BitSight

Why is the Exposure Management Market So Confusing? Wading Through the Acronyms

Mar 20, 2024 By Ericka Chickowski In BitSight

If there's one certainty in life for CISOs it is that when it is time to buy into a new or consolidating security technology niche, they're going to have to eat their fair share of alphabet soup. Tech analysts and marketers do love their acronyms after all. We've got our SIEMs, our SOCS, and our MFAs and MDRs to prove that one out.

Read Post

BitSight

Read more about Why is the Exposure Management Market So Confusing? Wading Through the Acronyms

Dental DDoS? No. Cameras and Ransomware? Oh yeah.

Mar 13, 2024 By Ben Edwards In BitSight

We’re back again with a monthly-ish blog reflecting on major goings on in the security world. I am writing the first draft on the rarest of holidays, leap day1! February gets extended by a day every four years, and if we had to guess Ivanti wishes this month would end.

Read Post

BitSight

Read more about Dental DDoS? No. Cameras and Ransomware? Oh yeah.

Integrating your TPRM Stack for Seamless Vendor Lifecycle Management

Mar 12, 2024 By Sabrina Pagnotta In BitSight

Every cybersecurity team is being challenged to do more with less. CISOs experience top-down pressure to maximize the value of their resources, consolidate vendors as much as possible, and optimize their tool stack. And, they have unchanged expectations of keeping their organization safe across ever-growing digital supply chains. But traditional approaches to VRM often leave cybersecurity teams grappling with a tangled web of manual processes, disparate tools, and fragmented data.

Read Post

BitSight

Read more about Integrating your TPRM Stack for Seamless Vendor Lifecycle Management

Unveiling CPS 234 Challenges: Insights from APRA's Cyber Security Stocktake

Mar 11, 2024 By Terence Cheong In BitSight

Australia has seen several high profile cyber incidents in 2023 and has seen significant loss of customer data (Canva’s 139 million customers, Latitude’s 7.9 million customers HWL Ebsworth’s 65 government agencies, 2.5 million documents). According to the OAIC Notifiable Data Breaches Report: January to June 2023, the top 3 sectors in that period to report data breaches are Health Service Providers (65 notifications), Finance incl.

Read Post

BitSight

Read more about Unveiling CPS 234 Challenges: Insights from APRA's Cyber Security Stocktake

Tackling Shadow IT Head-On: Strategies for Cybersecurity Leaders

Feb 29, 2024 By Tim Grieveson In BitSight

As cybersecurity leaders, we're all too familiar with the challenges posed by Shadow IT—a persistent thorn in the side of IT and security teams worldwide. And when high-profile supply chain attacks make headlines, the urgency to understand our reliance on third parties becomes all too real.

Read Post

BitSight

Read more about Tackling Shadow IT Head-On: Strategies for Cybersecurity Leaders

Bitsight Vendor Risk Management Walkthrough

Feb 28, 2024 By BitSight In BitSight

Streamline Assessments, Monitor Vendors, and Validate Security Posture with Ease. No more manual workflows or toggling between tools—with Bitsight VRM, part of the industry’s first end-to-end third-party risk management solution, you can effortlessly navigate through risk assessments and continuous monitoring with just a flip of a switch. Discover a new level of clarity and efficiency with instant access to an ever-growing network of 40,000+ vendor profiles. Track onboarding and validate questionnaire responses with objective data to make informed decisions and expedite risk mitigation.

View Video

BitSight

Read more about Bitsight Vendor Risk Management Walkthrough

Hunting PrivateLoader: The malware behind InstallsKey PPI service

Feb 27, 2024 By André Tavares In BitSight

Since July 2022, Bitsight has been tracking PrivateLoader, the widespread malware downloader behind the Russian Pay-Per-Install (PPI) service called InstallsKey. At the time, this malware was powering the now decommissioned ruzki PPI service. Figure 1 presents a brief description of the service, which was found in their sales telegram channel. Fig. 1 - Service description on telegram channel profile (Russian and English).

Read Post

BitSight

Read more about Hunting PrivateLoader: The malware behind InstallsKey PPI service

Less Is More: Consolidating Your Third Party Risk Management Tools

Feb 21, 2024 By Anders Norremo and Qionglu Lei In BitSight

Proudly serving over 3,000 enterprises globally, Bitsight works closely with risk leaders across industries to help them protect their businesses. CISOs and third-party risk professionals face pressing challenges, from regulations to efficiency to maintaining supply chain resilience—all calling for smarter, easier, and more integrated solutions.

Read Post

BitSight

Read more about Less Is More: Consolidating Your Third Party Risk Management Tools

5 Cyber Governance Tips for Board Members, Inspired by New Bitsight-Google Study

Feb 15, 2024 By Noah Stone In BitSight

Cybersecurity has become a critical part of corporate governance, with board members increasingly held accountable for the digital safety of their organizations. Amid rising breach costs, new cybersecurity regulations like those from the U.S. Securities and Exchange Commission (SEC), and new studies finding widespread cybersecurity failures, the impact of board-level cyber governance decisions is significant.

Read Post

BitSight

Read more about 5 Cyber Governance Tips for Board Members, Inspired by New Bitsight-Google Study

New Year, New Ivanti Vulnerability

Feb 8, 2024 By Ben Edwards In BitSight

Welcome folks! It’s 2024 and we here at Bitsight are kicking off a series of short informative posts on events that caught our attention as cognition authorities1 each month. We’re excited to report on the interesting things Bitsight found.

Read Post

BitSight

Read more about New Year, New Ivanti Vulnerability

Subscribe to BitSight

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

BitSight

Why is the Exposure Management Market So Confusing? Wading Through the Acronyms

Dental DDoS? No. Cameras and Ransomware? Oh yeah.

Integrating your TPRM Stack for Seamless Vendor Lifecycle Management

Unveiling CPS 234 Challenges: Insights from APRA's Cyber Security Stocktake

Tackling Shadow IT Head-On: Strategies for Cybersecurity Leaders

Bitsight Vendor Risk Management Walkthrough

Hunting PrivateLoader: The malware behind InstallsKey PPI service

Less Is More: Consolidating Your Third Party Risk Management Tools

5 Cyber Governance Tips for Board Members, Inspired by New Bitsight-Google Study

New Year, New Ivanti Vulnerability

Monthly Archive

Follow Us