<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=26304&amp;fmt=gif">
BitSight

BitSight’s Newest Alerting Capabilities Showcase Evolution of Leading Security Rating Service

Alex Campanelli | October 20, 2017

This August, BitSight announced the release of several new risk vectors specifically chosen to help organizations identify and manage risks across their own networks and the networks of their third parties. BitSight chose those new risk vectors to enhance the insights across the “spectrum of risk” and provide a more comprehensive picture of an organization’s security posture.

As your vendor ecosystem scales, your vendor risk management strategy needs to scale, and monitor evolving risk across your portfolio of vendors becomes an increasingly difficult challenge. We are pleased to announce the release of two new alert types to help you stay up to date with the latest security ratings changes, Risk Vector Grade and NIST Cyber Security Framework (CSF) Grade alerts.

BitSight alerts monitor your vendor portfolio for changes based on your risk appetite and alert preferences. We recommend that you tier your vendor portfolio by business function criticality and set unique alert preferences for each. For example, you may have a low risk appetite for your Tier 1 vendors, who store customer’s personally identifiable information (PII).  You can then use Risk Vector Grade alerts and set alert preferences to receive decrease alerts when grades go below a “B” and critical decrease alerts when grades go below a “C.” As vendor tier risk appetite increases, alert preference stringency decreases.

10.20-Blog-1.png

Once set, use alerts to drive vendor risk strategy and trigger actions based on alert notifications. A decrease alert may serve as notification for a Risk Analyst to begin an external investigation, whereas a critical decrease alert requires immediate contact and extending vendor access directly to the BitSight portal.

10.20-Blog-2.png

Similar to the Risk Vector Grade alerts, the NIST/CSF notifications alert users when a vendor’s CSF grade has decreased to a pre-established threshold.

These important new alerts help provide a more comprehensive picture about your organization’s security controls and policies. As a key part of your vendor risk management strategy, BitSight Security Ratings’ Risk Vector Grade alerts allow your vendor risk management program to grow as the spectrum of risk increases. BitSight is leading the way in the Security Rating Services industry to provide this granular detail to better equip your security team to reduce risk.

Want to see BISIGHT SECURITY RATINGS IN ACTION? Register for a demo today.

Request A Demo

Suggested Posts

Forecasting: The Missing Link in Your Annual Security Performance Planning Process

When it comes to security performance management within your organization, how do your security teams measure performance? If they’re using security ratings, they know that this objective, quantitative measurement is an effective place to...

READ MORE »

Forrester Recognizes BitSight as a Leader in Cybersecurity Risk Rating Solutions

This past Tuesday, BitSight was named a Leader in The Forrester New Wave™: Cybersecurity Risk Rating Solutions, Q4 2018 evaluation. This report evaluates the current offering and strategy of vendors in a particular technology market, such...

READ MORE »

BitSight EXCHANGE Recap: Takeaways from the Inaugural Forum

On October 10th, BitSight’s inaugural EXCHANGE forum, the premier event for security and risk professionals, took place at the Intercontinental New York Times Square. Over the course of this one-day event, distinguished business and...

READ MORE »

Subscribe to get security news and updates in your inbox.