BitSight in Cambridge, Massachusetts offers an Internet security platform.
N/A
SecurityScorecard
Score 9.0 out of 10
N/A
SecurityScorecard provides A-F graded security rating scorecards, to drive improved communication, effective compliance reporting, and more informed decision making. These enable enterprises to rate, understand, and continuously monitor the security posture of any organization worldwide, as well as gain visibility of any organization’s security-control weaknesses and vulnerabilities throughout the supplier ecosystem.
If you are considering BitSight Security Ratings as a portion or bulk of a larger vendor management project you will be well served in letting the risk scores be an indication of how closely you need to examine a vendor. However, you should not base your assessment solely on the risk score provided. The risk score is based on publicly available data and can be inaccurate.
Since data is based on public registration IP and domain data can be stale depending on ISP/Domain registration update delays.
Correcting a false detection is a month-long endeavor and requires the company with the impacted score to clean up BitSight's data.
Customer service for incorrect data is convoluted and requires a deep understanding of domain registration to correct the data. The responsibility for correcting data is placed solely on the customer's shoulders.
BitSight Security Ratings ranks evenly with SecurityScorecard and both below OneTrust for our use case. We needed a platform that would let us define risk for our organization and weight scores differently based on data sensitivity. BitSight and SecurityScorecard are aggregate data that can provide insight into the security habits of a potential vendor and should be considered as an addition to most vendor management projects. However, they both provide metrics based on hygiene and not on data-defined risk. In concert with a platform to evaluate risk based on data and to inform the overall evaluation of a vendor, BitSight Security Ratings can be made to shine. Just understand that you may have to validate some data.
ROI numbers as shown by the Forrester Research caused a positive impact on some of our prospects in Brazil.
ROI numbers for using atlas - electronic questionnaire are just amazing. When customer does not need to worry about EXCEL traffic with its vendors asking for info - they feel a strong sense of relief.
