Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

Are you aware of the security risks in your partner networks?

Earlier this year, The Ponemon Institute published a report that we at BitSight have referenced many times.  The report is called "Securing Outsourced Consumer Data" and discusses the results of a survey of 748 organizations who share...


How do you build the information security workforce of tomorrow?

A recurring topic of discussion in the news has been the shortage of available talent in the information security industry.  As an adjunct professor at Northeastern University and the Director of Operations at BitSight, this is an area...


Thoughts on the Future of Security Risk Measurement from SIRACon

Having just returned from my first SIRACon, I'd like to take a few moments to record my thoughts. Overall, the conference was fantastic. The talks were superb and the small size allowed me to rub shoulders with most everyone. Thinking...


Cyber Risk Emerges as an Independent Category of Enterprise Risk Reporting

This post is contributed by guest blogger Michael Duffy, a member of BitSight's Board of Directors.  Michael is the former president and CEO of OpenPages, a leading provider of Enterprise GRC Solutions acquired by IBM In 2010.


Weekly Security Risk Management News Round-Up - 10/14/13

When Companies Are Hacked, Customers Bear the Brunt. But Not for Long.

This article from the New Republic examines two lawsuits that question who is liable for a breach caused by a third party.  


Lessons From the BPP: Frequent Measurement Yields Invaluable Insights

When it comes to accurately quantifying the state of security in any given organization, time is such a precious commodity. Threats and internal configurations change so rapidly that it can be tough to zero in on a solid read of a risk...


Webinar: Managing Information Security Risk in Your Partner Ecosystem

I'm excited to announce that BitSight has partnered with iSMG for a webinar series beginning in October! Securosis analyst and President, Mike Rothman will present along side BitSight CTO and Co-founder Stephen Boyer.


Weekly Security Risk Management News Round-Up - 9/30/13

More security and risk news from around the web for the week of September 30, 2013.


In Search of Useful Models

I was in graduate school when I first heard the well-known quote by statistician George Box: “Essentially, all models are wrong, but some are useful."

Load More

Subscribe to get security news and updates in your inbox.