BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

5 Essential Elements of a Municipal Cyber Security Plan

Cyberattacks on state and local governments are on the rise. In 2020, more than 100 government agencies, including municipalities, were targeted with ransomware – an increasingly popular attack vector. 

These incidents are costly and...

READ MORE »

Template: Everything you Need to Craft a Supplier Risk Management Plan

Third-party vendors are a vital part of your business ecosystem. But if you’re not careful, these companies can introduce cyber risk. The SolarWinds supply chain hack is a notable example of the jeopardy that even the most trusted...

READ MORE »

How to Conduct a Cloud Security Audit: A 5-Step Checklist

For the first time, cloud security breaches and incidents are more commonplace than on-premises attacks. According to the 2021 Verizon Data Breach Investigations Report (DBIR), in 2020, 73% of cyberattacks involved cloud assets,...

READ MORE »

Threat Detection: What it is and How to Do it Effectively

We all know threat detection is important, but what exactly is it, and why is it so hard to do effectively? In light of recent cyber attacks on U.S. infrastructure and the ongoing threat from the group behind the SolarWinds breach,...

READ MORE »

What are Software Supply Chain Attacks?

Software supply chain attacks have become increasingly prevalent over the last couple of years. Noted as the first large-scale attack in recent months, the SolarWinds data breach wreaked havoc on supply chains across a multitude of...

READ MORE »

Report to the Board Effectively With Financial Quantification

As the digital transformation of enterprises continues to accelerate, cyber risk remains a top concern for business leaders. But cyber risk is often thought about in technical terms as opposed to business terms — making it more...

READ MORE »

Nobelium Attack Highlights Risk of Exposed Credentials

Microsoft recently announced that the threat actor Nobelium continues to target government agencies, think tanks, consultants, and non-government organizations with cyber attacks. 

READ MORE »

Cloud Security Risk: How to Address Common Threats with Continuous Monitoring

Spurred by the pandemic and a need for greater collaboration and business efficiency, cloud adoption is soaring. According to the Flexera 2021 State of the Cloud Report, spending on cloud services this year is predicted to be higher...

READ MORE »

The Impact of Flawed Pseudorandom Number Generators in Network Devices

Summary

To gauge the impact of flawed pseudorandom number generators in network devices, BitSight scanned the public Internet for RSA public keys and was able to factor the public modulus and recover the private keys for 41,225 network...

READ MORE »
Load More

Subscribe to get security news and updates in your inbox.