As our 2024 Rating Algorithm Update (RAU) goes live on July 10, 2024, we wanted to share some research that validates this update and reinforces the importance of the RAU process. As we noted in our announcement blog, after RAU 2024, remediated Patching Cadence findings will impact the Bitsight Rating for 90 days after the last vulnerable observation instead of 300 days.

As Chief Information Security Officers (CISOs), it's crucial to manage risks in a holistic and consolidated manner as the landscape of threats, particularly those targeting applications, continues to evolve and expand. With the increasing reliance on digital technologies, artificial intelligence (AI), and cloud-based services, the attack surface for potential cyber threats is growing and changing.

The Personal Information Protection and Electronic Documents Act (PIPEDA) is a Canadian data privacy law that governs how private sector organizations collect, use, and disclose personal information when conducting commercial activities. By setting strict requirements for private businesses, PIPEDA ensures that individuals and customers have control over how their data is managed.

Remote work has become the new normal for many organizations worldwide. According to USA Today, approximately 14% of Americans now work from home, and around a third of all people who can work remotely choose to. Hybrid work is also increasing, with 41% of people splitting time between home and the office.

Identity and access management (IAM) plays a crucial role in security by helping to ensure that each user in the organization has access to only the data, systems, and other resources they need to do their job. This article explains the critical functionality of IAM solutions and how an IAM assessment can help you uncover essential risks to security, compliance, and business continuity. Then, it offers IAM best practices and guidance on choosing the right IAM solutions for your organization.

Starting today, Riscosity is available on AWS Marketplace, a digital catalog of software listings from independent software vendors that makes finding, testing, buying and deploying software that runs on Amazon Web Services (AWS) simple. This new partnership enables companies using AWS cloud services to easily purchase a Riscosity license directly from the marketplace, streamlining risk management and the deployment of Riscosity into their current security stack.

In late February of this year, Change Healthcare experienced a massive ransomware attack. The company, a subsidiary of United Healthcare, is the largest clearinghouse for insurance billing and payments in the U.S, processing 15 billion medical claims each year.

‍Determining and disclosing impactful events has been a longstanding practice for organizations operating within the US market. As early as 1933, with the Securities Act, publicly traded businesses were required to disclose “material information” regarding their security environment, allowing shareholders to make more informed investment decisions.