Insights blog.

In Part 1 of this multi-part series, we describe the new SEC cybersecurity regulations and assess potential impact on both shareholders and companies.

Your attack surface is expanding everyday. Learn how external attack surface management can help you understand what you’re up against and inform remediation.

Is cybersecurity risk defined in the same way as common risk? How is it different? Find out the answers and what you can do about it.

Companies will be required to disclose risks in their annual reports beginning on 12/15/2023. For many CISOs, they may have some real questions. Here's where to start.

Whaling attacks are a form of spear phishing that target senior executives. Learn how to defend against these attacks.

Read Bitsight breach research by looking at the evolution of reported incidents over the past years to identify trends and global patterns.

As cyber threats evolve and business models change, maintaining a mature cybersecurity program can be challenging. You need to be confident that your organization’s current security tools and techniques are effective.

Cybersecurity intelligence is a powerful weapon against risk. Learn how you can improve your cyber data collection, analysis, and sharing to mitigate emerging threats.

New SEC regulations mean that cybersecurity leaders are looking for ways to tell their company's story and looking for the right data to include. Independent cybersecurity benchmarking results are quickly becoming one of the primary data points included in any investor disclosure.

METI recommends ASM as a means to discover, manage internet assets, and continuously monitor for associated exposures and vulnerabilities allowing for remediations.

If your organization is like many others, its cyber exposure continues to grow over time. During the pandemic, as attackers sought to exploit unprecedented changes in work environments, 35% of cyberattacks used previously unseen malware or methods, up from the norm of 20%. And with the average enterprise using well over 1,000 cloud services, it can be very difficult to get a handle on potential vulnerabilities or to know when risks will pop up.

What is a backdoor attack and how can you protect your organization from becoming a victim? Let’s explore this stealthy threat.

On July 26, 2023, the SEC voted to adopt new cybersecurity requirements for publicly traded companies, creating new obligations for reporting “material” cybersecurity incidents and requiring more detailed disclosure of cybersecurity risk management, expertise, and governance.

The financial services sector is one of the highest performing in terms of cybersecurity. One factor that contributes to this performance is regulation.

CVE-2023-35036 & CVE-2023-35708 — were identified on June 9th and June 15th in the latest series of high-profile software supply chain vulnerabilities.