Today, I am thrilled to announce the official closing of Bitsight’s acquisition of Cybersixgill, a leading provider of cyber threat intelligence solutions. This is not only a pivotal step in our long-term vision—it’s a reinforcement of our promise to help each and every one of our customers to make smarter, faster risk decisions. Bitsight was founded on the belief that cyber risk is not binary.

Imagine a former employee still being able to access your network or current employees wielding permissions far beyond their roles. Both scenarios sound risky, right? Excessive permissions aren’t just a minor oversight — they’re significant vulnerabilities that could lead to costly data breaches, regulatory penalties, and other problematic consequences.

Vulnerability identification is a key part of application security (AppSec). This process entails tracking and reporting the number of vulnerabilities found and fixed to give stakeholders clear insight into the organization’s security posture. However, identifying and monitoring vulnerabilities using traditional methods can make risk evaluation more difficult.

There’s an unfortunate truth about applications and access in the enterprise. Many applications are underutilized. This means patches and updates can fall down the to-do list of already-stretched IT service desks. Naturally, this increases the vulnerabilities – and opportunities for attackers. Risks are compounded when many users retain access they no longer need, especially when it’s access to the most critical and sensitive resources.

Malware, short for malicious software, refers to any software specifically designed to harm, exploit, or otherwise compromise a device, network, or user data. In today’s digital age, malware attacks have become a persistent threat, targeting individuals, businesses, and even governments.

The beauty of Tines pages is that you can interact with anyone at any point in the workflow, so why not make those pages more dynamic and even more interactive? All of you agreed, because our most requested capability is finally live! Today, you can set conditions to show, hide, or disable elements on a page based on the preceding elements. This makes the page more focused, only revealing relevant information to the individual.

Today, healthcare providers, insurers, and other HIPAA-covered entities are increasingly relying on websites to share information, engage with patients, and streamline operations. While websites offer numerous benefits, it’s crucial to understand the implications of online tracking technologies for the privacy and security of protected health information (PHI).

In a guest blog post, Trace3's Advisory CISO Michael Farnum introduces a new whitepaper from the team at Trace3 and Tines. In 25+ years of helping organizations build robust cybersecurity programs, I’ve seen firsthand how high the stakes are in the energy sector. As an energy sector professional, you’re likely facing increasing pressure to maintain operational efficiency while safeguarding against ever-evolving security threats.

I have spent many years, perhaps too many, working in the world of IT and information security. I can’t complain, I have to say, it has been rewarding. And I have noticed in recent years that there has been a considerable shift in how cybersecurity is perceived within organizations, with this function gaining greater importance and relevance. The personal influence of the CISO has been improving lately, both in terms of attitude and perception.

Alert fatigue is the process of burning out and losing sensitivity to security alerts caused by a deluge of security alerts. Security systems generate a constant flow of alerts in modern network environments, ranging from minor irregularities to severe threats. But not all these alerts are equal in importance, and many of them are false positive alerts or low-priority problems.