A recent study found that financially material cyber attacks are increasing in frequency and that the top 5% of such attacks lead to an average $52M in losses. As these types of cyber attacks become more frequent and more severe, it has become increasingly critical for risk managers outside of enterprise security functions —such as compliance and credit officers—to consider cybersecurity risk in their assessment of customers, suppliers and investments.

Today we are announcing updates to the Bitsight ratings algorithm. Bitsight is committed to creating the most meaningful, trustworthy, and actionable security ratings and analytics in the marketplace. As part of this commitment, we periodically make updates to our ratings algorithm based on new data observations and capabilities, internal and external research, and market feedback. For this year’s update, we have made several adjustments, including modifying the weights of several risk vectors.

The financial services industry is undergoing a sea change in how it does business. Today their customers expect 24×7 access, self-service convenience, apps that eliminate the need to visit brick-and-mortar locations, and always-available customer service accessed via phone, email, and the internet. Making things even more challenging, financial sector leaders are embracing cloud technologies to save costs, support real-time analysis, and offer more personalized customer experiences.

Running a business is full of surprises. Unexpected events can pop up at any time, potentially leading to the derailment of your organization’s goals. If everything suddenly went haywire, would you and your team know what to do in the heat of the moment? That’s precisely why having a robust risk management program is crucial, and it all starts with a risk register – a tool used to identify and mitigate potential problems.

Data is one of an organizations’ most valuable assets, and confidential data must always be protected. Unfortunately, data is also a “slippery” asset – meaning, it ends up in places it shouldn’t be. Criminals pursue it, employees mishandle it, or data “leaks” beyond your enterprise through some other means. To mitigate this risk, organizations turn to data leak detection software as a tool to protect their data.

Unless you’ve been living under a rock, you’ve probably heard of the Silicon Valley Bank (SVB) collapse on March 10, 2023. For several days afterward, you couldn’t watch an hour of news coverage without hearing something about SVB, sending financial markets in the United States into a full-on panic and triggering a heightened sense of fear about a global financial system collapse.

The cybersecurity threat landscape is rapidly evolving as cloud computing, the Internet of Things (IoT), mobile devices, and remote work become more widely adopted. As a result, Security Operations Center (SOC) teams are increasingly overwhelmed. In addition to responding to cyber threats, teams must continuously identify emerging vulnerabilities and move quickly to apply and test patches and updates. A failure to do so significantly increases cyber risk. Consider the statistics.

In response to the growing number of cyber incidents, policymakers and regulators around the world are creating new cybersecurity requirements for companies to comply with, including mandates to disclose cyber risks and incidents. For example, new cyber risk disclosure requirements from the U.S. Securities and Exchange Commission (SEC) are anticipated to be adopted in 2023 and would have a major impact on corporate cybersecurity initiatives.

IT professionals use many tools to streamline cybersecurity tasks, including network security monitoring, penetration testing, network intrusion detection, and encryption. This not only reduces the risk of common security breaches and cyber attacks; it also protects your business’s sensitive and private data from the prying eyes of attackers. That said, not all IT security tools are equal. Some security solutions do a great job of protecting your systems and networks from malicious activities.

The Office of the Comptroller of the Currency (OCC) has outlined its third-party risk management requirements for United States national banks and federal savings associations in the OCC Bulletin 2013-29. These risk management standards don't only apply to third-party vendor relationships; the OCC expects all banks to follow best third-party risk management practices, whether activities occur internally or through service providers.