Insights blog.

In 2023, the SEC adopted new cybersecurity disclosure requirements. Learn how shareholders can leverage cybersecurity information for investment decisions and more.

The Australian Prudential Regulation Authority (APRA) has introduced CPS 234. Learn about the regulation and how cybersecurity is now at the forefront.

To ensure the security & resilience of critical infrastructure & digital services, the EU introduced the Directive (UE) 2022/2555 (NIS 2). See how Bitsight can help.

We delve into the purpose of these EU regulations, the challenges they present, the timeframe for adoption, and the keys to comply.

In Part 1 of this multi-part series, we describe the new SEC cybersecurity regulations and assess potential impact on both shareholders and companies.

Companies will be required to disclose risks in their annual reports beginning on 12/15/2023. For many CISOs, they may have some real questions. Here's where to start.

As cyber threats evolve and business models change, maintaining a mature cybersecurity program can be challenging. You need to be confident that your organization’s current security tools and techniques are effective.

New SEC regulations mean that cybersecurity leaders are looking for ways to tell their company's story and looking for the right data to include. Independent cybersecurity benchmarking results are quickly becoming one of the primary data points included in any investor disclosure.

METI recommends ASM as a means to discover, manage internet assets, and continuously monitor for associated exposures and vulnerabilities allowing for remediations.

On July 26, 2023, the SEC voted to adopt new cybersecurity requirements for publicly traded companies, creating new obligations for reporting “material” cybersecurity incidents and requiring more detailed disclosure of cybersecurity risk management, expertise, and governance.

It's proxy season, and investors want information from companies about cyber risk. Investors are leveraging Bitsight’s data analytics to better understand the risks of their investments.

Learn how the System of Trust framework can help you understand and address supply chain risks.

What is a SOC 2 report and why is it essential in due diligence and vendor risk management programs? Here's what you need to know.

At the upcoming RSA Conference, Bitsight’s Derek Vadala will moderate a panel to explain new cybersecurity disclosure requirements and how timely, consistent, and informative disclosure can benefit companies in the marketplace.

If you operate in specific sectors, cybersecurity maturity is more than a best practice, it’s a regulatory requirement. These regulations are complex and constantly changing. To help you better understand your organization's regulatory environment and the standards and controls they stipulate, let's break down key cyber compliance regulations by industry.