BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

What You Are and Aren’t Responsible for Under Cyber Risk Insurance

It’s not hard to justify why you need property insurance when you’re surrounded by your physical goods that you don’t want to be lost or damaged in your home or business. So why isn’t cybersecurity the same?

READ MORE »

BitSight Observations Into Hafnium Part Four: Who Is Still Vulnerable?

The unfolding Hafnium attack is the latest event in the trend of cyber events. CISO’s are starting to recognize that enterprise cyber security is being redefined to mean me and all my suppliers, or  the combination of first and third...

READ MORE »

Common Cloud Service Providers Are Not Immune To Cyber Attacks

Oftentimes, security managers fall into the trap of believing that a large or commonly used cloud services organization is safe to have connected to their network. Cloud services providers aren’t immune to bad actors targeting their...

READ MORE »

BitSight Observations Into HAFNIUM Attacks, Part Three: Exploitation and Vulnerability Persists

Organizations around the globe continue to address the fallout from the Microsoft Exchange Server zero-day attacks. It was recently announced that hackers may now be exploiting the vulnerabilities in Exchange to drop ransomware into...

READ MORE »

Why The DOD Is Making Cybersecurity Maturity Evaluation Mandatory (And Why You Should Too)

Government agencies in the United States are yet again suffering from a widespread data hack, this time originating from Microsoft Exchange servers. This breach comes less than five months after the SolarWinds breach exposed...

READ MORE »

BitSight Observations Into HAFNIUM Attacks, Part Two: Unpatched Exchange Servers Remain Vulnerable

Microsoft Exchange is a critical business software used by organizations around the world for email. Sensitive data and communications are stored and transacted on the platform daily. In an unusual situation, threat actors have...

READ MORE »

Should Security Ratings Require Independent Verification?

As a recent Forrester report highlighted, there are many cybersecurity ratings available. Security ratings have a valuable place in your overall cyber risk mitigation strategy, for many reasons.

Not all security ratings are equal though.

READ MORE »

BitSight Observations Into the HAFNIUM Attacks: Part One

On March 2, Microsoft announced that it has detected multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server. According to Microsoft, in the attacks observed, cybersecurity threat actors used...

READ MORE »

BitSight Is A Partner for Cybersecurity In Law Enforcement

You can tell a lot about someone by the company they keep, and the same goes for your security ratings partner. All security ratings are not created equal.

READ MORE »

Shadow IT: Your Urgent Questions Answered

Your IT department spends a great deal of time distributing security information and maintaining your organization’s internal security processes. Unfortunately, a persistent threat, deemed shadow IT, is still making its way into your...

READ MORE »

How To Prevent Organizational Data Leaks In 2021

It’s every security manager's worst nightmare. A member of the IT department reaches to alert that malicious software has been detected on an internal network, and the hacker potentially has access to layers of sensitive data. In the...

READ MORE »
Load More

Get the Weekly Cybersecurity Newsletter.