BITSIGHT SECURITY RATINGS BLOG

In light of recent widespread breaches and security incidents, such as the cyber attack targeting SolarWinds, security and risk managers are under more pressure than ever to prove that their cybersecurity investments are actually paying...

Not long ago, corporate executives would give only passing thoughts to their organization’s cybersecurity postures. Leadership and board members would take notice in the wake of a major data breach, for example, or a couple of times a...

While security ratings are a great way to demonstrate that you’re paying attention to the cyber health of the organization you also need to show that you’re adhering to industry and regulatory best practices for IT security and making...

Curated cyber risk reports are essential to ensuring that security performance management information gets communicated effectively to the right stakeholders across your organization. Of course, reporting falls on a long list of...

A week ago (which seems like a world ago given everything that’s happened with SolarWinds) Phil Venables -- formerly CISO of Goldman Sachs and now CISO of Google Cloud -- posted an interesting expose on security ratings this week. Phil...

Properly managing third party risk and preventing damaging outcomes that result from gaps in your vendor ecosystem can be difficult and costly. With the recent SolarWinds data breach wreaking havoc on thousands of organizations globally...

In light of the cyber attack targeting SolarWinds, security and risk professionals are working to identify instances of the Orion software within their organization -- including their broader partner ecosystem -- and reduce their...

The cyber attack targeting SolarWinds, a provider of network and system monitoring software, is shaping up to be one of the most significant attacks against a critical supply chain partner, with significant implications for national...

Effective communication between different members of your team can make all the difference when it comes to maintaining your desired security posture and preventing massive cyber incidents. Reports can play a critical role in these...

In today’s “new normal” operating environment, you’re contending with a growing attack surface, limited resources, and an increasingly remote workforce — all at once. Given these conditions, it’s more important than ever to have a solid

Boards are increasingly looking at cybersecurity as a crucial part of the business. The problem is, the board doesn’t always know what to look for or how cybersecurity impacts the business. What the board really wants to hear in the...