BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

How to Prove Your Organization’s Cybersecurity Investment is Paying Off

In light of recent widespread breaches and security incidents, such as the cyber attack targeting SolarWinds, security and risk managers are under more pressure than ever to prove that their cybersecurity investments are actually paying...

READ MORE »

Use the right cybersecurity analytics to make a business case for risk management

Not long ago, corporate executives would give only passing thoughts to their organization’s cybersecurity postures. Leadership and board members would take notice in the wake of a major data breach, for example, or a couple of times a year...

READ MORE »

7 Cybersecurity Frameworks That Help Reduce Cyber Risk

While security ratings are a great way to demonstrate that you’re paying attention to the cyber health of the organization you also need to show that you’re adhering to industry and regulatory best practices for IT security and making...

READ MORE »

5 Core Elements of a Risk-Based Cybersecurity Dashboard

Curated cyber risk reports are essential to ensuring that security performance management information gets communicated effectively to the right stakeholders across your organization. Of course, reporting falls on a long list of...

READ MORE »

A response to Security Ratings - Love, Loathe or Live With Them

A week ago (which seems like a world ago given everything that’s happened with SolarWinds) Phil Venables -- formerly CISO of Goldman Sachs and now CISO of Google Cloud -- posted an interesting expose on security ratings this week. Phil has...

READ MORE »

Best Practices For Managing Third Party Risk

Properly managing third party risk and preventing damaging outcomes that result from gaps in your vendor ecosystem can be difficult and costly. With the recent SolarWinds data breach wreaking havoc on thousands of organizations globally,...

READ MORE »

BITSIGHT ANALYSIS OF SOLARWINDS ORION — PART 2: DECLINING PREVALENCE

In light of the cyber attack targeting SolarWinds, security and risk professionals are working to identify instances of the Orion software within their organization -- including their broader partner ecosystem -- and reduce their...

READ MORE »

BitSight Analysis of SolarWinds Orion Breach — Part 1: Prevalence

The cyber attack targeting SolarWinds, a provider of network and system monitoring software, is shaping up to be one of the most significant attacks against a critical supply chain partner, with significant implications for national...

READ MORE »

What Does Risk-Based Cybersecurity Reporting Look Like?

Effective communication between different members of your team can make all the difference when it comes to maintaining your desired security posture and preventing massive cyber incidents. Reports can play a critical role in these...

READ MORE »

3 Steps to Building an Effective Cyber Risk Strategy

In today’s “new normal” operating environment, you’re contending with a growing attack surface, limited resources, and an increasingly remote workforce — all at once. Given these conditions, it’s more important than ever to have a solid ...

READ MORE »

What Cybersecurity Questions the Board Really Wants Answered in Your Next Report

Boards are increasingly looking at cybersecurity as a crucial part of the business. The problem is, the board doesn’t always know what to look for or how cybersecurity impacts the business. What the board really wants to hear in the next...

READ MORE »
Load More

Subscribe to get security news and updates in your inbox.