Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

Fatal Attraction: How Optimism Bias Extends to the Third Party

Our recent BitSight blog post Cyber Security Risk: Perception versus Reality in Corporate America resonated with many in the infosec community and was even picked up by WIRED’s Innovation Insights and cited in a Forbes article by Howard 


Risk 101: SSL Key Indicator in Security Effectiveness

This post is part of the Risk 101 series.

Our use of the Internet can be characterized as a state of constant data exchange.  While the exchanges of data between users and machines are often passive, when we are consuming information...


Managing Third Party Security Risk in the Critical Infrastructure

There’s no shortage of challenges when it comes to securing the critical infrastructure. These are very complex, interconnected systems, and highly motivated, potentially well-trained and funded adversaries target them. And should...


Why a Proactive Approach to Vendor Risk Management is Necessary

When third party vendors, partners, processors and contractors find out about a breach of your customers' data, do you know what their notification practices are? Would you be surprised to know that almost a full third of them probably...


RSA Recap: Will National Standards Help Reduce Security Risk?

Last week I had the opportunity to be in San Francisco for the RSA conference and Metricon 9. The discussion at the conference and what is now coming out in news reports is that this was the largest RSA event to date in terms of...


Cyber Security Risk: Perception vs Reality in Corporate America

In February, BitSight released a new BitSight Insight examining the cyber health of the U.S. economy and found that 82% of the 460 companies assessed had an externally observable security compromise in 2013. Examples of security events...

Load More

Get the Weekly Cybersecurity Newsletter.