Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

How cybersecurity's "5 Percent Rule" could help you avoid the next cyber attack

It’s not easy being a cybersecurity leader these days. Security vulnerabilities in software, hardware, and devices are rising in number and severity, bringing with them risk of ransomware, breach, and other dangerous cybersecurity incidents. The risks presented by vulnerabilities are rising fast: Here’s the important question: With cyber vulnerabilities rising and presenting increasingly serious risks, are organizations doing enough to fight back? The answer might surprise you.

Zero day remediation tips: Preparing for the next vulnerability

Businesses increasingly run on software, which, unbeknownst to its developers, can contain vulnerabilities that attackers often discover and exploit before a patch is available. This makes zero day attacks inevitable, but you can reduce their impact in your network and across your supply chain if you’re prepared to act fast.

A Mere Five Percent of Vulnerable Enterprises Fix Their Issues Every Month: How to Help Them Do Better?

Software vulnerabilities are one of the leading threats to an organization's cybersecurity posture, yet recent research from Bitsight reveals that enterprises affected by software vulnerabilities resolve them at a typical compound rate1 of only about 5% per month compounded continuously. However, there is evidence of much faster remediation for certain classes of vulnerabilities.

What is a cybersecurity report? Why are they necessary?

Waves of change are constantly disrupting companies of all sizes around the world, particularly when it comes to cybersecurity. Digital infrastructure keeps expanding, work models constantly change, and the web between businesses gets more and more intertwined. It’s no surprise that CISOs and risk leaders are evolving. A majority of boards now see cyber risk as business risk, so they’re asking hard questions around risk and exposure.

5 Things a Security Manager Should Check Every Morning

As a security manager, you have a wide variety of tasks you need to complete in order to protect your organization — as well as your employee and customer data. Of course, some of these responsibilities are performed on a quarterly or yearly basis, such as gathering information for audits or conducting annual assessments. But there are certain tasks that you should be completing daily in order to maintain the desired security posture and reduce cyber risk across your expanding attack surface.

New high-severity vulnerability (CVE-2023-29552) discovered in the Service Location Protocol (SLP)

Researchers from Bitsight and Curesec have jointly discovered a high-severity vulnerability — tracked as CVE-2023-29552 — in the Service Location Protocol (SLP), a legacy Internet protocol. Attackers exploiting this vulnerability could leverage vulnerable instances to launch massive Denial-of-Service (DoS) amplification attacks with a factor as high as 2200 times, potentially making it one of the largest amplification attacks ever reported.

5 Common Vulnerabilities Associated With Remote Access

After COVID, enterprise IT security got turned on its head. As the world adjusted to working from home, and continues to, IT teams worked overtime to enable remote access for millions of employees. This transition has gone smoothly for most organizations, but many security gaps still remain years later. The SolarWinds data breach is a worrying example. It shows how vulnerable organizations are to malicious activity in our changing risk environment.

Introducing Bitsight Third-Party Vulnerability Response

Bitsight Third-Party Vulnerability Response empowers organizations to take action on high priority incidents at a moments notice. Learn how to initiate vendor outreach and track responses to critical vulnerabilities through scalable templated questionnaires —with tailored exposure evidence— for more effective remediation. And grow and build trust across your ecosystem without worrying about expanded risk. Vulnerability Response not only facilitates communication with vendors but also allows you to track responses with more precision, coupling automated, bulk outreach with status updates and insights.

Bitsight - Cyber Risk Management as Visionary as You Are

Bitsight is a cyber risk management leader transforming how companies manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritize their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss. Built on over a decade of technological innovation, its integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis.