BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

What the Gramm-Leach-Bliley Act Means for Financial Services Cybersecurity

For obvious reasons, the financial services industry has had the unfortunate distinction of being one of the largest high value targets for threat actors. Research shows that financial services businesses experience 300 more cyber...

READ MORE »

FFIEC IT Handbook Updates: Business Continuity Is 2020 Focus

In November 2019, the Federal Financial Institutions Examination Council (FFIEC) released an update to the Information Technology Examination Handbook (IT Handbook). This handbook is a guide for examiners at its member agencies, which...

READ MORE »

Cloud outsourcing poses new challenges for regulators and Financial Services

Cyber risk and regulatory compliance are two sides of the same coin in the Financial Services sector. Together, they spur Financial Services companies to take action to protect customers, their business and the global financial...

READ MORE »

Financial services in Asia Pac face regulatory driven scrutiny of cyber risk management

The evolution of the technology environment and related security threats is so fast paced it often seems businesses and regulators are playing an endless game of catch-up.

READ MORE »

Control and Accountability: The New Watchwords for Regulatory Compliance

The regulatory environment is evolving rapidly as national and international regulatory bodies attempt to keep pace with changing business models, technology infrastructure and continuously escalating cyberthreats. 

READ MORE »

CISO Education Requirements: Degrees, Training Courses, and Certifications

About 25 years ago, the evolution of the overall digital ecosystem necessitated the creation of the first CISO role. Now, 61% of companies have a CISO. 

READ MORE »

Third-Party Cyber Risk: Blind Spots, Emerging Issues & Best Practices

Recently, BitSight and the Center for Financial Professionals (CeFPro) released a joint report that explores how financial services organizations are addressing challenges associated with third-party cyber risk management.

READ MORE »

Is Your Risk Management Program Ready for the New European Banking Authority’s Guidelines?

In June 2018, the European Banking Authority (EBA) put forth guidelines on outsourcing arrangements that highlighted the importance of risk management within financial organizations. The notice of these guidelines was announced in June...

READ MORE »

The Time is Now: NYDFS Deadline Means Risk Managers Need to Focus on Third-Party Risk

In March 2017, the New York Department of Financial Services (NYDFS) cybersecurity regulations — known as 23 NYCRR Part 500 — went into effect. According to the regulation, “any Person operating under or required to operate under a...

READ MORE »
Load More

Get the Weekly Cybersecurity Newsletter.