BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

Nobelium Attack Highlights Risk of Exposed Credentials

Microsoft recently announced that the threat actor Nobelium continues to target government agencies, think tanks, consultants, and non-government organizations with cyber attacks. 

READ MORE »

Cloud Security Risk: How to Address Common Threats with Continuous Monitoring

Spurred by the pandemic and a need for greater collaboration and business efficiency, cloud adoption is soaring. According to the Flexera 2021 State of the Cloud Report, spending on cloud services this year is predicted to be higher...

READ MORE »

The Impact of Flawed Pseudorandom Number Generators in Network Devices

Summary

To gauge the impact of flawed pseudorandom number generators in network devices, BitSight scanned the public Internet for RSA public keys and was able to factor the public modulus and recover the private keys for 41,225 network...

READ MORE »

Do You Have What it Takes to Achieve Digital Resilience?

The term “digital resilience” has gained momentum over the past few years as cybersecurity threats have grown, but what does it really mean? And how can a company become digitally resilient?

READ MORE »

Evidence-Based Strategies to Lower Your Risk of Becoming a Ransomware Victim

BitSight research demonstrated some organizations are more than eight times as likely to become ransomware victims.

READ MORE »

Cybersecurity Protection in the Wake of a Rough Six Months – Industry Experts Weigh In

In the six months since the SolarWinds supply chain attack there has been increased action in the cybersecurity breach world – and the bad actors aren’t letting up. This means that cybersecurity protection is more critical than ever. 

READ MORE »

Maximize Your Cybersecurity ROI With Financial Quantification

According to a Cybersecurity Ventures report, global cybercrime costs are expected to grow by 15% per year over the next five years — reaching $10.5 trillion USD annually by 2025. In light of this evolving threat environment and recent...

READ MORE »

Colonial Pipeline is Not Alone: Ransomware Risk in the U.S. Oil/Energy Sector

After last week’s catastrophic cyber incident targeting Colonial Pipeline, could more U.S. Oil and Energy companies be at risk of a ransomware attack? 

READ MORE »

What’s Most Notable in Biden’s Cybersecurity Executive Order?

In light of recent significant attacks targeting the U.S. government, the Biden administration issued an Executive Order (EO) on cybersecurity on May 8, 2021.

Overall, the EO starts to fill in some critical gaps in US government...

READ MORE »

How to Conduct a Supply Chain Risk Assessment at Scale

Vendors and third party partners are essential to helping your business grow and stay competitive. But outsourcing to third parties also dramatically increases your attack surface. A recent independent study by Opinion Matters found...

READ MORE »

BitSight Integrates With ServiceNow to Reduce Risk Throughout Vendor Management Programs

Organizations rely on third-parties to keep competitive in the marketplace. The EY global third-party risk management survey highlights that in 2019–20, over 33% of the 246 global companies surveyed were managing and monitoring...

READ MORE »

Your Attack Surface is Growing, Your Security Risk Assessments Should Evolve Too

Security risk assessments are an important tool in your organization’s arsenal against cyber threats. They shine a spotlight on areas of risk in your digital ecosystem, inform and prioritize mitigation strategies, and ensure hard-earned...

READ MORE »

What is Security Orchestration, Automation and Response (SOAR)?

A couple of years ago, industry research firm Gartner introduced a new acronym—SOAR—into the cybersecurity nomenclature. SOAR stands for “security orchestration, automation, and response.” It’s not an individual tool, or even set of...

READ MORE »

Celebrating 10 Years of BitSight: A Co-Founder Looks Back

It’s hard to believe, but BitSight is celebrating our 10 year anniversary this week! I co-founded BitSight in 2011 with my friend and grad school classmate, Nagarjuna Venna. When I think back at our original idea of creating a global...

READ MORE »

Optimize Your Cybersecurity Program With Financial Quantification

Now more than ever before, it’s critical to build a strategic security performance management program in which you take a risk-based, outcome-driven approach to measuring, monitoring, managing, and reporting on your organization’s...

READ MORE »

4 Best Practices for Attack Surface Management

Accelerated by the pandemic, digital ecosystems are expanding. New ways of working remotely, and the rapid adoption of cloud technologies have increased the number of digital touch-points that employees interact with. Unfortunately this...

READ MORE »
Load More

Get the Weekly Cybersecurity Newsletter.