BITSIGHT SECURITY RATINGS BLOG

Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

Filter by Topic

Filter by Date

BitSight Analysis of SolarWinds Orion Breach — Part 1: Prevalence

The cyber attack targeting SolarWinds, a provider of network and system monitoring software, is shaping up to be one of the most significant attacks against a critical supply chain partner, with significant implications for national...

READ MORE »

FBI Alerts Companies of Cyber Attacks Aimed at Supply Chains

Earlier this month, ZDNet broke the news that the FBI had sent a cybersecurity alert to the U.S. private sector warning of an ongoing hacking campaign against supply chain software providers. According to the FBI, hackers are attempting...

READ MORE »

What Role Does Procurement Play in Supply Chain Risk Management?

Thanks to globalization and rapidly developing technology, enterprise involves more connections than ever before, and more connections means more risk in the supply chain.

Supply chain risk extends past those suppliers with whom you’re...

READ MORE »

Cyber-Attack on Indian Nuclear Power Plant Exposes Threat of “Snooping” Malware

On October 20th, 2019, authorities in India confirmed that one of its nuclear power plants had been hacked. The malware attack on the Kudankulam Nuclear Power Plant (KKNPP), first noticed on September 4th, has since been attributed to...

READ MORE »

As Cyber Insurance Claims Soar, Businesses Need to Demonstrate a Standard of Care

Hardly a day goes by without the emergence of a disturbing new trend in cyber crime or headline-grabbing hack. Hackers are getting smarter and threat vectors are constantly evolving. The escalating threat is forcing businesses to file...

READ MORE »

New Study: Organizations Struggle to Manage Cyber Risk in Their Supply Chains

A new report from McKinsey & Company sheds light on something we’ve known for many years – organizations are struggling to make significant progress in managing cybersecurity risk in their supply chains.

READ MORE »

NERC CIP-013-1: Effective Date, Preparation Strategies, & Impact

The North American Electric Reliability Corporation (NERC) has developed a new set of cybersecurity standards designed to help power and utility (P&U) companies limit their exposure to third-party cyber risks and preserve the...

READ MORE »

Software Risk Management: 3 Tips for Project & Product Managers

The development and deployment of software applications is inherently risky; a number of things can go wrong both during development and after launch. Project and product managers must stay aware of risks coming from a variety of areas,...

READ MORE »

What Is Digital Supply Chain Management?

You may have heard the term “digital supply chain management” being used to describe an emerging business function. But what exactly is a digital supply chain, and how is one supposed to manage it?

READ MORE »
Load More

Get the Weekly Cybersecurity Newsletter.