BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

Colonial Pipeline is Not Alone: Ransomware Risk in the U.S. Oil/Energy Sector

After last week’s catastrophic cyber incident targeting Colonial Pipeline, could more U.S. Oil and Energy companies be at risk of a ransomware attack? 

READ MORE »

New Study Reveals Cybersecurity Risks in the World’s Largest Airports

Back in 1990, Hollywood producers imagined a complex plot in which an army of mercenaries with malicious intent hack into and take over the air traffic control system at Washington Dulles International Airport. The result was the...

READ MORE »

From Framework to Application: Security Ratings and NIST

This is the introductory post in a series exploring how security ratings can address key aspects of the National Institutes of Standards and Technology’s (NIST) Framework for Improving Critical Infrastructure Cybersecurity. The purpose...

READ MORE »

Security Performance in the Utilities Sector: Steps for Progress

For years, it has been widely-known that the Utilities industry has struggled with cyber security in relation to other industries. In 2014, Unisys and the Ponemon Institute found that 70% of Utility companies surveyed around the world...

READ MORE »

2015 Information Security Predictions Round-up

It's the time of year that every media outlet talks about predictions and resolutions. We've compiled a list of the most interesting and/or relevant information security predictions for 2015 and added a few of our own, courtesy of...

READ MORE »

How You Can Avoid Becoming the Next Sony

As you've heard by now, Sony Pictures suffered a major breach in November, and is still feeling the consequences of it. The FBI warned that other companies could be attacked with similar malware, but that isn't the only reason you...

READ MORE »

Managing Third Party Security Risk in the Critical Infrastructure

There’s no shortage of challenges when it comes to securing the critical infrastructure. These are very complex, interconnected systems, and highly motivated, potentially well-trained and funded adversaries target them. And should...

READ MORE »
Load More

Get the Weekly Cybersecurity Newsletter.