BITSIGHT SECURITY RATINGS BLOG

The financial services sector is one of the highest performing in terms of cybersecurity. One factor that contributes to this performance is regulation. Laws such as FFIEC IT, the Gramm-Leach-Bliley Act, NYDFS, GDPR, and SOC2 have placed...

Credit unions must be on high alert for cyberattacks. That’s according to a recent warning issued by the National Credit Union Administration (NCUA), who cautioned the industry of potential avenues of attack, including ransomware and...

For obvious reasons, the financial services industry has had the unfortunate distinction of being one of the largest high value targets for threat actors. Research shows that financial services businesses experience 300 more cyber attacks...

In November 2019, the Federal Financial Institutions Examination Council (FFIEC) released an update to the Information Technology Examination Handbook (IT Handbook). This handbook is a guide for examiners at its member agencies, which...

Cyber risk and regulatory compliance are two sides of the same coin in the Financial Services sector. Together, they spur Financial Services companies to take action to protect customers, their business and the global financial ecosystem...

The evolution of the technology environment and related security threats is so fast paced it often seems businesses and regulators are playing an endless game of catch-up.

The regulatory environment is evolving rapidly as national and international regulatory bodies attempt to keep pace with changing business models, technology infrastructure and continuously escalating cyberthreats. 

About 25 years ago, the evolution of the overall digital ecosystem necessitated the creation of the first CISO role. Now, 61% of companies have a CISO. 

Recently, BitSight and the Center for Financial Professionals (CeFPro) released a joint report that explores how financial services organizations are addressing challenges associated with third-party cyber risk management.