New guidance from the U.S. National Institute of Standards and Technology (NIST) provides important information for organizations seeking to improve their software supply chain security. NIST recommends a variety of best practices.
Organizations remain concerned about the potential implications to their own security posture as a result of the Okta cyber attack. It's important to identify where risks are present throughout your third parties landscape.
Check out our ebook to learn about the latest ransomware events — and how to protect your organization from falling victim to an attack.
The situation between Russia and Ukraine has been escalating since the start of January, when Russia stationed more than 100,000 troops along the Ukrainian Border. Although cyber security is not the primary concern in the current situation, there is a cyber security component that absolutely should not be overlooked.
We believe a war in the region would have a direct impact on the cyber threat landscape. Both Poland and Lithuania have recently raised their countries' alert level, just hours after Ukraine reported its defense ministry and two banks had been hacked. In the US, CISA has issued a recommendation for all organizations, regardless of size, to adopt a heightened posture when it comes to cybersecurity. Meanwhile, Russia launched a full scale attack on Ukraine territory, which is still developing, and its full reach still remains to be seen.
We believe a war in the region would have a direct impact on the cyber threat landscape. Both Poland and Lithuania have recently raised their countries' alert level, just hours after Ukraine reported its defense ministry and two banks had been hacked. In the US, CISA has issued a recommendation for all organizations, regardless of size, to adopt a heightened posture when it comes to cybersecurity. Meanwhile, Russia launched a full scale attack on Ukraine territory, which is still developing, and its full reach still remains to be seen.
This report, conducted by the Cambridge Centre for Risk Studies, shows that investments in security controls can reduce organizations' financial exposure, and modeling financial loss can help companies make better security investment decisions.
Make your vendor lifecycle more efficient and less fraught with cyber risk with these three tips for supply chain risk management.
Here are several actionable strategies yous can use to prevent cyber attacks & other incidents from occurring within third- and fourth-party networks.
BitSight partnered with Good Harbor to host a salon discussion with security leaders from various industries to hear their thoughts on what the breach means for the security industry. Hosted by Richard A Clarke and BitSight’s Stephen Boyer, the discussion covered a range of topics from what happened, to what we should learn from the event, to what needs to happen next to minimize the damage from future attacks.
Check out our ebook to learn more about the Digital Operational Resilience Act — and the implications of this new regulation on financial entities.
A critical vulnerability that allows for unauthenticated remote code execution has been discovered in Apache Log4j 2, an open source Java logging tool. The Apache Software Foundation has identified the vulnerability as CVE-2021-44228.
“34% of companies [in portfolios] we examined had at least one exposed Java-based server. Not all of those use Log4j, but that gives a rough sense of the scale of exposure,” said Ethan Geil, Senior Director, Data and Research.
“34% of companies [in portfolios] we examined had at least one exposed Java-based server. Not all of those use Log4j, but that gives a rough sense of the scale of exposure,” said Ethan Geil, Senior Director, Data and Research.