InSights Blog

It’s not hard to justify why you need property insurance when you’re surrounded by your physical goods that you don’t want to be lost or damaged in your home or business. So why isn’t cybersecurity the same?

Traditional supply chain risk management strategies are becoming increasingly unsound amid the rise of unorthodox threats. These evolving supply chain risks require organizations to not only rethink supply chain risk but to act accordingly. Every organization should form a cyber supply chain risk management strategy for the modern era.

The modern attack surface is expanding, presenting new challenges to the status quo of cyber supply chain risk management. Let’s analyze the evolving landscape, and highlight key shifts important to your organization.

Learn how to combat growing third-party cyber threats with automation and an effective vendor due diligence process.

While security ratings are a great way to demonstrate that you’re paying attention to the cyber health of the organization you also need to show that you’re adhering to industry and regulatory best practices for IT security and making informed decisions for the long-term. A cybersecurity framework can help.

The process of removing an association with a CIDR range can be time consuming and frustrating; in light of this, BitSight has created a program to facilitate and simplify the process.

Emotet is back in business, and BitSight's Threat Research team is continuously monitoring the evolution of this dangerous malware. See our latest findings.

What is a board cybersecurity committee? Learn why it’s more critical than ever and how your organization can establish one.

Discover how BitSight’s GPS vulnerability research can help your organization and third party managers reduce IoT device cyber risk.

Data exfiltration is the unauthorized transfer of data from a host device, such as an application, database, or server. Here’s how you can prevent it.

The NCUA Board approved a proposed rule that would require a federally insured credit union (FICU) to notify the NCUA as soon as possible but no later than 72 hours after they reasonably believe that a reportable cyber incident has occurred.

Ransomware can gain access to your network through your third party ecosystem - and it may be more likely than you think. Read our latest blog to learn the three most effective ways to defend against third party ransomware risk.

Give your security teams critical digital risk monitoring tools to discover, prioritize, and remediate risk across the expanding attack surface.

In the US, the Darkside APT group crippled the largest fuel supplier in the northeast, causing a system wide shutdown affecting nearly the entire US east coast’s fuel supply for several days. In Europe, a double whammy hit the Irish health system when the Health Service Executive, Ireland’s health care operator and its Department of Health suffered a ransomware attack forcing a shutdown within its IT infrastructure.

The health sector is regarded as a vulnerable sector to cyber incidents and crises. In the ENISA Threat Landscape report, it was found that more than 66% of healthcare organizations experienced a ransomware attack in 2019. “In 2019, 45% of attacked organizations paid the ransom. The 45% of organizations that were attacked and paid the ransom, half still lost their data.”

Learn how to onboard vendors securely and at speed with automated, data-driven insights into your vendors’ security postures.