In this blog post, we will share our current understanding of the User Personas involved with Ricosity today. Job titles and responsibilities may vary, but the following User Personas are a reflection of the average users we meet who hold these roles at their organizations.

‍Cyber security governance, risk, and compliance (GRC) programs are often viewed as cumbersome - a necessary yet costly component of doing business, providing very little value to the organization in terms of strategic impact. This narrow perception, unfortunately, limits the plethora of opportunities that a robust cyber security GRC framework would otherwise unlock.

A few months ago I received a call from my Grandma. She was concerned about having received a notification that she had been part of a data breach and wasn’t sure what to do about it. She had many seemingly basic, but good questions; What’s PII? I use the app on my iPad, is it safe to log into other applications like my bank? Is it safe to use my account? How do I know when it’s safe?

Open Source Intelligence (OSINT) is the backbone of modern cybersecurity investigations, helping analysts and law enforcement uncover threats, assess risks, and gather intelligence from publicly available sources. In this guide, we break down everything you need to know about OSINT, from key frameworks and tools to how it's used in cybersecurity.

For many security professionals, managing asset visibility feels like an endless game of whack-a-mole. They are stuck in what experts call the “swivel chair approach”—constantly pivoting between multiple dashboards, spreadsheets, and security tools to manually stitch together an understanding of their risk landscape.

Efficient cyber threat detection is the cornerstone of an effective cybersecurity program. This post ranks the top eight cyber threat detection tools dominating the cybersecurity solution market in 2025.

As AI becomes an increasingly critical component in the digital supply chain, tech buyers are struggling to appropriately measure and manage their AI risk. Keeping tabs on emerging risk from the AI technology they use is hard enough. But often the most crucial AI business functions that organizations depend upon aren’t directly under their control or care, but instead are governed by the tech vendors that embed them into their underlying software.

Traditionally, data security focused on protecting data at rest within the confines of your on-premise data center. The cloud era has blurred these lines. Data now flows through complex pipelines, often traversing multiple services and third-party vendors. This expanded data perimeter creates new vulnerabilities: It’s crucial to ensure that the data loaded into warehouses and analytics tools is scanned for sensitive information and redacted or redirected accordingly.

Advocating for a larger budget is a common need for most security professionals. With so many business obligations fighting for priority and funding, even vital concerns like Vendor Risk Management can fall through the cracks. However, third-party cyber risks can devastate businesses in the blink of an eye—meaning maintaining a proper third-party risk management program should be at the top of your priority list.

Successful AI integration begins with clearly defined business objectives. Avoid chasing the latest AI trend and instead focus on how AI can directly address your organization's key challenges and opportunities. Consider these questions.

Industrial control systems (ICS) and SCADA (Supervisory Control and Data Acquisition) environments were never designed to be exposed to the internet. Yet, as manufacturing enterprises embrace digital transformation, they find themselves in a challenging position—balancing operational efficiency with cybersecurity risk.

DeepSeek’s rapid ascent in the AI space has made it impossible to ignore. Its sophisticated models and AI assistant have captured global attention. And, while headlines focus on DeepSeek’s capabilities, STRIKE research exposes critical security flaws, hidden data flows, and unanswered questions about who has access to the data and why.

The explosion of AI has led to the creation of tools that make it more accessible, leading to more adoption and more numerous, less sophisticated users. As with cloud computing, that pattern of growth leads to misconfigurations and, ultimately, leaks. One vector for AI leakage is exposed Ollama APIs that allow access to running AI models. Those exposed APIs create potential information security problems for the models’ owners.

Region: European Union (Global impact for companies handling EU residents' data) Scope: Data privacy, security, and governance The GDPR sets the gold standard for data protection, demanding comprehensive compliance across a spectrum of activities. Organizations must ensure lawful data processing, gain explicit consent, enable data portability, and implement measures like data protection by design and default.

The question of ownership is one of the biggest reasons vulnerabilities persist in organizations far longer than they should. Who owns vulnerabilities? This isn’t just a theoretical debate—it’s a critical operational issue. Modern scanning solutions excel at identifying and prioritizing vulnerabilities, but without clear ownership, those vulnerabilities often linger unaddressed or improperly documented, increasing an organization’s risk exposure.

‍As digital threats grow more sophisticated and cyber regulations expand in scope, business stakeholders are beginning to recognize the need to learn more about cybersecurity and how it impacts organizational performance. With this recognition comes the elevation of chief information security officers (CISOs) into the boardroom, tasked with explaining these cyber intricacies and offering strategies that can help safeguard operational resilience and drive long-term growth.

The recent rapid adoption of the AI application “DeepSeek” has gained significant global attention. Becoming the app on both the Apple Store and Google Play Store within its first few days, seeing over 10 million downloads. While this explosive growth of DeepSeek R1 highlights the public’s fascination with AI-driven tools, the security community and policymakers have been less enthusiastic.

With increased reliance on the cloud and data being today’s digital currency, cybercrime has become a pervasive threat that impacts individuals, businesses, and governments alike. Understanding the various types of cybercrime is essential for developing effective strategies to protect against these malicious activities.

This article explores the recommended infrastructure for AI workloads, strategies to optimize performance on less expensive servers, and trade-offs in terms of cost and results. We’ll also provide examples of AWS EC2 instance types and pricing to illustrate practical options.

This article provides details on how Bitsight TRACE addressed CVE-2024-23897, an arbitrary file read vulnerability that affects Jenkins, a well-known open-source automation server. It includes technical details, common pitfalls, and decisions made since the CVE disclosure until now. The investigation of CVE-2024-23897 is an example of how we can obtain the target instance version but not solely rely on it to classify an instance as vulnerable. First, we go deep to understand the vulnerability.

In today’s flexible and fast-paced digital environment, email still remains the backbone of communication for many organizations. Employee email accounts are chock-full of sensitive information from intellectual property to customer data, which makes securing email servers crucial. Data leakage and unauthorized access not only disrupt operations and cost time and money to fix, but they can also damage an organization’s reputation.

A little over a year ago, the US SEC’s rules on cybersecurity incident disclosures were enacted, mandating that all publicly traded companies report material cyber events within four days after they had been determined as such unless exempted for national security or safety reasons. The rationale behind these rulings was that they would provide investors and relevant stakeholders with the information necessary to make more informed decisions, thereby leading to more realistically priced options.

Riscosity’s premier capability to automatically act upon any data type that organizations’ products are sharing with 3rd party vendors has been enhanced even further to support SFTP traffic. Now, any data type going over SFTP to any 3rd party vendor can be automatically blocked, redacted, or notified about.