Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

bitsight

What is a Cyber Security Audit vs. Assessment (And Which One You Need)

Jan 26, 2024 By Rachel Holmes In BitSight
In this article: If you're a security leader being asked to facilitate a cybersecurity audit, or if you are a member of the board requesting one, you must understand the difference between a cybersecurity audit and a cybersecurity assessment. Despite sounding the same, both provide you with different types of information - and that might have a significant impact on your organization’s security posture. In this blog, we provide a quick introduction to a cybersecurity audit vs.
Read Post
bitsight

How to Detect Shadow IT and Hidden Risk in Your Organization

Jan 25, 2024 By BitSight In BitSight
In today's fast-paced business environment, the ever-evolving landscape of technology empowers employees with unprecedented flexibility and agility. While this fosters innovation and productivity, it also presents a lurking challenge—Shadow IT. This term encapsulates the use of unauthorized software, applications, or devices within an organization, posing substantial cybersecurity risks and operational hurdles.
Read Post
bitsight

Cybersecurity and Proxy Season: What Business Executives and Risk Leaders Need to Know

Jan 24, 2024 By Nicole Matusek In BitSight
If you’re a business executive or a risk leader, you’re likely familiar with “proxy season,” the time of year when public companies hold their annual general meetings. During these meetings, investors have the opportunity to vote on important issues such as the election of board members and executive compensation.
Read Post
bitsight

Addressing Third-Party Risk in 2024: Insights Inspired by Bitsight-Google Study

Jan 23, 2024 By Noah Stone In BitSight
Third-party risk is everywhere and the cybersecurity posture of those third parties is more important now than ever before. With organizations using 130 SaaS solutions on average, onboarding the “wrong” vendor — one that doesn’t share the same cyber practices or hygiene as you do, or that sharing sensitive data with would be cause for concern — could land an organization in hot water.
Read Post
bitsight

Building a Shadow IT Policy: What CEOs, CTOs, and CISOs Need to Know

Jan 16, 2024 By Sabrina Pagnotta In BitSight
The problem with shadow IT isn’t really the need for new tools, it’s the fact that people use them without IT security teams knowing. This usually happens because they perceive security policies as restrictive and antagonistic toward their productivity. In this way, Shadow IT is a process issue—not a software issue. Hidden risk is increasingly challenging cybersecurity leaders as digital supply chains grow and more apps are added to the network.
Read Post
bitsight

Cyber Exposure Management Meets the New SEC Reporting Requirements

Jan 15, 2024 By George V. Hulme In BitSight
The recent SEC breach disclosure rules place enormous pressure on CISOs. The new SEC disclosure requirements for public companies require companies to report annually on their cybersecurity risk management and governance efforts and publicly announce cybersecurity incidents that prove "material." Determining materiality may be one of organizations' most prominent challenges with the new rules. What exactly is a material cybersecurity incident?
Read Post

Optimizing Returns from Your Cyber Risk Program

Jan 12, 2024 By BitSight In BitSight
In today’s economic environment, nearly every department in every organization across the globe is being challenged to do more with less. Meanwhile, digital footprints continue to grow and sprawl and cyber attackers look to take advantage of vulnerable infrastructure. Organizations need to assess how they can be more resourceful as they look to maintain a best-in-class cyber risk program and continue to meet business expectations.
View Video

Unlock the Power of Attack Surface Management with Insights from a KuppingerCole Analyst

Jan 12, 2024 By BitSight In BitSight
Join Vanessa Jankowski, SVP of Third Party Risk Management, and Greg Keshian, SVP of Security Performance Management, as they explore key findings from the 2023 KuppingerCole Leadership Compass Report for Attack Surface Management with John Tolbert, Director of Cybersecurity at KuppingerCole Analysts. In today's interconnected digital landscape, managing your exposure strategy for your infrastructure and your supply chain is paramount. They discuss strategies to fortify cybersecurity defenses and minimize risks.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.