BITSIGHT SECURITY RATINGS BLOG

This post was originally published July 18, 2016 and has been updated for accuracy and comprehensiveness.

With the number of third parties connected to businesses increasing, risk and security teams need to ensure they are spending the right amount of attention on the right third parties. To do this, organizations need a clearly defined,...

For the last five years, BitSight Security Ratings have been helping companies gain insight into the efficacy of their security programs, as well as the security performance of third and fourth party vendors. Today, the BitSight Security...

On a Friday morning in October 2016, millions of people across North America attempted to visit popular websites including Spotify, Reddit, and the New York Times, only to find that they were inaccessible.

If you’ve done your homework as a cybersecurity professional, then you know that third-party vendors with substandard security controls and processes could be putting your organization at risk.

In a world where business is increasingly conducted on mobile devices, it is imperative that organizations offer mobile applications to serve their customer base. In fact, for many businesses, mobile applications are one of the primary...

With outsourcing continuing to rise, third party cyber risk management has become a pressing issue for organizations worldwide. Yet, many firms across the globe are approaching this challenge differently.

At a recent BitSight Roadshow, a customer with an advanced third party risk management program declared “assessments are not risk reduction.” The statement was not meant to convey that assessments are useless for third party risk; rather,...

The federal government relies on tens of thousands of contractors and subcontractors — often referred to as the federal “supply chain” — to provide critical services, hold or maintain sensitive data, deliver technology, and perform key...