Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

Forbes Names BitSight as one of the Next Billion-Dollar Startups of 2016

On October 19th, Forbes released its second annual list of soon-to-be billion-dollar startups. BitSight is proud to be part of this years’ list and excited about what the future holds for the company.


Ransomware's Impact On Government Cybersecurity

In our most recent BitSight Insights report, we discuss the pervasive issue that is ransomware. The report states that education has the highest rate of ransomware across all industries—and government comes in second. 


What Is Cyber Risk and How Does It Affect Selecting Vendors?

When using dozens, hundreds, even thousands of vendors, how safe is a company’s digital assets? According to a recent Ponemon Institute study, almost half of respondents (49%) said that they had experienced a data breach caused by a...


DNS Outage Sheds Light on Service Provider Reliance and Cyber Risk Aggregation

Written with the assistance of Dan Dahlberg, Ethan Geil, and Ross Penkala.

Last Friday morning, a distributed denial of service (DDoS) attack was carried out against Dyn, a managed DNS provider that offers Internet services for Twitter,...


Cybersecurity Audit Vs. Assessment: Which Does Your Program Need?

Whether you’re a security leader asked by the board to facilitate a cybersecurity audit, or a member of the board planning to request one, it’s crucial to know what is a cybersecurity audit, and what it isn’t. You need to know precisely...


Technology Resiliency & Outsourcing (TRO): Familiarize Yourself

In a recent Huffington Post article, Shared Assessments senior director Tom Garrubba discussed how third-party risk management has become an important topic to many executives and board members around the world. He recalls a...


13% Of The Higher Education Sector Has Been Infected With Ransomware

Hackers look at ransomware as a quick payday, so they are very opportunistic in terms of their ransomware attack strategy. They cast a wide net, but tend to focus on target industries they think are more likely to click their links.


Ideas For Incorporating Continuous Risk Assessment Software Into New Vendor Selection

Onboarding third-party vendors that will have access to your network and data can have dire consequences if you don’t have the ability to gauge vendor risk.


Bolek – An evolving botnet targets Poland and Ukraine

Bolek is a recent malware from the Kbot/Carberp family. We first heard about this malware from the blog post in May 2016, and since then, a few others have published additional information about it (links below).


Takeaways From Yahoo's 500-Million-Account Breach

Last month, email giant Yahoo announced the compromise of 500 million user accounts—which is being called the largest breach from a single site in history. The breach compromised names, email addresses, telephone numbers, dates of...


Simplifying Vendor Selection Criteria Using Security Ratings

Ponemon Institute’s study, Data Risk in the Third-Party Ecosystem, highlights the challenges that companies face in protecting sensitive and confidential information shared with third parties.

  • Of the respondents surveyed, 37 percent do...

Debunking Security Rating Myths

Security Ratings are still a relatively new phenomenon. As a result, many security and risk professionals are still familiarizing themselves with how ratings work, the data used to compute ratings, and how ratings are put into action....

Load More

Get the Weekly Cybersecurity Newsletter.