BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

As the Capital One Breach Proves, Effective CISO Leadership Starts with Culture

As the fallout from the Capital One data breach continues, new lessons are being learned. Although technical failings were at the heart of the breach, a recent article in the The Wall Street Journal points to a series of overlooked issues...

READ MORE »

A Security Operations Center Report Template for Executive Buy-in

A monthly or quarterly report is a great way to summarize a SOC’s performance and uncover insights for executive leadership. But as a security and risk manager or executive, what information should you request from the managers who report...

READ MORE »

How Much Does a Data Breach Cost in 2019?

This post was originally published October 31, 2016 and has been updated for accuracy and comprehensiveness

READ MORE »

Study: Hackers Look to Maximize Damage With New Ransomware Strategy

Cybersecurity threats are becoming more sophisticated, targeted, and potentially catastrophic. This is particularly true of the most dominant form of cyberattack – ransomware.

Rather than a mass opportunistic, shotgun approach to...

READ MORE »

Who Reports to Whom? CISO, CIO, CEO: Cybersecurity Reporting Structures

Cybersecurity and cyber risk are increasingly getting their own C-suite positions. From 2016 to 2017, the number of organizations with a CISO (chief information security officer) rose from 50% to 65%. Other security and risk-related...

READ MORE »

SOC Stress: The Security Threat That Nobody is Talking About

Stress and burnout is emerging as perhaps the biggest threat to corporate security. Long hours, alert overload, and a lack of visibility into their IT infrastructure have many security professionals reconsidering their chosen careers.

READ MORE »

It’s Time for CISOs to Take a Seat at the Table

It doesn’t matter what business you’re in — cybersecurity has become extremely important to both your organization’s reputation and its bottom line. According to reports, the average cost of a data breach is $3.86 million.

READ MORE »

Worthwhile TPRM Certifications for Security & Risk Professionals

As the importance of third-party risk management (TPRM) continues to grow, organizations are hiring for related roles more seriously than ever before. To compensate, security and risk professionals are seeking out certification programs in...

READ MORE »

Cloud Security: Lessons Learned from the Capital One Data Breach

2019 has already been rife with cybersecurity woes. Unfortunately, as we enter the second half of the year, things are going from bad to worse. 

The recent Capital One data breach compromised the personal data of more than 100 million...

READ MORE »

State of BlueKeep Exposure & Insight Into Affected Systems

In the weeks since our previous post, we’ve seen development in the security community withthe release of an exploit into a commercial product as well as the announcement of theunreleased integration of an exploit into Rapid7’s Metasploit...

READ MORE »

Which Third-Party Risk Management Tools Do You Really Need?

With high-profile breaches being traced back to supply chain vulnerabilities and a regulatory environment that’s waking up to the realities of vendor risk, many organizations are investing heavily in third-party risk management (TPRM)...

READ MORE »

CISOs Are Burning Out: Here’s How to Fix It

Everyone experiences stress in their jobs, but security leaders may have it worse than most. According to Dark Reading, 60% of CISOs admit they rarely disconnect from work, while 88% work more than 40 hours per week. It’s no surprise that...

READ MORE »
Load More

Subscribe to get security news and updates in your inbox.