Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

bitsight

What to Expect with Bitsight's 2024 Ratings Algorithm Update

Apr 10, 2024 By Ariela Silberstein In BitSight
As communicated in January, Bitsight will conduct a ratings algorithm update (RAU) on July 10, 2024, as part of our ongoing efforts to optimize our methodology to provide the best external indicator of the performance of cybersecurity controls. Today, we’re excited to announce that our 2024 RAU is available to preview in the Bitsight applications.
Read Post
bitsight

Why the CISO & Security Leader Has Become the Chief Storytelling Officer

Apr 10, 2024 By Tim Grieveson In BitSight
The role of the Chief Information Security Officer (CISO) or Security Leader has undergone a transformation as profound as the threats we face. Between new regulations such as SEC, NIS2, and DORA, the explosion of generative AI, and the rapidly expanding attack surface, the burden is now on cybersecurity leaders to not only protect the organization but build confidence with customers, regulators, board members, and other stakeholders. The key to building trust? Storytelling.
Read Post
SecurityScorecard

SecurityScorecard Unveils the Industry's Most Predictive Cybersecurity Risk Ratings with Refined Scoring Algorithm

Apr 9, 2024 By SecurityScorecard In SecurityScorecard
Now more than ever, the specter of cyber threats looms large over organizations of all sizes and sectors. The consequences of a data breach stemming from just one vulnerability can be catastrophic, ranging from financial losses to irreparable reputational damage. As businesses strive to reinforce their defenses against these evolving threats, the need for a reliable and predictive cybersecurity risk assessment tool has never been greater.
Read Post
SecurityScorecard

How SecurityScorecard STRIKE Identifies Zero Days in the Wild

Apr 9, 2024 By SecurityScorecard In SecurityScorecard
SecurityScorecard STRIKE threat researchers discovered 12 zero-days in customer environments in the last year. Attacks are increasingly targeting third-party software. The zero-day vulnerability that emerged in Progress Software’s MOVEit Transfer product last year was a stark reminder of the real-world impact of such vulnerabilities. It wreaked havoc on businesses and governments worldwide, with cyber criminals exploiting it since May of 2023.
Read Post
kovrr

Material Incident Reporting Obstacles in SEC Cybersecurity Disclosures

Apr 9, 2024 By Kovrr In Kovrr
‍ Over the past few decades, cyber attackers have increasingly wreaked havoc on the market, taking advantage of newer, more sophisticated ways to exploit system vulnerabilities. However, in fear of losing competitive advantages, organizations had notoriously downplayed the impact of these attacks, misleading investors and resulting in stock prices that did not accurately represent the risk landscape. ‍
Read Post
upguard

Meeting Third-Party Risk Requirements of DORA in 2024

Apr 8, 2024 By Edward Kost In UpGuard
The deadline for achieving complaince with the Digital Operational Resilience Act (DORA) will be here before you know it, with enforcement beginning in January 2025. With Third-Party Risk Management being the central focus of the EU regulation, it’s imperative to cater your TPRM program to the DORA regulation to achieve sustainable compliance. In this post, we outline the DORA requirements related to third-party risk management and explain how to comply with them.
Read Post
bitsight

How exposure management can help CISOs benchmark their security posture against industry peers--and why that's important

Apr 8, 2024 By Jai Vijayan In BitSight
Digital transformation initiatives and the adoption of cloud, mobile, and remote work models have eviscerated the traditional security perimeter. Enterprise assets are distributed across the cloud, endpoints, mobile, and personally owned devices and expanded the attack surface in the process. Organizations are increasingly vulnerable to attack via unknown and unmanaged Internet-facing assets.
Read Post

Perspective-Driven Probability: Simplifying Risk Assessment with FAIR Methodology

Apr 8, 2024 By Razorthorn In Razorthorn
Explore the nuanced nature of probability and risk assessment in this insightful video. Join us as we navigate the diverse perspectives that shape individual interpretations of what's probable. Discover how the FAIR (Factor Analysis of Information Risk) methodology provides a structured approach to understanding and communicating risk, making it accessible not only to the creator but to a wider audience. Gain insights into the challenges of assigning probabilities to uncertain events with limited data, and learn how FAIR methodology offers clarity in the face of uncertainty.
View Video
upguard

Third-Party Risk Management vs Vendor Risk Management

Apr 5, 2024 By Leah Sadoian In UpGuard
Organizational risk management often mentions third-party risk management (TPRM) and vendor risk management (VRM). The cybersecurity industry commonly uses these terms interchangeably, but there is a distinct difference between these two crucial components of an organization's broader risk management strategy.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.