Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
Learn what the disturbing ransomware trends means for your organization and third-party vendors.
Rapidly evolving risk and the digitization of banking is creating new threats. Here are three cybersecurity in banking trends to watch this year.
Learn how to protect your organization’s “crown jewels” with these do’s and don’ts of sensitive data sharing with vendors.
What is information risk management? Learn more about how the classic equation of threat x vulnerability x consequence helps inform your cybersecurity risk management strategy.
The Digital Operational Resilience Act is set to go into action in early 2022. Learn how Bitsight can help your organization meet the compliance requirements.
Cyber risk mitigation and remediation are often talked about in the same terms. But they are different. Learn how you can optimize both.
What does your organization consider an acceptable level of inherent cyber risk in its vendor portfolio? Learn how to establish that threshold and focus resources where they’re needed most.
Learn how to use cyber risk data to protect your organization and its financial assets.
Cybersecurity is a priority for any organization and a big-ticket budget line item. But before investments in security are made, your organization must understand what it is doing right and where improvements to your cybersecurity program are needed.
Typically, this involves conducting a periodic security audit. But these assessments only capture a point-in-time view of the effectiveness of your security controls – and are incredibly resource-intensive.
Typically, this involves conducting a periodic security audit. But these assessments only capture a point-in-time view of the effectiveness of your security controls – and are incredibly resource-intensive.
Five of the most critical vendor evaluation tools that you should have in your cybersecurity risk management toolkit.
You can’t reduce the cyber risks faced by your organization if you don’t know what you’re up against. That’s the purpose of a vulnerability probe.
There are many ways that a bad actor can infiltrate your IT infrastructure and begin sifting through your data. These vulnerable entry points are known as risk vectors and include insecure endpoints, unsupported mobile devices, unpatched systems, and more.
You've worked hard all year to prioritize your organization's resources to tackle the riskiest vulnerabilities in your cybersecurity program. But when you bring your progress to the board of directors, excited to demonstrate your success, your reports about patched network configurations, DNS configurations, botnet sinkholes, and more are met with blank stares.
Work from home practices introduce significant cyber risk to any organization. Worryingly, Bitsight research discovered that remote office networks are 7.5 times more likely to have at least five distinct malware families on them than a corporate network.
As remote workforces become the norm, this should ring alarm bells for security leaders. When an employee uses a corporate device on a home network, malware can propagate to the corporate network. This is especially problematic given user behavior and the dynamics of home networks. In 52% of cases, corporate-issued devices are used by family members or trusted friends. These assets also share the same network as potentially insecure IoT devices such as alarm systems, smart TVs, refrigerators, and more.
As remote workforces become the norm, this should ring alarm bells for security leaders. When an employee uses a corporate device on a home network, malware can propagate to the corporate network. This is especially problematic given user behavior and the dynamics of home networks. In 52% of cases, corporate-issued devices are used by family members or trusted friends. These assets also share the same network as potentially insecure IoT devices such as alarm systems, smart TVs, refrigerators, and more.
While the ongoing wave of digital transformation opens exciting opportunities for innovation, it also widens your attack surface.