InSights Blog

BitSight is partnering with Google Cloud to provide customers with a centralized repository of Google Cloud questionnaires, certifications, and documentation, now available through BitSight Vendor Risk Management. Learn more about the partnership in our blog.

Consider these three best practices for mapping your digital footprint and using these insights to better assess cyber risk and drive continuous improvement in your security program.

To protect your organization against cyber security risks, it’s important to have a cyber risk management program in place. But does your organization’s program take into consideration its entire attack surface – including the cloud?

For the first time, cloud security breaches and incidents are more commonplace than on-premises attacks. According to the 2021 Verizon Data Breach Investigations Report (DBIR), in 2020, 73% of cyberattacks involved cloud assets, compared to only 27% in the previous year.

Spurred by the pandemic and a need for greater collaboration and business efficiency, cloud adoption is soaring. According to the Flexera 2021 State of the Cloud Report, spending on cloud services this year is predicted to be higher than ever.

Oftentimes, security managers fall into the trap of believing that a large or commonly used cloud services organization is safe to have connected to their network. Cloud services providers aren’t immune to bad actors targeting their network, and in reality can expose extremely sensitive information when they are targeted.

Cloud computing is not new to the cyber world; it’s here to stay. Web services are common in our everyday lives and workplaces, with things like Facebook, Salesforce, JIRA, Adobe, and GSuite all falling into the cloud-based category. But who is responsible for breaches in the cloud data, the service provider or the organization using their services?

As the number and costs of cyber-attacks and data breaches continue to rise, more money is being thrown at the problem. IDC projects that by 2022, organizations will spend $133.8 billion to protect their IT infrastructures against cybersecurity threats.