Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

Breach Notification: Even Those Who Know, Don’t Know Enough

Since California became the first state to enact a security breach notification law in 2001, 46 states and the District of Columbia have enacted similar disclosure laws.  These laws follow similar basic tenets that “companies must...


Cyber Insurance: Looking at Third Party Risk

The tremendous growth in cyber insurance is being fueled in part by the desire of companies to cede some of the risk of a cyber breach to insurers.  In many cases insurers are eager to take on this risk – provided they can objectively...


BitSight Bits: Measuring and Mitigating Risk with Security Ratings

Last week Stephen Boyer, CTO and Co-Founder of BitSight, and Oliver Brew, VP of Professional, Privacy and Technology Liability at Liberty International Underwriters, hosted a webinar titled, "Security Ratings: A Big Data Approach to...


Arts and Craftiness: Data Breach at Michaels

I love shopping at Michaels. It allows people of all ages to express themselves. From paint by number kits, to beads and professional grade oils and varnishes, Michael’s sells products that allow us to, as Pablo Picasso said, “wash away...

Interest in Financial Services Third Party Risk Rising

There’s certainly been a lot of talk about third party risks recently. There’s been the fallout from the Target breach, and the role a subcontractor played in that incident. Then there was the U.S. Department of Homeland Security...


BitSight Reacts to Cyber Security Topics in the News

As major stories about information security risk continue to capture the attention of the news media, BitSight has become a part of the national conversation on cyber security. We have been featured in both local and national...


Hearts Bleed Over Latest SSL Vulnerability

On April 7, the open-source OpenSSL project issued an advisory regarding a critical vulnerability identified as CVE-2014-0160 and called “Heartbleed.” This flaw, which takes advantage of OpenSSL’s heartbeat feature, has been present in...


Security Ratings: A Big Data Approach to Mitigating and Measuring Risk

In the past year data breaches have become a fixture on the news cycle. The major breaches across multiple industries have also caught the attention of business leaders, with a recent study noting that CEOs and senior executives rank...


Our Reach (Usually) Exceeds Our Grasp

In his insightful book that was published in 1984, "Normal Accidents", Charles Perrow lays out how many modern complex and/or interconnected systems designed by humans fail in myriad ways due to causes that were either not anticipated...


Make Risk Management More Effective with Security Ratings

Today many organizations take a check-box approach to network security. By purchasing security products, meeting compliance standards and performing audits, businesses gain some insight into their security posture and those of third...


A Q&A with the authors of Data-Driven Security: Analysis, Visualization and Dashboards

If you want to know what the state of the art is when it comes to using data to help secure systems, no analysis would be complete without speaking with both Bob Rudis and Jay Jacobs, co-authors of Data-Driven Security: Analysis,...

Load More

Get the Weekly Cybersecurity Newsletter.