Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.

Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.

As responsibilities for cyber risk leaders grow and resources remain finite, cyber risk prioritization is vital. Learn 5 ways that CTI helps you prioritize.

Third party risk management is trending following major data breaches affecting organizations through their vendors. But what is TPRM?

As a security professional navigating the new challenges 2020 is bringing to cybersecurity, it’s critical to understand the ways your organization’s data could be exposed. Sensitive data is critical, safeguarded information. Different information can be considered sensitive depending on the industry, but in general it can be anything your organization, your employees, your customers, or your third parties would expect to be private and protected. Below, we’ve outlined five examples of sensitive data your organization likely handles—and a few key ways to protect it from evolving cyber threats.

Phases 1-2 of Bitsight's Dynamic Remediation initiative are complete. Learn how rescanning is easier & see how your score updates after taking assets offline.

The 2025 Bitsight Rating Algorithm Update focuses on incorporating the Web Application Security (WAS) risk vector. Learn the research behind this change.

Vendor Risk Management is the practice of evaluating business partners, suppliers, or third-party vendors both before a business relationship is established and during the duration of your business contract. This is an important concept and practice to put in place during the evaluation of your vendors and the procurement process.

Compromised credentials fuel identity threats. Bitsight's Identity Intelligence monitors the dark web, alerts you fast, and enables rapid remediation.

AI tools like DALL-E & ChatGPT went mainstream in 2022, sparking creativity—and security concerns. Explore their impact & how threat actors may exploit them.

The NIS2 Directive marks a significant shift in how the EU is addressing cyber risks, reinforcing security requirements for organizations and their suppliers. But what does this mean for businesses operating in Europe?

Bitsight and Lokker have partnered together to bring the Cyber Insurance industry’s first unified data privacy risk and cybersecurity underwriting solution to market.

The 2025 Bitsight Ratings Algorithm Update will be ready for preview on April 8. Learn more about what changes to the Bitsight rating are coming in 2025.

The vendor due diligence checklist to steer your procurement decision-making in 5 simple steps. First step: always collect the 7 basic business details.

Your supply chain is bigger—and riskier—than you think. The Bitsight TRACE team uncovers the "Critical 99" and hidden vulnerabilities. Read the findings now.

Bitsight TRACE analyzes the March 10, 2025 DDoS attack on X, linking it to IoT botnets and misconfigurations. Dark Storm claims responsibility, but was it them?

Security risk managers often face a lot of the same roadblocks, even if they’re managing programs of different sizes or in different industries. Basing security practices on well-known, and sometimes government-regulated cybersecurity models will mature your program to overcome process inefficiencies.