BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

How CISOs Can Use Authority To Strengthen Supply Chain Cyber Security

The SolarWinds supply chain attack did more than just create cybersecurity problems for businesses and government agencies – it has had a strong impact on the mindset of CISOs. Already under stress, the incident further dispirited many...

READ MORE »

The BitSight Team Answers Your Questions About The SolarWinds Hack

The SolarWinds hack, discovered in late 2020 when FireEye announced it had been targeted through a third party vulnerability, has now become one of the most widespread and impactful supply chain attacks in history. 

READ MORE »

BITSIGHT ANALYSIS OF SOLARWINDS ORION — PART 2: DECLINING PREVALENCE

In light of the cyber attack targeting SolarWinds, security and risk professionals are working to identify instances of the Orion software within their organization -- including their broader partner ecosystem -- and reduce their...

READ MORE »

FBI Alerts Companies of Cyber Attacks Aimed at Supply Chains

Earlier this month, ZDNet broke the news that the FBI had sent a cybersecurity alert to the U.S. private sector warning of an ongoing hacking campaign against supply chain software providers. According to the FBI, hackers are attempting to...

READ MORE »

What Role Does Procurement Play in Supply Chain Risk Management?

Thanks to globalization and rapidly developing technology, enterprise involves more connections than ever before, and more connections means more risk in the supply chain.

Supply chain risk extends past those suppliers with whom you’re...

READ MORE »

Cyber-Attack on Indian Nuclear Power Plant Exposes Threat of “Snooping” Malware

On October 20th, 2019, authorities in India confirmed that one of its nuclear power plants had been hacked. The malware attack on the Kudankulam Nuclear Power Plant (KKNPP), first noticed on September 4th, has since been attributed to the...

READ MORE »

As Cyber Insurance Claims Soar, Businesses Need to Demonstrate a Standard of Care

Hardly a day goes by without the emergence of a disturbing new trend in cyber crime or headline-grabbing hack. Hackers are getting smarter and threat vectors are constantly evolving. The escalating threat is forcing businesses to file more

READ MORE »

New Study: Organizations Struggle to Manage Cyber Risk in Their Supply Chains

A new report from McKinsey & Company sheds light on something we’ve known for many years – organizations are struggling to make significant progress in managing cybersecurity risk in their supply chains.

READ MORE »

NERC CIP-013-1: Effective Date, Preparation Strategies, & Impact

The North American Electric Reliability Corporation (NERC) has developed a new set of cybersecurity standards designed to help power and utility (P&U) companies limit their exposure to third-party cyber risks and preserve the reliability...

READ MORE »
Load More

Subscribe to get security news and updates in your inbox.