Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.

InSights Blog
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Gartner Predicts 2022: Cybersecurity Leaders Are Losing Control in a Distributed Ecosystem

Gartner Predicts 2022: Cybersecurity Leaders Are Losing Control in a Distributed Ecosystem
This report from Gartner reveals cybersecurity predictions about culture, the evolution of a leader’s role, third-party exposure, and the board’s perception of cyber risk. Download the report to learn key findings, market implications, and recommendations.

BitSight is committed to creating trustworthy, data-driven, and actionable measurements of organizational cybersecurity performance.

To serve your customers and realize efficiencies, your organization may work with dozens if not hundreds of third parties including partners, vendors, cloud service providers, and subcontractors.

A new study published in the Journal of the American Medical Informatics Association (JAMIA) provides brand new perspectives on the state of hospital cybersecurity performance.

Hospitals, doctors’ networks, insurance companies, and other healthcare organizations are guardians of valuable protected health information (PHI).

The financial services sector is one of the highest performing in terms of cybersecurity. One factor that contributes to this performance is regulation.

Facebook and the apps under its umbrella, including Instagram and WhatsApp, were inaccessible for hours on Monday.

Network security threats are constantly evolving, and right now we’re in the middle of a particularly challenging time. While big-name breaches like SolarWinds and others grab headlines, multitudes of smaller incidents continue to occur everyday, costing companies millions of dollars.

These days, we often hear the word “quarantine” in everyday conversations--but quarantining takes on a different meaning when it comes to protecting your network.
Often, when we discuss quarantining from a cyber security perspective we’re referring to network segmentation cyber security. But what is network segmentation, and is it the right approach for your organization? The answer to the first part is easy. The second is a bit more complicated.
Often, when we discuss quarantining from a cyber security perspective we’re referring to network segmentation cyber security. But what is network segmentation, and is it the right approach for your organization? The answer to the first part is easy. The second is a bit more complicated.

Cybersecurity is a critical risk that can materially impact a company’s bottom line. Unfortunately, investors are largely in the dark when it comes to understanding the cybersecurity of the companies in which they invest.

Today’s opportunistic hackers are seasoned professionals who are getting more adept at exploiting your organization’s digital attack surface. To do this they employ a variety of attack vectors.

To protect your organization against cyber security risks, it’s important to have a cyber risk management program in place. But does your organization’s program take into consideration its entire attack surface – including the cloud?

Recent BitSight research shows healthcare organizations that display poor patching cadence can be up to 7x more likely to experience ransomware.

Recent BitSight research shows that 76% of healthcare organizations may be at increased risk of ransomware attacks due to poor TLS/SSL configuration management.

Cyber risk management should be a priority for any organization. And while there are many measures your business can take to reduce cybersecurity risk across the enterprise, how do you discover and remediate unknown risks that may be lurking in the networks of third parties?

A single unauthorized device being used on your network. An unsanctioned application someone’s accessing from their non-secure home PC. A small vendor with a seemingly insignificant vulnerability.
Get the Weekly Cybersecurity Newsletter
Subscribe to get security news and industry ratings updates in your inbox.