Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Corporate Cybersecurity Engagement - A Practical Guide for Investors

Bitsight's leading analytics and workflows allow Nomura Asset Management to effectively reduce cyber risk across credit portfolios through targeted engagement. The increasing frequency and complexity of cyber attacks makes one thing clear - cyber risk is inextricably linked to business performance. This has prompted investors to prioritize cyber risk assessments within their portfolios.

5 Steps to Creating an Incident Response Plan

No matter how robust your cyber defenses are, there is a high likelihood that your organization will experience a cybersecurity incident—either directly or as a result of a supply chain attack. Implementing a cybersecurity incident response plan can help you effectively address a cyber event, reduce disruptions to your business operations, and ensure compliance with regulations.

Why is the Exposure Management Market So Confusing? Wading Through the Acronyms

If there's one certainty in life for CISOs it is that when it is time to buy into a new or consolidating security technology niche, they're going to have to eat their fair share of alphabet soup. Tech analysts and marketers do love their acronyms after all. We've got our SIEMs, our SOCS, and our MFAs and MDRs to prove that one out.

Unveiling CPS 234 Challenges: Insights from APRA's Cyber Security Stocktake

Australia has seen several high profile cyber incidents in 2023 and has seen significant loss of customer data (Canva’s 139 million customers, Latitude’s 7.9 million customers HWL Ebsworth’s 65 government agencies, 2.5 million documents). According to the OAIC Notifiable Data Breaches Report: January to June 2023, the top 3 sectors in that period to report data breaches are Health Service Providers (65 notifications), Finance incl.

Tackling Shadow IT Head-On: Strategies for Cybersecurity Leaders

As cybersecurity leaders, we're all too familiar with the challenges posed by Shadow IT—a persistent thorn in the side of IT and security teams worldwide. And when high-profile supply chain attacks make headlines, the urgency to understand our reliance on third parties becomes all too real.

Hunting PrivateLoader: The malware behind InstallsKey PPI service

Since July 2022, Bitsight has been tracking PrivateLoader, the widespread malware downloader behind the Russian Pay-Per-Install (PPI) service called InstallsKey. At the time, this malware was powering the now decommissioned ruzki PPI service. Figure 1 presents a brief description of the service, which was found in their sales telegram channel. Fig. 1 - Service description on telegram channel profile (Russian and English).

Less Is More: Consolidating Your Third Party Risk Management Tools

Proudly serving over 3,000 enterprises globally, Bitsight works closely with risk leaders across industries to help them protect their businesses. CISOs and third-party risk professionals face pressing challenges, from regulations to efficiency to maintaining supply chain resilience—all calling for smarter, easier, and more integrated solutions.

5 Cyber Governance Tips for Board Members, Inspired by New Bitsight-Google Study

Cybersecurity has become a critical part of corporate governance, with board members increasingly held accountable for the digital safety of their organizations. Amid rising breach costs, new cybersecurity regulations like those from the U.S. Securities and Exchange Commission (SEC), and new studies finding widespread cybersecurity failures, the impact of board-level cyber governance decisions is significant.