Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
In a 2017 survey of almost 1,300 CEOs conducted by PwC, 63% of respondents said they were “extremely concerned” about cyber threats — up from just 8% in 2013.
Cybersecurity is a multifaceted topic with many constantly evolving variables. For CISOs and other security leaders, just knowing where to begin can be a challenge.Let’s say you’ve just taken over an organization’s cybersecurity program, or have been tasked with building one from scratch. You have a limited budget and limited personnel, so you can’t accomplish everything at once. Which tasks deserve your focus in the critical first few months? We’ve rounded up some cybersecurity tips from industry experts to help guide your initial strategy.
Quantifying and tracking your cybersecurity performance so you can compare your organization to others, also known as benchmarking, is necessary to improving the effectiveness of your security programs.
An effective third party cyber risk management program both identifies potential threats and finds ways to mitigate them. Organizations should aspire to the highest possible standards when it comes to their security posture. To do so, they must leverage the best technology, efficiently allocate resources, and strive for continual improvement.
October is Cybersecurity Awareness Month, which offers organizations the opportunity to thoroughly examine their security and risk programs and identify where any vulnerabilities might exist. Here at Bitsight, we talk about risk management every day. However, we have to practice what we preach — our IT Team offered some insight into areas where organizations can improve their network health not just this month, but regularly.
CISOs, CIOs, and other security professionals are taking on huge roles of some of the largest organizations in the world to provide details on better data protection and security. They win business, which translates into profitability for the firm. In fact, security professionals who report to the board are becoming competitive differentiators.
Vendor risk assessment templates are the starting block to creating vendor questionnaires. Typically, they’re comprised of a variety of questions, but the end goal for each is the same: to figure out how secure your vendor is.
Assessing the security performance of your vendors and third parties is crucial considering the amount of access to sensitive information we grant to these partners. However, for those assessments to be effective, and for you to actually know what the results mean, you need to know what performance trends you should be looking for and to be able to contrast and compare the results. This is where benchmarking comes in.
The idea of telling a vendor or potential vendor that you've rated their security performance can be a little daunting. If someone has never heard of a Bitsight Security Rating, being told that another company has been monitoring their security effectiveness, without them knowing, can sound a little "big brother-ish" and raise lots of questions about privacy and legality. Though our methods are unobtrusive and based on the same outside-in model of credit ratings, we provide many materials to our customers to help them deal with these types of situations.
Companies are spending more and more on IT security. A recent report by Canalys found that the worldwide IT security market will grow 6.6% annually, becoming a $30.1 billion dollar industry by 2017. This increase in spending may have something to do with the heightened consequences of data breaches and security events. Another recent study, this one from the Ponemon Institute, found average data breach costs to be a lofty $3.5 million. But, as companies spend more and more money on IT security products and services, how can they verify that their overall security is improving?