BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

Top 3 Most Common Cybersecurity Models Explained

Security risk managers often face a lot of the same roadblocks, even if they’re managing programs of different sizes or in different industries. Basing security practices on well-known, and sometimes government-regulated cybersecurity...

READ MORE »

5 Tips to Improve Cyber Security Monitoring of Your Vendors

What’s the biggest struggle your vendor risk managers face when establishing cyber security monitoring processes? From sudden increases in the use of third-parties by your organization, to not knowing which vendors might be impacted by the...

READ MORE »

Elevate Cyber Risk to Business Risk With Financial Quantification

There’s no question about it: Being exposed to cyber risk is an inevitable part of doing business in today’s world. In fact, a recent ESG study found that 82% of organizations believe that cyber risk has increased over the past two years.

READ MORE »

What We Can Learn About Backdoor Attacks From WordPress

Millions of organizations world-wide rely on WordPress for website creation and management. In fact, currently there are over 75 million sites that use WordPress for their operations. The Walt Disney Company, BBC America, Microsoft News,...

READ MORE »

What You Are and Aren’t Responsible for Under Cyber Risk Insurance

It’s not hard to justify why you need property insurance when you’re surrounded by your physical goods that you don’t want to be lost or damaged in your home or business. So why isn’t cybersecurity the same?

READ MORE »

BitSight Observations Into Hafnium Part Four: Who Is Still Vulnerable?

The unfolding Hafnium attack is the latest event in the trend of cyber events. CISO’s are starting to recognize that enterprise cyber security is being redefined to mean me and all my suppliers, or  the combination of first and third party...

READ MORE »

Common Cloud Service Providers Are Not Immune To Cyber Attacks

Oftentimes, security managers fall into the trap of believing that a large or commonly used cloud services organization is safe to have connected to their network. Cloud services providers aren’t immune to bad actors targeting their...

READ MORE »

BitSight Observations Into HAFNIUM Attacks, Part Three: Exploitation and Vulnerability Persists

Organizations around the globe continue to address the fallout from the Microsoft Exchange Server zero-day attacks. It was recently announced that hackers may now be exploiting the vulnerabilities in Exchange to drop ransomware into...

READ MORE »

Why The DOD Is Making Cybersecurity Maturity Evaluation Mandatory (And Why You Should Too)

Government agencies in the United States are yet again suffering from a widespread data hack, this time originating from Microsoft Exchange servers. This breach comes less than five months after the SolarWinds breach exposed vulnerabilities

READ MORE »
Load More

Subscribe to get security news and updates in your inbox.