Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.

Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.

Security pros can now submit detailed Jira requests to admins, developers, ops teams, and collaborators directly from the Bitsight portal.

Security ratings, or cyber security ratings, are a data-driven, objective and dynamic measurement of an organization’s security performance. Thousands of organizations around the world use Bitsight Security Ratings as a tool to address a variety of critical, interconnected internal and external use cases at scale in order to enable more effective decision making throughout the global business ecosystem.

Security leaders have got to be ready to direct the conversation on security in a manner that resonates with directors. Here's how.

In an era of rapid threat expansion, proper storytelling by CISOs can be the key to build confidence with customers, regulators, board members, and other stakeholders.

Key Risk Indicators (KRIs) können dabei helfen, Cyberrisiken zu überwachen und zu kontrollieren. Aber auf welche KRIs sollten Sie sich konzentrieren?

Les indicateurs clés de risque (KRI) peuvent aider à surveiller et à contrôler les cyber-risques. Mais sur quels KRI devez-vous vous concentrer ?

A monthly or quarterly report is a great way to summarize a SOC’s performance and uncover insights for executive leadership. But as a security and risk manager or executive, what information should you request from the managers who report to you?

Give your security teams critical digital risk monitoring tools to discover, prioritize, and remediate risk across the expanding attack surface.

To improve cyber resilience, you must first measure it. Learn the 4 metrics to track to gain insights into your cybersecurity posture.

What exactly is a “material” cybersecurity incident as defined in the latest SEC cybersecurity disclosure requirements? Let's find out.

No one should be surprised to learn that IT and cybersecurity jobs can be extremely stressful. Now, a convergence of trends has, in many cases, brought this stress to a breaking point.

While many IT, security, and risk professionals have developed good metrics and visuals for communicating internally about cyber risk, such as the safety cross and pareto charts, reporting on cybersecurity to non-technical individuals remains challenging.

Bitsight and Google have collaborated to study global organizational performance across cybersecurity controls in the Minimum Viable Secure Product (MVSP) framework.

You don’t have to be a CIO to know that a great IT department is crucial to the success of any large organization. With the rise of big data, artificial intelligence, and the Internet of Things, technology promises to become an even more fundamental part of competitive corporate strategies in every industry.

Special thanks to Venky Ganesan, the managing director of Menlo Ventures, for his insights into this topic.