BITSIGHT SECURITY RATINGS BLOG

Boards are increasingly looking at cybersecurity as a crucial part of the business. The problem is, the board doesn’t always know what to look for or how cybersecurity impacts the business. What the board really wants to hear in the next...

One of the more challenging aspects of third party risk management is effectively communicating risk. Often the risks posed by vendors are highly technical, and it can be tempting to simply put together a slide or list to review with...

Between difficulty communicating with boards and executives, decreasing budgets, and difficulty measuring how exactly risk was being reduced, security leaders are under pressure to change the way they do things. The situation for security...

It’s easy to forget that cybersecurity teams were facing significant headwinds going into 2020. After years of ever expanding budgets, new tech and new tools, a string of public breaches (in spite of the growing spend), hard questions from...

In the cybersecurity industry we deal with news of breaches or potential threats nearly every day, but when you really think about it, it’s bizarrely rare how little these events impact our everyday lives. Yes, they impact the professional...

As digital transformation picks up pace, companies are working with more vendors than ever. According to Gartner, 60% of organizations now work with more than 1,000 third-party vendors — including partners, sub-contractors, and suppliers.

As companies continue to try and manage the massive changes to work driven by COVID-19, security teams have faced immense pressure to rise to the challenge and keep companies secure. In the face of the large scale shift to work from home, ...

Today’s businesses can’t succeed on their own, which is why they turn to third parties to grow and stay competitive. However, these partnerships can introduce unwanted cyber risk.

Given the recent security breaches and reported hacking attempts, it is increasingly important for companies to have a handle on their most sensitive data. Sensitive data can include employees’ personal information, customer information,...