@DXWorldExpo Authors: Yeshim Deniz, Pat Romanski, Liz McMillan, Zakia Bouachraoui, Carmen Gonzalez

News Feed Item

BitSight Technologies Launches Industry's First Information Security Risk Rating Service

New Platform Helps Prevent Third-Party Data Loss by Monitoring How Partner Networks Interact With the Outside World

CAMBRIDGE, MA -- (Marketwired) -- 09/10/13 -- BitSight Technologies, a startup that recently secured a $24M Series A funding round, today launched the first in a series of new cybersecurity offerings that deliver accurate and timely ratings on the information security effectiveness of organizations around the world. The ratings, which are based on externally visible network behavior, are generated daily to keep track of the continuously shifting nature of an organization's security state.

BitSight's new service offering -- the BitSight Partner SecurityRating -- provides objective and up-to-date ratings on the information security health of a company's partner ecosystem so it can better protect sensitive business and customer data shared with third-party vendors. The information security ratings, which range from 250 to 900, are similar to consumer credit scores, with higher ratings indicating better security postures.

According to a February 2013 Ponemon Institute survey, 65 percent of organizations transferring consumer data to third-party vendors reported a breach involving the loss or theft of their information. In addition, nearly half of organizations surveyed did not evaluate their partners before sharing sensitive data.

"Traditional approaches to measuring and mitigating partner security risk, including network security audits and assessments, have fallen short," said Stephen Boyer, co-founder and CTO of BitSight. "These methods fail to deliver an objective and simple way to understand the effectiveness of an organization's network security practices. BitSight Partner SecurityRating delivers a single, daily rating that encapsulates the information security integrity of any third-party network, allowing customers to make data-driven, risk-based decisions. "

How the BitSight Platform Works
Using online sensors placed at strategic points around the Internet, the BitSight platform collects and analyzes publicly available Internet traffic flowing to and from an organization. Suspicious behaviors, such as participation in a DDoS attempt or communication with a known botnet, are analyzed for severity, frequency, duration and confidence to create an overall rating of the organization's current security health. Ratings are derived entirely from the outside; no special disclosures are required and no intrusive testing is conducted on the rated company.

"BitSight's unique, data-driven approach to information security rating provides organizations with valuable insight to more confidently mitigate risk," said Charles J. Kolodgy, Research Vice President of Security Products for IDC. "On a broader scale, it should also help the industry reduce the overall number of third-party data breaches."

"Throughout my career, organizations have always wanted a better way to protect themselves against the weak links in computer networks that are not their own," said Shaun McConnon, CEO of BitSight. "BitSight tackles that problem in a unique and more effective way, ensuring that information sharing between partners is protected, yet remains open."

Currently, Fortune 1000 companies in the healthcare, financial services and retail industries use BitSight Partner SecurityRating to protect the sensitive data they share. Delivered as a SaaS offering, key features of the service include:

  • Up-to-Date Partner Ratings - BitSight processes and analyzes terabytes of data daily to rate thousands of organizations, including the world's most popular data and outsourced service providers in the hosting, storage, manufacturing, advertising, HR and legal sectors. New ratings are presented daily via the Customer Portal.
  • Timely Alerts - BitSight customers are alerted of significant changes to their partner ratings so they can quickly and proactively take steps to mitigate and prevent possible data breaches. In addition, BitSight delivers detailed information on individual risk vectors so that the sources of risk can be identified and shared with partners.
  • In-depth Analytics - BitSight provides customers with analytical tools that assess trends, compare individual ratings against industry benchmarks, and rank ratings within their portfolio. Partner groups can be created based on size, industry, type of data being shared, or business objective in order to help organizations better manage partner risk.

For more information on the BitSight Partner SecurityRating service, visit www.bitsighttech.com.

About BitSight Technologies
BitSight Technologies is transforming how companies manage information security risk with objective, evidence-based security ratings. The company's SecurityRating Platform continuously analyzes vast amounts of external data on security behaviors in order to help organizations make timely risk management decisions. Based in Cambridge, MA, BitSight is backed by Commonwealth Capital Ventures, Flybridge Capital Partners, Globespan Capital Partners, and Menlo Ventures. For more information, please visit www.bitsighttech.com or follow @BitSight on Twitter.

Add to Digg Bookmark with del.icio.us Add to Newsvine


Sonali Shah
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

DXWorldEXPO Digital Transformation Stories
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...
Enterprises are striving to become digital businesses for differentiated innovation and customer-centricity. Traditionally, they focused on digitizing processes and paper workflow. To be a disruptor and compete against new players, they need to gain insight into business data and innovate at scale. Cloud and cognitive technologies can help them leverage hidden data in SAP/ERP systems to fuel their businesses to accelerate digital transformation success.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
Cloud is the motor for innovation and digital transformation. CIOs will run 25% of total application workloads in the cloud by the end of 2018, based on recent Morgan Stanley report. Having the right enterprise cloud strategy in place, often in a multi cloud environment, also helps companies become a more intelligent business. Companies that master this path have something in common: they create a culture of continuous innovation. In his presentation, Dilipkumar will outline the latest resear...
Everyone wants the rainbow - reduced IT costs, scalability, continuity, flexibility, manageability, and innovation. But in order to get to that collaboration rainbow, you need the cloud! In this presentation, we'll cover three areas: First - the rainbow of benefits from cloud collaboration. There are many different reasons why more and more companies and institutions are moving to the cloud. Benefits include: cost savings (reducing on-prem infrastructure, reducing data center foot print, redu...
Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereal. Andrew's role at ConsenSys Enterprise is a mul...
When building large, cloud-based applications that operate at a high scale, it’s important to maintain a high availability and resilience to failures. In order to do that, you must be tolerant of failures, even in light of failures in other areas of your application. “Fly two mistakes high” is an old adage in the radio control airplane hobby. It means, fly high enough so that if you make a mistake, you can continue flying with room to still make mistakes. In his session at 18th Cloud Expo, Lee A...