Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Recent breaches making headlines all share a troubling characteristic. In each breach detailed below, the intrusions of company networks lasted months - or in other cases, even longer than a year. While no company is impervious to a...
I received the following questions from an inquisitive undergraduate student eager to learn more about BitSight and security ratings. He posed excellent and insightful questions, and I thought that I would share our exchange in case...
Recently we discussed three benefits for vendors related to their security rating, as we are asked about this often. We are also asked for best practices when communicating with your vendors about their security rating. We have many...
Third party breaches still account for a large percentage of security incidents. In fact, according to this year's Verizon DBIR report, in 70% of attacks where there was a known motive, a secondary victim was involved. These victims...
Vendor risk management professionals representing every industry gathered in Baltimore last week at the annual Shared Assessments conference. I am privileged to serve on the Advisory Board for Shared Assessments and found the conference...
The idea of telling a vendor or potential vendor that you've rated their security performance can be a little daunting. If someone has never heard of a BitSight Security Rating, being told that another company has been monitoring their...
