BITSIGHT SECURITY RATINGS BLOG

It is well understood that an organization can never be 100% safe from data breaches—but it is possible to lower your company’s likelihood of experiencing a breach by using a number of good cybersecurity practices. Below, we’ve outlined...

A chief information security officer (CISO) is a senior-level executive who wears many hats in the realm of cybersecurity—but is primarily responsible for translating complex business problems into effective information security controls. 

Vendor management spans a wide variety of topics: from contracts, to metrics, to relationships, and beyond. But one of the most critical aspects of vendor management—particularly for a CISO—is how to manage the risk your vendors bring to...

In June 2016, we observed an all time high of number of infections worldwide, breaking the previous record and raising the number of unique active observed IPs to 20,579,894 measured over a 7 day time window.

Most Boards today know that cybersecurity is a critical issue that simply cannot be overlooked — which means many Boards today receive regular briefings on the topic. If you’re a new CIO or CISO (or your organization has just begun this...

One of the primary roles of senior executives—from the CISO to the general council and all the way up to the board of directors—is to ensure that an organization has policies set in place for cybersecurity.

In 2002 California became the first state to pass a data breach notification law, requiring companies doing business in the state to disclose any breach of the security of computerized data including personal information. The law went into...

The importance—and urgency—of cybersecurity measures have become increasingly visible in recent years. Yearly industry reports from the likes of Verizon, Trustwave, and PwC all express the importance of cybersecurity measures and the...

Surveys highlighting third-party security and supply chain risk management best practices are conducted regularly. Many of them draw a similar conclusion: that supply chain risk management is a critical issue IT professionals are aware of,...

Organizations have come to depend on cloud service providers for key services - from email and domain registrars, to payment processors and certificate authorities. According to the 2015 Cloud Computing Survey by IDG, 72% of organizations...

Recently, BitSight commissioned Forrester Consulting to examine the practices of IT decision-makers as they relate to monitoring and managing third-party risk. From the survey, we learned that 59% of IT decision-makers indicated a desire...

Despite all the complex cybersecurity threats facing organizations around the globe, employee behavior often leads to security compromise. In a recent Experian survey, 66% of data protection and privacy training professionals say employees...