Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
![Blog Image KEV Research Announcement](/sites/default/files/styles/cta/public/2024/05/01/Blog%20Image%20KEV%20Research%20Announcement.png?itok=dUMFV8Tg)
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
![A digital lock representing ransomware](/sites/default/files/styles/4_3_small/public/2024/03/12/Dental%20DDoS%20No.%20Cameras%20and%20Ransomware%20Oh%20yeah.jpg.webp?itok=dg23j6FO)
We’re back again with a monthly-ish blog reflecting on major goings on in the security world.
![Australia parliament](/sites/default/files/styles/4_3_small/public/2024/03/07/Australia-parliament.jpg.webp?itok=lekSX6OB)
Explore the concerning cybersecurity landscape in Australia's finance sector, marked by major data breaches and deficiencies in notification procedures, highlighting critical vulnerabilities and pressing challenges.
![Key Risk Indicators (KRIs) Examples](/sites/default/files/styles/4_3_small/public/2023/07/10/Key%20Risk%20Indicators%20Blog.jpg.webp?itok=g42q0uXe)
Key risk indicators (KRIs) can help monitor and control cyber risk. But what KRIs should you focus on?
![Tackling Shadow IT Head-On_Strategies for Cybersecurity Leaders](/sites/default/files/styles/4_3_small/public/2024/03/04/Tackling%20Shadow%20IT%20Head-On_Strategies%20for%20Cybersecurity%20Leaders.jpg.webp?itok=WEAqsX4c)
Tim Grieveson from Bitsight discusses strategies for managing Shadow IT, emphasizing the need for cybersecurity leaders to balance security and convenience.
![Cybersecurity Frameworks to Reduce Cyber Risk](/sites/default/files/styles/4_3_small/public/migration/images/7%2520Cybersecurity%2520Frameworks%2520To%2520Reduce%2520Cyber%2520Risk_Banner_1.jpg.webp?itok=dWoU66xM)
While security ratings are a great way to demonstrate that you’re paying attention to the cyber health of the organization you also need to show that you’re adhering to industry and regulatory best practices for IT security and making informed decisions for the long-term. A cybersecurity framework can help.
![Hunting PrivateLoader- The malware behind InstallsKey PPI service](/sites/default/files/styles/4_3_small/public/2024/02/23/Hunting%20PrivateLoader-%20The%20malware%20behind%20InstallsKey%20PPI%20service%20hero-new.jpg.webp?itok=FxgT9wAq)
Read the latest Bitsight research on PrivateLoader including important updates recently, including a new string encryption algorithm, a new alternative communication protocol and more.
![ground view of tall skyscrapers on a clear day](/sites/default/files/styles/4_3_small/public/2023/09/19/samson-ZGjbiukp_-A-unsplash.jpg.webp?itok=u38tUe16)
Failing to update your software doesn’t just mean you’re missing out on the latest version—it means you could expose your organization to major security vulnerabilities, like the widespread Apache Log4j2 vulnerability.
![less is more: consolidating your third party risk management tools; anders norremo; tp; product management](/sites/default/files/styles/4_3_small/public/2024/02/21/Social-Blog-VRM-Unification-Launch-930x523.png.webp?itok=VuQPOGTw)
Anders Norremo from Bitsight unveils key insights into simplifying your approach to Third Party Risk Management (TPRM). By integrating solutions like Bitsight's Vendor Risk Management, you can streamline vendor assessments, enhance efficiency and automate processes.
![5 Cyber Governance Tips for Board Members, Inspired by New Bitsight-Google Study](/sites/default/files/styles/4_3_small/public/2024/01/08/5%20Cyber%20Governance%20Tips%20for%20Board%20Members%2C%20Inspired%20by%20New%20Bitsight-Google%20Study.png.webp?itok=BebjWlvZ)
Bitsight put together 5 tips for board members to manage cyber risk going into 2024. Read the blog to see how the modern corporate board thinks about cyber risk.
![2024 Ivanti Vulnerability hero](/sites/default/files/styles/4_3_small/public/2024/02/06/2024-Ivanti-Vulnerability-hero.jpg.webp?itok=CAH4aWVm)
Explore recent Ivanti Secure vulnerabilities affecting SSL VPN and Network Access Control solutions. Understand the criticality, patch delays, and ongoing exploitation.
![Ryan_Shadow IT ebook promo_Blog_Web_Header](/sites/default/files/styles/4_3_small/public/2024/02/05/Ryan_Shadow%20IT%20ebook%20promo_Blog_Web_Header.png.webp?itok=ICA9-tNx)
When it comes to managing hidden risk and shadow IT, our primary challenge as cybersecurity practitioners is securing the organization’s data and applications while empowering users to perform their duties efficiently.
![Managing Security Risk in Mergers & Acquisitions](/sites/default/files/styles/4_3_small/public/2022/06/03/MA_Blog_Post_Statistical_Analysis_1.jpg.webp?itok=9UDVRI5e)
Every year, companies spend billions of dollars on mergers and acquisitions. (The value of worldwide M&A deals in 2014 totaled $3.5 trillion.) Managing risk throughout the process is an important element of any merger, but there's one area of risk management that hasn't had the attention it deserves.
![13 Cybersecurity Training Tips For Employees (From 7 Insiders)](/sites/default/files/styles/4_3_small/public/migration/images/13%2520Cybersecurity%2520Training%2520Tips%2520For%2520Employees%2520-%2520thumb_1.jpg.webp?itok=Qdh1_b4B)
Anyone in the security space can agree that a solid cybersecurity policy goes a long way. But not everyone in your organization is a security expert. In fact, many employees may not know the first thing about firewalls or viruses—which is why cybersecurity employee training is such a critical matter.
![Blog_Compliance ebook-blog-hero](/sites/default/files/styles/4_3_small/public/2024/01/31/Blog_Compliance%20ebook-blog-hero.png.webp?itok=1Hb1bmDp)
Unearth insights to not just comply but lead in the era of NIS2, DORA, PS21/3, and emerging cyber regulations.
![17 Cybersecurity Thought Leaders You Should Be Following](/sites/default/files/styles/4_3_small/public/migration/images/full-10-cybersecurity-thought-leaders_1.jpg.webp?itok=b42k-Vpv)
As more of the world’s population gains access to the internet and more and more devices come online daily, there are new and emerging cyber threats around every corner.