Welcome!

@DXWorldExpo Authors: Elizabeth White, Pat Romanski, Roger Strukhoff, Yeshim Deniz, Zakia Bouachraoui

News Feed Item

BitSight Technologies Launches Industry's First Information Security Risk Rating Service

New Platform Helps Prevent Third-Party Data Loss by Monitoring How Partner Networks Interact With the Outside World

CAMBRIDGE, MA -- (Marketwired) -- 09/10/13 -- BitSight Technologies, a startup that recently secured a $24M Series A funding round, today launched the first in a series of new cybersecurity offerings that deliver accurate and timely ratings on the information security effectiveness of organizations around the world. The ratings, which are based on externally visible network behavior, are generated daily to keep track of the continuously shifting nature of an organization's security state.

BitSight's new service offering -- the BitSight Partner SecurityRating -- provides objective and up-to-date ratings on the information security health of a company's partner ecosystem so it can better protect sensitive business and customer data shared with third-party vendors. The information security ratings, which range from 250 to 900, are similar to consumer credit scores, with higher ratings indicating better security postures.

According to a February 2013 Ponemon Institute survey, 65 percent of organizations transferring consumer data to third-party vendors reported a breach involving the loss or theft of their information. In addition, nearly half of organizations surveyed did not evaluate their partners before sharing sensitive data.

"Traditional approaches to measuring and mitigating partner security risk, including network security audits and assessments, have fallen short," said Stephen Boyer, co-founder and CTO of BitSight. "These methods fail to deliver an objective and simple way to understand the effectiveness of an organization's network security practices. BitSight Partner SecurityRating delivers a single, daily rating that encapsulates the information security integrity of any third-party network, allowing customers to make data-driven, risk-based decisions. "

How the BitSight Platform Works
Using online sensors placed at strategic points around the Internet, the BitSight platform collects and analyzes publicly available Internet traffic flowing to and from an organization. Suspicious behaviors, such as participation in a DDoS attempt or communication with a known botnet, are analyzed for severity, frequency, duration and confidence to create an overall rating of the organization's current security health. Ratings are derived entirely from the outside; no special disclosures are required and no intrusive testing is conducted on the rated company.

"BitSight's unique, data-driven approach to information security rating provides organizations with valuable insight to more confidently mitigate risk," said Charles J. Kolodgy, Research Vice President of Security Products for IDC. "On a broader scale, it should also help the industry reduce the overall number of third-party data breaches."

"Throughout my career, organizations have always wanted a better way to protect themselves against the weak links in computer networks that are not their own," said Shaun McConnon, CEO of BitSight. "BitSight tackles that problem in a unique and more effective way, ensuring that information sharing between partners is protected, yet remains open."

Currently, Fortune 1000 companies in the healthcare, financial services and retail industries use BitSight Partner SecurityRating to protect the sensitive data they share. Delivered as a SaaS offering, key features of the service include:

  • Up-to-Date Partner Ratings - BitSight processes and analyzes terabytes of data daily to rate thousands of organizations, including the world's most popular data and outsourced service providers in the hosting, storage, manufacturing, advertising, HR and legal sectors. New ratings are presented daily via the Customer Portal.
  • Timely Alerts - BitSight customers are alerted of significant changes to their partner ratings so they can quickly and proactively take steps to mitigate and prevent possible data breaches. In addition, BitSight delivers detailed information on individual risk vectors so that the sources of risk can be identified and shared with partners.
  • In-depth Analytics - BitSight provides customers with analytical tools that assess trends, compare individual ratings against industry benchmarks, and rank ratings within their portfolio. Partner groups can be created based on size, industry, type of data being shared, or business objective in order to help organizations better manage partner risk.

For more information on the BitSight Partner SecurityRating service, visit www.bitsighttech.com.

About BitSight Technologies
BitSight Technologies is transforming how companies manage information security risk with objective, evidence-based security ratings. The company's SecurityRating Platform continuously analyzes vast amounts of external data on security behaviors in order to help organizations make timely risk management decisions. Based in Cambridge, MA, BitSight is backed by Commonwealth Capital Ventures, Flybridge Capital Partners, Globespan Capital Partners, and Menlo Ventures. For more information, please visit www.bitsighttech.com or follow @BitSight on Twitter.

Add to Digg Bookmark with del.icio.us Add to Newsvine

Contact:

Sonali Shah
Email Contact
617-245-0469

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

DXWorldEXPO Digital Transformation Stories
Using serverless computing has a number of obvious benefits over traditional application infrastructure - you pay only for what you use, scale up or down immediately to match supply with demand, and avoid operating any server infrastructure at all. However, implementing maintainable and scalable applications using serverless computing services like AWS Lambda poses a number of challenges. The absence of long-lived, user-managed servers means that states cannot be maintained by the service. Lo...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
Technology has changed tremendously in the last 20 years. From onion architectures to APIs to microservices to cloud and containers, the technology artifacts shipped by teams has changed. And that's not all - roles have changed too. Functional silos have been replaced by cross-functional teams, the skill sets people need to have has been redefined and the tools and approaches for how software is developed and delivered has transformed. When we move from highly defined rigid roles and systems to ...
This month @nodexl announced that ServerlessSUMMIT & DevOpsSUMMIT own the world's top three most influential Kubernetes domains which are more influential than LinkedIn, Twitter, YouTube, Medium, Infoworld and Microsoft combined. NodeXL is a template for Microsoft® Excel® (2007, 2010, 2013 and 2016) on Windows (XP, Vista, 7, 8, 10) that lets you enter a network edge list into a workbook, click a button, see a network graph, and get a detailed summary report, all in the familiar environment of...
IT professionals are also embracing the reality of Serverless architectures, which are critical to developing and operating real-time applications and services. Serverless is particularly important as enterprises of all sizes develop and deploy Internet of Things (IoT) initiatives. Serverless and Kubernetes are great examples of continuous, rapid pace of change in enterprise IT. They also raise a number of critical issues and questions about employee training, development processes, and opera...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
AI and machine learning disruption for Enterprises started happening in the areas such as IT operations management (ITOPs) and Cloud management and SaaS apps. In 2019 CIOs will see disruptive solutions for Cloud & Devops, AI/ML driven IT Ops and Cloud Ops. Customers want AI-driven multi-cloud operations for monitoring, detection, prevention of disruptions. Disruptions cause revenue loss, unhappy users, impacts brand reputation etc.
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
Using serverless computing has a number of obvious benefits over traditional application infrastructure - you pay only for what you use, scale up or down immediately to match supply with demand, and avoid operating any server infrastructure at all. However, implementing maintainable and scalable applications using serverless computing services like AWS Lambda poses a number of challenges. The absence of long-lived, user-managed servers means that states cannot be maintained by the service. Lo...