report admit that their ability to attract new customers was harmed following a security incident.
A sizeable 40 percent of CISOs have felt forced to use worst-case scenarios to gain the attention of decision makers, despite recognising the damaging side effects of a ‘Project Fear’ style approach rather than stating a precise business case, according to a new commissioned study by Forrester Consulting conducted on behalf of Bitsight. The report also found that companies are suffering from security data overload, with many firms having an average of nine different categories of security technologies in place.
Recent Bitsight research found that the average security performance rating across all federal agencies was at least 15 points higher than the mean security performance rating of any contractor sector. In other words, there is a significant security performance gap between federal agencies and their supply chain partners.
The time has come for agencies to prioritize this critical risk in their cybersecurity programs. There are steps agencies can take to more effectively measure, monitor and manage this challenge.
Bitsight Enterprise Analytics helps security and risk leaders quickly gain insight into the impact of risk introduced at the organizational group level – from subsidiaries to business units and departments – enabling them to identify the areas of highest risk concentration within their organizations.
The solution provides visibility into which groups have the biggest impact on their organizations' overall cyber risk posture and helps identify areas for security performance improvement.
Bitsight Enterprise Analytics takes the guesswork out of identifying risk concentration throughout and enhances security performance across distributed enterprise groups. The solution helps security and risk leaders simplify security programme monitoring, management and reporting by aligning risk management and communication with the existing business structure.
Bitsight reveals that, although initial patching efforts reached approximately 5,244 systems per day, the rate has decreased significantly in July. As of July 23, around 831 systems were being patched each day.
“Unfortunately, we might encounter a situation where the rate of patching tapers off leaving behind a legacy set of systems that remain vulnerable, perhaps unbeknownst to system operators,” Bitsight notes.
In a report published recently, cybersecurity firm Bitsight said it had seen over 788,000 systems that were still vulnerable to BlueKeep attacks as of July 23.