|
By Tim Jackson
While most security teams now have systematic processes in place for identifying vulnerabilities and responding to targeted threats, large-scale security incidents that affect many organizations globally are now an increasingly common occurrence. The Crowdstrike outage in July, while not specifically a security incident, demonstrated how targeted breaches or failures in our security infrastructure can have a ripple effect across entire industries and disrupt critical aspects of everyday life.
|
By Dave Casion
As a modern CTO, it should probably come as no big surprise that I’m an optimist on the innovative prospects of artificial intelligence (AI). But I’ve been in this career for a long time, and that optimism is tempered with experience. I’ve seen enough emerging technology patterns to know that it always takes a lot more time and resources than people think to evolve innovative technologies beyond their final barriers.
|
By Brandon Smith
As we discussed in the first article in this series, there are many Internet-exposed control systems, but they are very different from traditional IT systems and require a different security approach. With these systems being so critical and controlling processes that can potentially lead to loss of life if they fail, what is being done to tackle this issue? In this article I’ll dive into this and more, looking at.
|
By Viet Tran
Security reviews of third-party vendors are now an essential element of an effective governance, risk, and compliance (GRC) function. After all, there have been numerous examples in recent years of organizations with an otherwise strong security posture falling victim to threats that originated with supply chain partners. But whether you are on the sending or receiving end of a security review, completing the process can be time-consuming and inefficient.
|
By Chris Poulin
This is a continuation of the series on web application security. If you haven't already read through part 1, this is a good time to go back. If not, let's move on and answer the question left hanging during our last installment: how do browsers know which site set the cookies in the first place? And what constitutes the same site?
|
By André Tavares
In recent years, Telegram has emerged as a popular messaging platform among cybercriminals, driven by its combination of simplicity, security, and efficiency. Telegram's encrypted messaging capabilities, real-time communication, and the ability to send large data files make it an ideal platform for cybercriminal activities, making it an attractive alternative to traditional underground forums.
|
By Stephen Boyer
Organizational cyber risk is notoriously difficult to quantify. Determining the impact of investments made by cyber security teams to reduce it is even tougher.
|
By Chris Poulin
Writing reliable and user-friendly web applications takes significant knowledge, skill, and experience; writing secure web applications introduces a whole new level of complexity.
|
By Stephen Boyer
As in many companies around the world, Bitsight leadership believes that adoption and innovation through the use of artificial intelligence (AI) capabilities is crucial to the future of our company. From the top down, our employees are continually on the hunt for ways to leverage AI to improve business outcomes and customer productivity.
|
By BitSight
The speed at which vulnerabilities are detected and addressed can drastically impact an organization’s likelihood of suffering a security incident. Recently, Bitsight demonstrated how its investments in product fingerprinting and CVE mapping allowed it to identify and surface assets potentially impacted by a set of critical vulnerabilities in the CUPS printing system in under 24 hours.
|
By BitSight
It's again! And this week, we're spicing up Cybersecurity Awareness Month with a fresh take on software updates. Don’t let outdated tech be the mold on your kohlrabi recipe! Watch now & join us next week for more insights.
|
By BitSight
What do lemons and botnets have in common? You’ll have to watch to find out! Check out Ben Edwards in this week’s reel for a fresh take on cyber threats.
|
By BitSight
Are you aware of cybersecurity? Well, October means you should be—it’s Cybersecurity Awareness Month, and Ben Edwards from the Bitsight TRACE security research team is here to make sure of it! Watch Ben break it down in his first video, and tune in next week for more of his insights.
|
By BitSight
When was the last time you checked your blinker fluid? Keeping up with car maintenance is key—but so is understanding ICS security! Ben Edwards is back with another video, and this week he's breaking down vulnerable ATG systems. Don’t miss it! Join us as we continue leading the way to a secure world, one reel at a time.
|
By BitSight
Exposure management tooling can act as an excellent source of truth for cybersecurity leaders as they communicate risk up to the board level. The visibility and data streaming from exposure management solutions makes it easier for CISOs to track security performance over time, quantify improvements in security maturity levels, establish better financial quantification of cyber risk and ensure the organization's exposure levels match up with industry averages.
|
By BitSight
Learn about our Bitsight Professional Services and how they bring a consultative support to the areas that matter most to your organization.
|
By BitSight
Learn about our Continuous Monitoring Service offering where we help organizations manage their third-party ecosystem to prioritize critical vendors, work to collaborate with vendors on remediation plans and to monitor and report on vendor performance over time.
|
By BitSight
Learn about our Managed Assessment Service offering where we help organizations manage the entire risk assessment process from sending out questionnaires, to executing a control gap analysis on responses, to surfacing relevant findings.
|
By BitSight
Learn how Bitsight Professional Services help organizations manage third-party risk by helping with vendor assessment/validation, continuous monitoring of your vendors and effectively reporting on your program to executive level stakeholders.
|
By BitSight
Streamline Assessments, Monitor Vendors, and Validate Security Posture with Ease. No more manual workflows or toggling between tools—with Bitsight VRM, part of the industry’s first end-to-end third-party risk management solution, you can effortlessly navigate through risk assessments and continuous monitoring with just a flip of a switch. Discover a new level of clarity and efficiency with instant access to an ever-growing network of 40,000+ vendor profiles. Track onboarding and validate questionnaire responses with objective data to make informed decisions and expedite risk mitigation.
|
By BitSight
Cybersecurity ROI isn't about cost savings. It's about how your cybersecurity program helps you achieve your goals while managing risk to a level that your executive team is comfortable with. So if you shouldn't measure success in cost savings, how do you measure it? BitSight is providing five steps that help CISOs and executive teams evaluate their company's cybersecurity performance.
|
By BitSight
Are you overwhelmed by the intricacies of your attack surface? Concerned about the rising risk of vulnerabilities in your and your partners' digital ecosystems? New BitSight research finds that the average vulnerability remediation rate across organizations is about 5 percent per month, sparking concern that the status quo of exposure and vulnerability management is broken. Moreover, organizations face significant challenges in managing vulnerabilities in their extended, third-party ecosystem, and most security leaders do not have the tools to address these emerging threats.
|
By BitSight
Stop reacting to cyber risk as it comes. BitSight for Security Performance Management empowers security leaders to strengthen cyber resilience over time with objective, meaningful, and evidence-based metrics. Gain insights, drive decisions, and build confidence with our suite of advanced analytics.
|
By BitSight
Traditional vendor risk management programs are not effective at mitigating risk in ever-expanding third-party networks, and yet 69% of businesses still rely on manual processes. It's time to take your program to the next level. How can you centralize, automate, and streamline your process to manage hundreds of vendors as effectively as you manage ten? Scalable VRM continuously detects, monitors, and mitigates risk, going beyond due diligence and initial assessments to constantly reassess and proactively act on vendor risk.
- November 2024 (3)
- October 2024 (10)
- September 2024 (8)
- August 2024 (7)
- July 2024 (11)
- June 2024 (8)
- May 2024 (14)
- April 2024 (11)
- March 2024 (6)
- February 2024 (7)
- January 2024 (27)
- December 2023 (4)
- November 2023 (7)
- October 2023 (10)
- September 2023 (11)
- August 2023 (16)
- July 2023 (16)
- June 2023 (13)
- May 2023 (17)
- April 2023 (20)
- March 2023 (7)
- December 2022 (2)
- August 2022 (2)
- July 2022 (8)
Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Global enterprises, governments, and organizations rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss. When unrelenting market pressure pushes organizations to uncertainty and caution, they turn to Bitsight to confidently navigate cyber risk and grow with confidence.
Bitsight's universally recognized risk standard and market-leading data provides actionable insights into how companies set and manage to standards and report results to internal and external stakeholders. Built on over a decade of technological innovation, Bitsight's integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.
Bitsight is on a mission to free the global economy from the material impact of cyber incidents.