Read news articles covering Bitsight, the leader in security ratings. We're proud to be featured in these leading business & technology publications, journals, blogs, and broadcasts.
In The News
As the biggest task of business IT, 'security' is being talked about, the service that can check the current security status of the company is officially introduced in Korea. Bitsight, an IT security rating company held a press conference at Lotte Hotel in Seoul, and announced the formal release of its IT security rating service in Korea.
Earlier this week, The Washington Post reported that US Customs and Border Protection (CBP) suffered a data breach involving hackers gaining access to photos of people’s faces and license plates at a border entry port. The attackers targeted a third-party subcontractor, which had been storing the sensitive files over its own network. The subcontractor’s network was subsequently compromised by a malicious cyber-attack. I was not surprised to read this as all government agencies are at high risk of data breach through their third party contractors, writes Jake Olcott, VP Government Affairs at Bitsight.
Security is no longer just a job for IT – it impacts all areas of a business, from brand perception to the bottom line. As a result, CISOs are increasingly being asked to deliver cybersecurity reports to their boards, including information on global trends, security performance, security strategy, and security spend.
The risk associated with the Microsoft Windows vulnerability known as BlueKeep, which affects Remote Desktop Services, is more widespread than the EternalBlue vulnerability used to carry out WannaCry attacks, according to analysis out today from the cybersecurity firm Bitsight
New research from Bitsight indicates the BlueKeep vulnerability could prove more serious than EternalBlue, the vulnerability that was exploited by the WannaCry attacks.
The recently discovered BlueKeep flaw has the potential to be as destructive or even worse than EternalBlue–the basis of the WannaCry ransomware–and it’s critical for organizations to patch any affected systems now to avoid a dire scenario, new research advises. Researchers at Bitsight evaluated the potential effect of the worm-friendly BlueKeep, and said it’s likely only a matter of time before someone exploits the vulnerability for widespread damage.
CEOs and board members are increasingly under the microscope when it comes to managing cyber risk. The financial, legal, and regulatory impact that cyber incidents can have upon organizations have transformed what was once an “IT problem” into a whole of company challenge.
According to the disclosure timeline revealed by vpnMentor, the breach was discovered on May 27 and the Pyramid Hotel Group notified on May 28. The vulnerability was fixed on May 29, so the response was a quick and efficient one. That comes as cold-comfort to Jake Olcott, the vice president of government affairs at Bitsight. Olcott, who has previously served as legal advisor to the Senate Commerce Committee and counsel to the House of Representatives Homeland Security Committee, says that while other sectors such as finance have been focused on measuring and monitoring third-party cyber risk, "the hospitality sector does not face the same regulatory pressures." Incidents such as this need to act as a wake-up call to the entire travel and hospitality sector according to Olcott. "They're going to have to take a closer look at these issues," he warns, "or face reputational and economic damage..."
All sorts of engines that we use, for example services of cyber rating companies, such as Bitsight, which we cross-reference with intelligence. This an advantage we have over many companies, because good intelligence is expensive and difficult. The organization gets service for free or for a nominal payment, and is told what its level of risk is, and how it will change.
Debbie Umbach is the Vice President of Marketing at Bitsight Technologies, the pioneer of and leader in security ratings, where she is responsible for the Company’s global marketing strategy and corporate communications. Founded in 2011, Bitsight built its Security Ratings Platform to continuously analyze vast amounts of external data on security issues and behaviors in order to help organizations manage third party risk, underwrite cyber insurance policies, benchmark performance, conduct M&A due diligence and assess aggregate risk.
Read Bitsight's article, "Auditing and Monitoring Suppliers", in Raconteur's Business Risk Report, published in The Sunday Times on April 28, 2019.
With such a lack of maturity rampant in vendor risk management, it should come as no surprise that only 44% of organizations report on third-party risk to their executives and boards on a regular basis. So says a report by Bitsight, which also found that one in five respondents think boards do not understand their approaches to third-party risk management.
“We still don’t have a clear idea of what cyberwar actually looks like,” said Jake Olcott, vice president at Bitsight, a cyber risk adviser. “That is one of the struggles in this case. No one has said this was an all-out cyberwar by Russia.”
Countless Congressional hearings, 48 state data privacy laws and GDPR and mega breaches like the discovery of data on 500 million Facebook users just keep happening. Why? In this episode of the podcast, Paul is joined by experts from the firm Bitsight and BigID to discuss why we can’t seem to stop the breaches.
A new global study has been conducted by Bitsight and the Centre for Financial Professionals (CeFPro), looking into the financial sector and their views on third-party cyber risks in the industry. The report was officially released early this month.