BITSIGHT SECURITY RATINGS BLOG

On October 19th, Forbes released its second annual list of soon-to-be billion-dollar startups. BitSight is proud to be part of this years’ list and excited about what the future holds for the company.

In our most recent BitSight Insights report, we discuss the pervasive issue that is ransomware. The report states that education has the highest rate of ransomware across all industries—and government comes in second. 

When using dozens, hundreds, even thousands of vendors, how safe is a company’s digital assets? According to a recent Ponemon Institute study, almost half of respondents (49%) said that they had experienced a data breach caused by a vendor...

Written with the assistance of Dan Dahlberg, Ethan Geil, and Ross Penkala.

Last Friday morning, a distributed denial of service (DDoS) attack was carried out against Dyn, a managed DNS provider that offers Internet services for Twitter,...

Whether you’re a security leader asked by the board to facilitate a cybersecurity audit, or a member of the board planning to request one, it’s crucial to know what is a cybersecurity audit, and what it isn’t. You need to know precisely...

In a recent Huffington Post article, Shared Assessments senior director Tom Garrubba discussed how third-party risk management has become an important topic to many executives and board members around the world. He recalls a conversation...

Hackers look at ransomware as a quick payday, so they are very opportunistic in terms of their ransomware attack strategy. They cast a wide net, but tend to focus on target industries they think are more likely to click their links.

Onboarding third-party vendors that will have access to your network and data can have dire consequences if you don’t have the ability to gauge vendor risk.

Bolek is a recent malware from the Kbot/Carberp family. We first heard about this malware from the cert.pl blog post in May 2016, and since then, a few others have published additional information about it (links below).

Last month, email giant Yahoo announced the compromise of 500 million user accounts—which is being called the largest breach from a single site in history. The breach compromised names, email addresses, telephone numbers, dates of birth,...

Ponemon Institute’s study, Data Risk in the Third-Party Ecosystem, highlights the challenges that companies face in protecting sensitive and confidential information shared with third parties.

• Of the respondents surveyed, 37 percent do...

Security Ratings are still a relatively new phenomenon. As a result, many security and risk professionals are still familiarizing themselves with how ratings work, the data used to compute ratings, and how ratings are put into action. We...