BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

How to Conduct a Cloud Security Audit: A 5-Step Checklist

For the first time, cloud security breaches and incidents are more commonplace than on-premises attacks. According to the 2021 Verizon Data Breach Investigations Report (DBIR), in 2020, 73% of cyberattacks involved cloud assets, compared...

READ MORE »

Threat Detection: What it is and How to Do it Effectively

We all know threat detection is important, but what exactly is it, and why is it so hard to do effectively? In light of recent cyber attacks on U.S. infrastructure and the ongoing threat from the group behind the SolarWinds breach, these...

READ MORE »

What are Software Supply Chain Attacks?

Software supply chain attacks have become increasingly prevalent over the last couple of years. Noted as the first large-scale attack in recent months, the SolarWinds data breach wreaked havoc on supply chains across a multitude of...

READ MORE »

Report to the Board Effectively With Financial Quantification

As the digital transformation of enterprises continues to accelerate, cyber risk remains a top concern for business leaders. But cyber risk is often thought about in technical terms as opposed to business terms — making it more important...

READ MORE »

Nobelium Attack Highlights Risk of Exposed Credentials

Microsoft recently announced that the threat actor Nobelium continues to target government agencies, think tanks, consultants, and non-government organizations with cyber attacks. 

READ MORE »

Cloud Security Risk: How to Address Common Threats with Continuous Monitoring

Spurred by the pandemic and a need for greater collaboration and business efficiency, cloud adoption is soaring. According to the Flexera 2021 State of the Cloud Report, spending on cloud services this year is predicted to be higher than...

READ MORE »

The Impact of Flawed Pseudorandom Number Generators in Network Devices

Summary

To gauge the impact of flawed pseudorandom number generators in network devices, BitSight scanned the public Internet for RSA public keys and was able to factor the public modulus and recover the private keys for 41,225 network...

READ MORE »

Do You Have What it Takes to Achieve Digital Resilience?

The term “digital resilience” has gained momentum over the past few years as cybersecurity threats have grown, but what does it really mean? And how can a company become digitally resilient?

READ MORE »

Evidence-Based Strategies to Lower Your Risk of Becoming a Ransomware Victim

BitSight research demonstrated some organizations are more than eight times as likely to become ransomware victims.

READ MORE »
Load More

Subscribe to get security news and updates in your inbox.