Risk Management

Optimizing Returns from Your Cyber Risk Program

Jan 12, 2024 By BitSight In BitSight

In today’s economic environment, nearly every department in every organization across the globe is being challenged to do more with less. Meanwhile, digital footprints continue to grow and sprawl and cyber attackers look to take advantage of vulnerable infrastructure. Organizations need to assess how they can be more resourceful as they look to maintain a best-in-class cyber risk program and continue to meet business expectations.

View Video

BitSight

Read more about Optimizing Returns from Your Cyber Risk Program

Unlock the Power of Attack Surface Management with Insights from a KuppingerCole Analyst

Jan 12, 2024 By BitSight In BitSight

Join Vanessa Jankowski, SVP of Third Party Risk Management, and Greg Keshian, SVP of Security Performance Management, as they explore key findings from the 2023 KuppingerCole Leadership Compass Report for Attack Surface Management with John Tolbert, Director of Cybersecurity at KuppingerCole Analysts. In today's interconnected digital landscape, managing your exposure strategy for your infrastructure and your supply chain is paramount. They discuss strategies to fortify cybersecurity defenses and minimize risks.

View Video

BitSight

Read more about Unlock the Power of Attack Surface Management with Insights from a KuppingerCole Analyst

The Security Performance Management Evolution: Interview with Bitsight's Greg Kesen & Dark Reading

Jan 12, 2024 By BitSight In BitSight

In this Dark Reading News Desk segment, Bitsight's Gregory Keshian discusses external attack surface management and security performance management. Greg reviews how the emerging discipline of security performance management (SPM) can better secure a company's attack surface. He offers guidance for how to mitigate problems and enumerates the major catalysts affecting attack surfaces, and how governance frameworks can be incorporated to ensure organizational compliance with state and federal laws.

View Video

BitSight

Read more about The Security Performance Management Evolution: Interview with Bitsight's Greg Kesen & Dark Reading

CRQ Journey Part 3: Communicable, Calibrated, Granular Results

Jan 11, 2024 By Kovrr In Kovrr

My journey to finding Kovrr had been packed with headaches and puzzles that many CISOs still face today. Within a few short years of being the CISO at Avid, a content-creation software provider, I managed to implement tighter security controls and develop a framework that enabled objective progress measurement. ‍ However, I constantly faced an impasse when attempting to communicate these achievements with the board.

Read Post

Kovrr

Read more about CRQ Journey Part 3: Communicable, Calibrated, Granular Results

Shadow IT: Managing Hidden Risk Across Your Expanding Attack Surface

Jan 11, 2024 By Sabrina Pagnotta In BitSight

One study found that 65% of SaaS applications in use are unsanctioned. And 59% of IT professionals find SaaS sprawl challenging to manage. In other words, shadow IT risks are growing—but that’s just the tip of the iceberg when it comes to hidden risks across today’s expanding attack surface. Missed software patches, outdated certificates, and stealth malware are some examples. Many security teams still struggle to keep their networks safe from ever-growing digital supply chains.

Read Post

BitSight

Read more about Shadow IT: Managing Hidden Risk Across Your Expanding Attack Surface

Understanding Data Lineage and Data Provenance

Jan 11, 2024 By Charrah Hardamon In Riscosity

Data lineage and data provenance are related terms, but different. Lineage focuses on the origins and movements of data over time, while provenance focuses on the transformations and derivations of data from original sources. Provenance helps teams to follow the source of data and verify its authenticity, surfacing any potential risks or vulnerabilities. In other words, lineage is more about “where” data travels, and provenance is more about the “what” of data history.

Read Post

Riscosity

Read more about Understanding Data Lineage and Data Provenance

Unpacking New SEC Cyber Regulations with Industry Experts

Jan 11, 2024 By BitSight In BitSight

Learn how experts think about the recent SEC cyber regulations with this short spotlight. Gain perspective on the impact for public company CISOs and their security programs, how leaders think about objective metrics as a part of disclosure, and the opportunity ahead.

View Video

BitSight

Read more about Unpacking New SEC Cyber Regulations with Industry Experts

Threat Intelligence Research

Jan 11, 2024 By SecurityScorecard In SecurityScorecard

As part of our effort to make the world safer, SecurityScorecard has been tracking threat actor groups conducting cyberattacks on behalf of nation states.

Read Post

SecurityScorecard

Read more about Threat Intelligence Research

How to Adapt Vulnerability Management Service Level Agreements (SLAs) to Team Maturity

Jan 11, 2024 By Scott Kuffer In Nucleus

In working with customers across different enterprises and experiencing it myself, the challenges in managing vulnerabilities effectively are felt. Drawing from the insights of customers and my experiences, I’ve learned much about using Service Level Agreements (SLAs) in the vulnerability remediation process.

Read Post

Nucleus

Read more about How to Adapt Vulnerability Management Service Level Agreements (SLAs) to Team Maturity

ShadowIT, Hidden Risk, and the insights that drive action to reduce exposure

Jan 10, 2024 By Vanessa Jankowski In BitSight

The annual doctor wellness check always interests me. It’s generally the same routine every year: The doctor and I exchange pleasantries. She asks about any noticeable health changes while looking in my ears with that cool little penlight. If I’m lucky, she uses the mini-hammer to see how high my leg kicks after a gentle knee tap (I just love that for some reason). But it’s all a bit of a show, isn’t it?

Read Post