Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

Team Fun In The Summer Sun: Community Engagement at BitSight

Here @BitSight, we are committed to our mission to transform the understanding of cyber risk through the usage of Security Ratings. It’s pretty serious stuff and involves lots of inspiration and even more perspiration. BUT we are not...


Cybersecurity In The Boardroom: A Complete Guide For Security Professionals

CISOs, CIOs, and other security professionals are taking on huge roles of some of the largest organizations in the world to provide details on better data protection and security. They win business, which translates into profitability...


The “Swap” Model: Is Your Goal to Mitigate Risk...Or Just Move it Around?

In today’s security ratings services market, a few companies have offerings described as “swaps” or “slots.” When considering third party monitoring, this gives organizations the option to “trade out” which vendors they are monitoring...


Meet Our Engineers: Caroline Gallagher

Want to know what it’s like to be an engineer at BitSight? Check out this Q&A with a member of our engineering team to learn about her role as a software engineer, her experience, and more.


How To Balance Speed & Quality In Cyber Underwriting Practices

As an underwriter who’s constantly trying to balance being both quick and careful, the worst thing you can do is treat every single applicant the same. Doing so can ultimately be setting you up to take on more risk than you’d expect. Of...


What Is Endpoint Security & Why Is It Important?

From an IT perspective, an important part of endpoint security refers to ensuring that the endpoint devices connected to your network—computers, laptops, mobile devices, tablets, etc.—are running on the latest version or patch to all...


Scaling Our SPA

BitSight recently completed a reorganization of a large part of our Single Page Application (SPA) code. Our goal was to make our codebase more scalable and developer-friendly by adding a few simple rules for where different parts of the...


Risk Management Principles To Best Combat Vendor Cybersecurity Threats

Organizations today aren’t single entities—they are interconnected networks of third parties. While third party relations are critical for success in the majority of businesses, they also leave data more vulnerable to exposure. In...


How Practitioners Can Share Their Security Expertise With the Board

There’s no doubt that organizations understand the value of implementing strong cybersecurity programs and encouraging their third parties to do the same. As data breaches continue worldwide, 63% of those breaches are caused through a...


Cybersecurity Team Structure: 7 Important Roles & Responsibilities

You’ve heard it said that a chain is only as strong as its weakest link. When it comes to your cybersecurity team, this adage couldn’t be more appropriate. If you want this team to perform with both diligence and accuracy, it’s critical...


Why You Should Consider Aggregate Portfolio Risk In Your Book Of Business

Considering aggregate portfolio risk is critical for insurance companies—which means it’s important to differentiate between concentration risk and aggregation risk. 

Load More

Get the Weekly Cybersecurity Newsletter.