Everyone knows that running outdated computer applications comes with annoyances and risks. An outdated application might face performance issues or just become slower than modern versions. It might face compatibility issues and have limited functionalities. It might lose technical support and even fail to meet current industry standards and regulations, which could put your organization at risk for non-compliance penalties and legal action.

At Bitsight, part of the core work of the Vulnerability Research team is to analyze new high-profile vulnerabilities and ensure we come up with ways to detect, at an internet-wide scale, who is affected by these. Sometimes - more often than not - the direct exploitation of these vulnerabilities is significantly intrusive, and thus we can not load a direct port of the publicly available Proofs-of-Concept onto our internet scanning infrastructure.

As communicated in January, Bitsight will conduct a ratings algorithm update (RAU) on July 10, 2024, as part of our ongoing efforts to optimize our methodology to provide the best external indicator of the performance of cybersecurity controls. Today, we’re excited to announce that our 2024 RAU is available to preview in the Bitsight applications.

The role of the Chief Information Security Officer (CISO) or Security Leader has undergone a transformation as profound as the threats we face. Between new regulations such as SEC, NIS2, and DORA, the explosion of generative AI, and the rapidly expanding attack surface, the burden is now on cybersecurity leaders to not only protect the organization but build confidence with customers, regulators, board members, and other stakeholders. The key to building trust? Storytelling.

In light of the SEC's cybersecurity disclosure regulations in the US and NIS2 in Europe, corporate executives and institutional investors are facing a pressing need to align their expectations and improve understanding around cybersecurity risk management. The evolving threat landscape and regulatory environment highlight the importance of cohesive strategies to measure, prioritize, mitigate, and communicate cyber risks effectively.

Digital transformation initiatives and the adoption of cloud, mobile, and remote work models have eviscerated the traditional security perimeter. Enterprise assets are distributed across the cloud, endpoints, mobile, and personally owned devices and expanded the attack surface in the process. Organizations are increasingly vulnerable to attack via unknown and unmanaged Internet-facing assets.

The role of the Chief Information Security Officer (CISO) has undergone a transformation as profound as the threats we face. Between new regulations such as SEC, NIS2, and DORA, the explosion of generative AI, and the rapidly expanding attack surface, the burden is now on cybersecurity leaders to not only protect the organization but build confidence with customers, regulators, board members, and other stakeholders. The key to building trust? Storytelling.

In recent years, there's only been a handful of data breaches within public companies that could be considered financially "material." These breaches include those often pointed to as examples in cybersecurity presentations: the 2013 Target breach, the 2017 Equifax breach, the 2019 Capital One breach, and most recently, the Colonial Pipeline incident.

In the last few years, boards have rushed to incorporate Cyber Risk into the Board’s overall risk management duty, without really knowing how effective those efforts have been. For the first time ever, Diligent and Bitsight have partnered to see just how well the effort at the board level is translating into reducing Cyber Risk for their company.

Bitsight's leading analytics and workflows allow Nomura Asset Management to effectively reduce cyber risk across credit portfolios through targeted engagement. The increasing frequency and complexity of cyber attacks makes one thing clear - cyber risk is inextricably linked to business performance. This has prompted investors to prioritize cyber risk assessments within their portfolios.