See Your Rating
Free Attack Surface Report
menu

BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

National Cybersecurity

Nobelium Attack Highlights Risk of Exposed Credentials

Ethan Geil and Luis Grangeia | May 28, 2021

Microsoft recently announced that the threat actor Nobelium continues to target government agencies, think tanks, consultants, and non-government organizations with cyber attacks. 

READ MORE »
Cybersecurity

What’s Most Notable in Biden’s Cybersecurity Executive Order?

Jake Olcott | May 13, 2021

In light of recent significant attacks targeting the U.S. government, the Biden administration issued an Executive Order (EO) on cybersecurity on May 8, 2021.

Overall, the EO starts to fill in some critical gaps in US government...

READ MORE »
Security Ratings

A response to Security Ratings - Love, Loathe or Live With Them

Jay Roxe | December 21, 2020

A week ago (which seems like a world ago given everything that’s happened with SolarWinds) Phil Venables -- formerly CISO of Goldman Sachs and now CISO of Google Cloud -- posted an interesting expose on security ratings this week. Phil...

READ MORE »
National Cybersecurity

U.S. Election Security, Part 1: Voting Systems Vendors’ Cybersecurity is Improving

Jake Olcott | September 15, 2020

Significant concerns have been raised about the security of the 2020 United States election. Hundreds of millions of dollars in Federal funding has been made available to state and local governments to improve the security of election...

READ MORE »
Critical Infrastructure

New Study Reveals Cybersecurity Risks in the World’s Largest Airports

Brian Thomas | February 7, 2020

Back in 1990, Hollywood producers imagined a complex plot in which an army of mercenaries with malicious intent hack into and take over the air traffic control system at Washington Dulles International Airport. The result was the...

READ MORE »
Third Party Risk Management

The DoD’s Cybersecurity Maturity Model Certification Draws a Line in the Sand for Third Party Risk

Jake Olcott | November 25, 2019

Federal technology contractors hold the keys to our nation’s security in their networks, servers, and databases. Yet, recent incidents point to worrisome vulnerabilities that indicate increased cyber risk to defense contractors and the...

READ MORE »
Regulation & Compliance

From Framework to Application: Security Ratings and NIST

Ben Fagan | April 21, 2015

This is the introductory post in a series exploring how security ratings can address key aspects of the National Institutes of Standards and Technology’s (NIST) Framework for Improving Critical Infrastructure Cybersecurity. The purpose...

READ MORE »
Critical Infrastructure

Security Performance in the Utilities Sector: Steps for Progress

Noah Simon | April 15, 2015

For years, it has been widely-known that the Utilities industry has struggled with cyber security in relation to other industries. In 2014, Unisys and the Ponemon Institute found that 70% of Utility companies surveyed around the world...

READ MORE »
Security Risk Management

2015 Information Security Predictions Round-up

Nick Gagalis | December 30, 2014

It's the time of year that every media outlet talks about predictions and resolutions. We've compiled a list of the most interesting and/or relevant information security predictions for 2015 and added a few of our own, courtesy of...

READ MORE »
Load More

Subscribe to get security news and updates in your inbox.

© 2021 BitSight Technologies. All Rights Reserved. | Privacy Policy | Security | For Suppliers

Contact Us | BitSight Technologies | 111 Huntington Ave, Suite 2010, Boston, MA 02199 | +1-617-245-0469