Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Big risks can come from small, sometimes unexpected places. When compared to all the other vendors you need to manage, you might not think of an image container for apps as a high priority -- but the recent breach of Docker Hub shows...
If you’ve done any research into improving network security, you’ve probably seen one suggestion repeated again and again: close your open ports.
Why is this such a common recommendation? Are open port vulnerabilities really a big deal?...
Last fall, news broke of the Marriott breach that compromised the records of up to 500 million customers. The data breach occurred through the IT company, a third party, that managed the Starwood reservation database.
Last week, Verizon published its annual Data Breach Investigations Report (DBIR) which details the major trends in data breaches observed over the previous year. This report has become a widely respected industry standard that companies...
If you’ve glanced at the opinion columns of security industry publications, you’ve probably seen the term “risk-based” floating around, as in “the time is now for a comprehensive, risk-based approach” or “a risk-based approach to security...
Penetration tests (a.k.a. pen tests) are point-in-time assessments of cybersecurity. They allow IT and security professionals to assess the adequacy of security controls, including intrusion detection and response systems, and identify...
Recently, BitSight and the Center for Financial Professionals (CeFPro) released a joint report that explores how financial services organizations are addressing challenges associated with third-party cyber risk management.
Due diligence processes for vendor procurement vary by company, industry, and region. Some regulatory bodies dictate due diligence practices, and some industry groups have adopted standardized processes. In addition, requirements may...
Security ratings are a data-driven, objective and dynamic measurement of an organization’s security performance. Thousands of organizations around the world use BitSight Security Ratings as a tool to address a variety of critical,...
© 2019 BitSight Technologies. All Rights Reserved. | Privacy Policy
Contact Us | BitSight Technologies | 111 Huntington Ave, Suite 2010, Boston, MA 02199 | +1-617-245-0469