BITSIGHT SECURITY RATINGS BLOG

This week, Microsoft ended support for the Windows 7 operating system. Among other implications, Microsoft will no longer issue security patches for the nine-year-old OS. Any organization relying on the OS moving forward could be...

Companies must build a “trust and verify” strategy when it comes to managing third party risk. Requesting documentation about a supplier’s security performance is good – but how can you verify it? How can you continuously review...

Cyber risk and regulatory compliance are two sides of the same coin in the Financial Services sector. Together, they spur Financial Services companies to take action to protect customers, their business and the global financial ecosystem...

The evolution of the technology environment and related security threats is so fast paced it often seems businesses and regulators are playing an endless game of catch-up.

The regulatory environment is evolving rapidly as national and international regulatory bodies attempt to keep pace with changing business models, technology infrastructure and continuously escalating cyberthreats. 

About 25 years ago, the evolution of the overall digital ecosystem necessitated the creation of the first CISO role. Now, 61% of companies have a CISO. 

Management consultants, accountants, public safety offices, marketing firms, and many more business and professional services organizations are high-value targets for cybercriminals due to the range of confidential client information they...

Cyber attacks are occurring more frequently and banks, insurance companies, and other financial services firms are prime targets. Due to the nature of these businesses and the sensitivity of their data, financial firms are hit with...

A new report from the Information Security Forum (ISF) contains some fascinating insights into how hackers probe and exploit people's psychological vulnerabilities to gain access to corporate systems. From phishing to "whaling" (targeting...