Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cybersecurity and Proxy Season: What Business Executives and Risk Leaders Need to Know

If you’re a business executive or a risk leader, you’re likely familiar with “proxy season,” the time of year when public companies hold their annual general meetings. During these meetings, investors have the opportunity to vote on important issues such as the election of board members and executive compensation.

Addressing Third-Party Risk in 2024: Insights Inspired by Bitsight-Google Study

Third-party risk is everywhere and the cybersecurity posture of those third parties is more important now than ever before. With organizations using 130 SaaS solutions on average, onboarding the “wrong” vendor — one that doesn’t share the same cyber practices or hygiene as you do, or that sharing sensitive data with would be cause for concern — could land an organization in hot water.

Building a Shadow IT Policy: What CEOs, CTOs, and CISOs Need to Know

The problem with shadow IT isn’t really the need for new tools, it’s the fact that people use them without IT security teams knowing. This usually happens because they perceive security policies as restrictive and antagonistic toward their productivity. In this way, Shadow IT is a process issue—not a software issue. Hidden risk is increasingly challenging cybersecurity leaders as digital supply chains grow and more apps are added to the network.

Cyber Exposure Management Meets the New SEC Reporting Requirements

The recent SEC breach disclosure rules place enormous pressure on CISOs. The new SEC disclosure requirements for public companies require companies to report annually on their cybersecurity risk management and governance efforts and publicly announce cybersecurity incidents that prove "material." Determining materiality may be one of organizations' most prominent challenges with the new rules. What exactly is a material cybersecurity incident?

The Security Performance Management Evolution: Interview with Bitsight's Greg Kesen & Dark Reading

In this Dark Reading News Desk segment, Bitsight's Gregory Keshian discusses external attack surface management and security performance management. Greg reviews how the emerging discipline of security performance management (SPM) can better secure a company's attack surface. He offers guidance for how to mitigate problems and enumerates the major catalysts affecting attack surfaces, and how governance frameworks can be incorporated to ensure organizational compliance with state and federal laws.

Identifying Blind Spots Through External Attack Surface Management

Did you know that 69% of organizations have experienced some type of cyber attack in which the attack itself started through the exploit of an unknown, unmanaged, or poorly managed internet-facing asset? Understanding the scope of your organization’s external attack surface is essential. You need to continuously manage your digital footprint to know where risks exist and how to prioritize vulnerable areas. Gain visibility into what an attacker sees and take informed action to reduce exposure and empower your organization’s growth and success.

Optimizing Returns from Your Cyber Risk Program

In today’s economic environment, nearly every department in every organization across the globe is being challenged to do more with less. Meanwhile, digital footprints continue to grow and sprawl and cyber attackers look to take advantage of vulnerable infrastructure. Organizations need to assess how they can be more resourceful as they look to maintain a best-in-class cyber risk program and continue to meet business expectations.