<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1175921925807459&amp;ev=PageView&amp;noscript=1">

BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

GDPR Shows Its Teeth, Goes After Breached Companies

In 2018, the European Union (EU) General Data Protection Regulation (GDPR) heralded in the most important change in data privacy regulation in 20 years.

Far reaching in its applicability, GDPR extends well beyond Europe and affects any...

READ MORE »

NERC CIP-013-1: Effective Date, Preparation Strategies, & Impact

The North American Electric Reliability Corporation (NERC) has developed a new set of cybersecurity standards designed to help power and utility (P&U) companies limit their exposure to third-party cyber risks and preserve the reliability...

READ MORE »

Is Your Risk Management Program Ready for the New European Banking Authority’s Guidelines?

In June 2018, the European Banking Authority (EBA) put forth guidelines on outsourcing arrangements that highlighted the importance of risk management within financial organizations. The notice of these guidelines was announced in June...

READ MORE »

Top 5 Trends in Telecom Risk Management

As regulations shift and providers enter new markets, the telecom industry is changing rapidly. In preparation for these changes, telecom risk management professionals must become aware of new risks on the horizon. Privacy and net...

READ MORE »

Recent Breach Attempt Highlights Australia’s Need for Stronger Risk Management Controls

Last week, unknown threat actors attempted to hack the Australian federal Parliament’s computer network and the servers used by every politician, staffer, and security officer in Parliament House. Authorities believe there is a strong...

READ MORE »

The Time is Now: NYDFS Deadline Means Risk Managers Need to Focus on Third-Party Risk

In March 2017, the New York Department of Financial Services (NYDFS) cybersecurity regulations — known as 23 NYCRR Part 500 — went into effect. According to the regulation, “any Person operating under or required to operate under a...

READ MORE »

EU NIS Directive: The European Union’s First Cybersecurity-focused Legislation

Last month, the EU NIS Directive (Directive on Security of Network and Information Systems) went into effect. This directive is the first EU-wide piece of legislation specifically focused on cybersecurity. Its goal is to “achieve a high...

READ MORE »

NIST Cybersecurity Framework Now Includes Supply Chain Risk Management Category

Recently, the National Institute of Standards & Technology (NIST), released an updated Version 1.1 of the NIST Cybersecurity Framework that now includes a new category on “Supply Chain Risk Management.”

READ MORE »

How Security Ratings Can Help Organizations Adhere to Hong Kong’s Cybersecurity Guidelines

The implementation of many strict cybersecurity regulations and requirements (including GDPR, NYDFS, and more) continues to increase on a global scale. 2018 has also brought about the continuation of strict cybersecurity regulations in the...

READ MORE »
Load More

Subscribe to get security news and updates in your inbox.