Read about the latest cybersecurity news and get advice on third-party vendor risk management, reporting cybersecurity to the Board, managing cyber risks, benchmarking security performance, and more.
Insights blog.
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems
Bitsight TRACE explores several critical vulnerabilities discovered in ATG systems and their inherent risk when exposed to the Internet.
METI announced its intention to implement a cybersecurity rating system for companies by fiscal year 2025. Here are the key aspects of the planned system.
We cover investments that Bitsight is making to greatly scale out our vulnerability coverage in record time through automation.
We will focus on understanding a very specific NIS2 requirement: Coordinated Risk Assessments. Let’s explore what that means.
Many organizations view parked domains as dormant, low-risk, and not worth the investment in robust security measures. This is a misconception. Here's why.
Much of your daily life depends on Industrial Control Systems(ICSs). We’ll cover ICSs unique characteristics and some of the challenges in applying IT security practices or technology to them.
Read this blog to discover how tackling technical debt can transform your cybersecurity strategy, boost efficiency, and ensure compliance.
Before Crowdstrike caused the world to melt down for a few days, the talk of the security town was a recent OpenSSH vulnerability. Let's revisit CVE-2024-6387.
Trust Management Hub gives GRC teams a centralized & scalable way to manage & share critical security questionnaires and documentation.
Bitsight's analysis of the CrowdStrike outage and timeline mysteries.
Organizations today aren’t single entities—they are interconnected networks of third parties. And while third party relations are critical for success in most businesses, they also leave data more vulnerable to exposure from bad actors. Because of this, vendor risk management (VRM) is becoming an even more important business practice.
This post will focus on recent developments in Bitsight Groma.
If you operate in specific sectors, cybersecurity maturity is more than a best practice, it’s a regulatory requirement. These regulations are complex and constantly changing. To help you better understand your organization's regulatory environment and the standards and controls they stipulate, let's break down key cyber compliance regulations by industry.
We’re closely analyzing the cause of–and response to–the CrowdStrike global incident to better understand how organizations can understand and mitigate risk.
The cybersecurity controls used to manage an organization’s cybersecurity program in previous years will not work against bad actors targeting networks today. Organizations rely more on cloud computing technology, connecting their sensitive data to more third party networks and in turn expanding their attack surface.
Curious about software vulnerabilities and their fixes? Check out my latest blog on KEV exposures and common weaknesses for surprising insights!