@DXWorldExpo Authors: Liz McMillan, Elizabeth White, Zakia Bouachraoui, Maria C. Horton, Kevin Benedict

News Feed Item

BitSight Technologies Launches Industry's First Information Security Risk Rating Service

New Platform Helps Prevent Third-Party Data Loss by Monitoring How Partner Networks Interact With the Outside World

CAMBRIDGE, MA -- (Marketwired) -- 09/10/13 -- BitSight Technologies, a startup that recently secured a $24M Series A funding round, today launched the first in a series of new cybersecurity offerings that deliver accurate and timely ratings on the information security effectiveness of organizations around the world. The ratings, which are based on externally visible network behavior, are generated daily to keep track of the continuously shifting nature of an organization's security state.

BitSight's new service offering -- the BitSight Partner SecurityRating -- provides objective and up-to-date ratings on the information security health of a company's partner ecosystem so it can better protect sensitive business and customer data shared with third-party vendors. The information security ratings, which range from 250 to 900, are similar to consumer credit scores, with higher ratings indicating better security postures.

According to a February 2013 Ponemon Institute survey, 65 percent of organizations transferring consumer data to third-party vendors reported a breach involving the loss or theft of their information. In addition, nearly half of organizations surveyed did not evaluate their partners before sharing sensitive data.

"Traditional approaches to measuring and mitigating partner security risk, including network security audits and assessments, have fallen short," said Stephen Boyer, co-founder and CTO of BitSight. "These methods fail to deliver an objective and simple way to understand the effectiveness of an organization's network security practices. BitSight Partner SecurityRating delivers a single, daily rating that encapsulates the information security integrity of any third-party network, allowing customers to make data-driven, risk-based decisions. "

How the BitSight Platform Works
Using online sensors placed at strategic points around the Internet, the BitSight platform collects and analyzes publicly available Internet traffic flowing to and from an organization. Suspicious behaviors, such as participation in a DDoS attempt or communication with a known botnet, are analyzed for severity, frequency, duration and confidence to create an overall rating of the organization's current security health. Ratings are derived entirely from the outside; no special disclosures are required and no intrusive testing is conducted on the rated company.

"BitSight's unique, data-driven approach to information security rating provides organizations with valuable insight to more confidently mitigate risk," said Charles J. Kolodgy, Research Vice President of Security Products for IDC. "On a broader scale, it should also help the industry reduce the overall number of third-party data breaches."

"Throughout my career, organizations have always wanted a better way to protect themselves against the weak links in computer networks that are not their own," said Shaun McConnon, CEO of BitSight. "BitSight tackles that problem in a unique and more effective way, ensuring that information sharing between partners is protected, yet remains open."

Currently, Fortune 1000 companies in the healthcare, financial services and retail industries use BitSight Partner SecurityRating to protect the sensitive data they share. Delivered as a SaaS offering, key features of the service include:

  • Up-to-Date Partner Ratings - BitSight processes and analyzes terabytes of data daily to rate thousands of organizations, including the world's most popular data and outsourced service providers in the hosting, storage, manufacturing, advertising, HR and legal sectors. New ratings are presented daily via the Customer Portal.
  • Timely Alerts - BitSight customers are alerted of significant changes to their partner ratings so they can quickly and proactively take steps to mitigate and prevent possible data breaches. In addition, BitSight delivers detailed information on individual risk vectors so that the sources of risk can be identified and shared with partners.
  • In-depth Analytics - BitSight provides customers with analytical tools that assess trends, compare individual ratings against industry benchmarks, and rank ratings within their portfolio. Partner groups can be created based on size, industry, type of data being shared, or business objective in order to help organizations better manage partner risk.

For more information on the BitSight Partner SecurityRating service, visit www.bitsighttech.com.

About BitSight Technologies
BitSight Technologies is transforming how companies manage information security risk with objective, evidence-based security ratings. The company's SecurityRating Platform continuously analyzes vast amounts of external data on security behaviors in order to help organizations make timely risk management decisions. Based in Cambridge, MA, BitSight is backed by Commonwealth Capital Ventures, Flybridge Capital Partners, Globespan Capital Partners, and Menlo Ventures. For more information, please visit www.bitsighttech.com or follow @BitSight on Twitter.

Add to Digg Bookmark with del.icio.us Add to Newsvine


Sonali Shah
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

DXWorldEXPO Digital Transformation Stories
"We were founded in 2003 and the way we were founded was about good backup and good disaster recovery for our clients, and for the last 20 years we've been pretty consistent with that," noted Marc Malafronte, Territory Manager at StorageCraft, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
While the focus and objectives of IoT initiatives are many and diverse, they all share a few common attributes, and one of those is the network. Commonly, that network includes the Internet, over which there isn't any real control for performance and availability. Or is there? The current state of the art for Big Data analytics, as applied to network telemetry, offers new opportunities for improving and assuring operational integrity. In his session at @ThingsExpo, Jim Frey, Vice President of S...
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settl...
@CloudEXPO and @ExpoDX, two of the most influential technology events in the world, have hosted hundreds of sponsors and exhibitors since our launch 10 years ago. @CloudEXPO and @ExpoDX New York and Silicon Valley provide a full year of face-to-face marketing opportunities for your company. Each sponsorship and exhibit package comes with pre and post-show marketing programs. By sponsoring and exhibiting in New York and Silicon Valley, you reach a full complement of decision makers and buyers in ...
"Cloud computing is certainly changing how people consume storage, how they use it, and what they use it for. It's also making people rethink how they architect their environment," stated Brad Winett, Senior Technologist for DDN Storage, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
The Internet of Things is clearly many things: data collection and analytics, wearables, Smart Grids and Smart Cities, the Industrial Internet, and more. Cool platforms like Arduino, Raspberry Pi, Intel's Galileo and Edison, and a diverse world of sensors are making the IoT a great toy box for developers in all these areas. In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists discussed what things are the most important, which will have the most profound e...
Rodrigo Coutinho is part of OutSystems' founders' team and currently the Head of Product Design. He provides a cross-functional role where he supports Product Management in defining the positioning and direction of the Agile Platform, while at the same time promoting model-based development and new techniques to deliver applications in the cloud.
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
LogRocket helps product teams develop better experiences for users by recording videos of user sessions with logs and network data. It identifies UX problems and reveals the root cause of every bug. LogRocket presents impactful errors on a website, and how to reproduce it. With LogRocket, users can replay problems.
Data Theorem is a leading provider of modern application security. Its core mission is to analyze and secure any modern application anytime, anywhere. The Data Theorem Analyzer Engine continuously scans APIs and mobile applications in search of security flaws and data privacy gaps. Data Theorem products help organizations build safer applications that maximize data security and brand protection. The company has detected more than 300 million application eavesdropping incidents and currently secu...