Blog

As a security professional navigating the new challenges 2020 is bringing to cybersecurity, it’s critical to understand the ways your organization’s data could be exposed. Sensitive data is critical, safeguarded information. Different information can be considered sensitive depending on the industry, but in general it can be anything your organization, your employees, your customers, or your third parties would expect to be private and protected. Below, we’ve outlined five examples of sensitive data your organization likely handles—and a few key ways to protect it from evolving cyber threats.

While all areas of risk management involve blind spots, supply chain risk management might be the murkiest. To be effective in this field, risk professionals must account for risks from a wide variety of sources, from bad password management to geopolitical upheaval. Supply chain risks can be difficult to detect, unpredictable, and fast-moving.

Phases 1-2 of Bitsight's Dynamic Remediation initiative are complete. Learn how rescanning is easier & see how your score updates after taking assets offline.

Digital relationships with third-party vendors increase opportunities for growth, but they also increase opportunities for cyberattacks — a recent study found that 61% of U.S. companies said they have experienced a data breach caused by one of their vendors or third parties (up 12% since 2016).

The 2025 Bitsight Rating Algorithm Update focuses on incorporating the Web Application Security (WAS) risk vector. Learn the research behind this change.

Vendor Risk Management is the practice of evaluating business partners, suppliers, or third-party vendors both before a business relationship is established and during the duration of your business contract. This is an important concept and practice to put in place during the evaluation of your vendors and the procurement process.

Compromised credentials fuel identity threats. Bitsight's Identity Intelligence monitors the dark web, alerts you fast, and enables rapid remediation.

AI tools like DALL-E & ChatGPT went mainstream in 2022, sparking creativity—and security concerns. Explore their impact & how threat actors may exploit them.

The NIS2 Directive marks a significant shift in how the EU is addressing cyber risks, reinforcing security requirements for organizations and their suppliers. But what does this mean for businesses operating in Europe?

Bitsight and Lokker have partnered together to bring the Cyber Insurance industry’s first unified data privacy risk and cybersecurity underwriting solution to market.

The 2025 Bitsight Ratings Algorithm Update will be ready for preview on April 8. Learn more about what changes to the Bitsight rating are coming in 2025.

The vendor due diligence checklist to steer your procurement decision-making in 5 simple steps. First step: always collect the 7 basic business details.

Your supply chain is bigger—and riskier—than you think. The Bitsight TRACE team uncovers the "Critical 99" and hidden vulnerabilities. Read the findings now.

Bitsight TRACE analyzes the March 10, 2025 DDoS attack on X, linking it to IoT botnets and misconfigurations. Dark Storm claims responsibility, but was it them?

Security risk managers often face a lot of the same roadblocks, even if they’re managing programs of different sizes or in different industries. Basing security practices on well-known, and sometimes government-regulated cybersecurity models will mature your program to overcome process inefficiencies.