BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

BitSight Study: Just How Secure is the Business Services Sector?

Management consultants, accountants, public safety offices, marketing firms, and many more business and professional services organizations are high-value targets for cybercriminals due to the range of confidential client information they...

READ MORE »

Social Engineering: How Attackers Exploit People's Vulnerabilities

A new report from the Information Security Forum (ISF) contains some fascinating insights into how hackers probe and exploit people's psychological vulnerabilities to gain access to corporate systems. From phishing to "whaling" (targeting...

READ MORE »

Turning Business Unit Heads Into Security Management Leaders

The old adage “it’s hard to find good help these days” has never been more true than when talking about security management. The well-documented cybersecurity shortage is very real, and the long hours and pressure experienced by those who...

READ MORE »

New Forrester Study Highlights Need for Security Performance Management

In a new Forrester study commissioned by BitSight,Better Security And Business Outcomes With Security Performance Management, key findings implicate the strong need for businesses worldwide to invest in a robust security performance...

READ MORE »

Analyzing Utilities Sector Cybersecurity Performance

With economic sanctions being levied by the US against Iran and a trade war heating up with China, some security experts are cautioning that attacks targeting US critical infrastructure may be inevitable. Are electric utilities prepared to...

READ MORE »

Security Performance in Business Context: How Forecasts Empower Organizations to Improve Processes

When it comes to managing your organization’s cybersecurity performance, understanding the business context in which you make decisions is key. By leveraging security ratings you can understand the efficacy of your current security...

READ MORE »

Open Port Vulnerabilities: What's the Big Deal?

If you’ve done any research into improving network security, you’ve probably seen one suggestion repeated again and again: close your open ports.

Why is this such a common recommendation? Are open port vulnerabilities really a big deal?...

READ MORE »

A Risk-based Approach to Cybersecurity Can Save Time & Money

If you’ve glanced at the opinion columns of security industry publications, you’ve probably seen the term “risk-based” floating around, as in “the time is now for a comprehensive, risk-based approachor “a risk-based approach to security...

READ MORE »

Types of Penetration Testing: Which Is Right for Your Business?

Penetration tests (a.k.a. pen tests) are point-in-time assessments of cybersecurity. They allow IT and security professionals to assess the adequacy of security controls, including intrusion detection and response systems, and identify...

READ MORE »
Load More

Subscribe to get security news and updates in your inbox.