Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Slicing through CISA’s KEV Catalog
Slicing through CISA’s KEV Catalog
Dive into the critical insights of CISA's Known Exploited Vulnerabilities (KEV) Catalog with Bitsight’s latest blog! Discover how KEVs, which signal urgent cybersecurity risks, are being tracked and mitigated across industries. Learn why addressing these vulnerabilities quickly is vital and how it impacts organizational security.
The vendor due diligence checklist to steer your procurement decision-making in 5 simple steps. First step: always collect the 7 basic business details.
The SEC's new cybersecurity rules for public companies are now in effect. Don't wait - take action now to ensure your company is compliant and protected from cyberattacks.
Explore the importance of long-term planning, unified solutions, and innovation in third-party cyber risk management.
What exactly is a “material” cybersecurity incident as defined in the latest SEC cybersecurity disclosure requirements? Let's find out.
Bitsight has identified nearly 100,000 exposed industrial control systems (ICS) potentially allowing an attacker to access and control physical infrastructure.
Open port vulnerabilities can increase cyber risk exposure. Learn what they are and how you can quickly find and fix them.
Discover how automation can supercharge your Third-Party Risk Management program, saving you time and resources to enhance your security posture.
Bitsight dissects SmokeLoader's plugins received by an infected computer from the botnet "0020". We explore their inner workings, capabilities, and threat vectors.
5 strategies to reduce attack surface exposure with Bitsight, an Overall Leader in the 2023 KuppingerCole Analyst AG Leadership Compass for attack surface management.
A new partnership with UP Education Network, a nonprofit school success organization to significantly improve formerly struggling Massachusetts schools.
Failing to update your software doesn’t just mean you’re missing out on the latest version—it means you could expose your organization to major security vulnerabilities, like the widespread Apache Log4j2 vulnerability.
Discover the methodology, at a technical level, the Bitsight Security Research team used to evaluate the three critical vulnerabilities affecting MOVEit Transfer.
Discover how consolidating your cybersecurity efforts not only saves costs but also enhances your organization's security posture—and that of your vendor ecosystem.
In 2023, the SEC adopted new cybersecurity disclosure requirements. Learn how shareholders can leverage cybersecurity information for investment decisions and more.
Every organization handles security differently, based on their needs and internal structure — but in some mid-sized and large companies, both the chief information officer (CIO) and the chief information security officer (CISO) are involved.