<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=26304&amp;fmt=gif">
Vendor Risk Management

How BitSight Helps Drive Quick Risk Reduction Across Third Party Ecosystems

Noah Simon | March 27, 2018

At a recent BitSight Roadshow, a customer with an advanced third party risk management program declared “assessments are not risk reduction.” The statement was not meant to convey that assessments are useless for third party risk; rather, that assessments themselves don’t inherently drive risk down.

Assessments may lead risk managers to findings that can in turn drive risk reduction, but the path to remediating security issues is not always straightforward. There may be a lot of back and forth between the first and third party on the validity of the finding, the risk it actually presents, or the way in which to remediate the issue.

BitSight customers now have the ability to collaborate with third parties to get to a clear, quick path to risk reduction. Leveraging the Enable Vendor Access feature, which grants third parties access to the BitSight portal and customer success team free of charge, customers can pinpoint and share specific areas of risk that their third parties should look into. This makes feedback provided to third parties about their cybersecurity both manageable and actionable.

For example, customers can be alerted to new infections or malware that appear on a third party’s network, and then reach out to discern whether or not that infection may put their own data at risk.contextual eva.gif

Share specific records of botnet infections with third parties.

contextual eva2.gifShare and dig into certain security controls gaps on a company’s network, such as risk services being run on unsecured ports.

 

Third parties who receive this free access will understand exactly which issues are of concern, and can access the BitSight platform for remediation resources and context needed to resolve issues.

This process takes the path to potential risk reduction down to hours and minutes — a feat that is not possible with more manual, traditional vendor risk management exercises. Moreover, this kind of automation is key for organizations looking to bring scale and greater efficiency to their vendor risk management programs.

Learn more about how BitSight helps bring technology-enabled automation to vendor risk management.

Suggested Posts

Cybersecurity and Banking: 3 Trends to Watch in 2019

Banks have always been at the forefront of enterprise cybersecurity. Their enormous stores of cash and consumer data have made them a top target for hackers, and the threat of financial losses, regulatory consequences, and reputational...

READ MORE »

Improve IT Vendor Monitoring with Data-Driven Conversations

Businesses are becoming increasingly reliant on outsourced IT services to support day-to-day operations.

READ MORE »

3 Surprising Ways Supply Chain Cybersecurity Can Impact Retailers

Retail operations, whether in-store or online, rely on a long chain of connections between third parties. When attackers target one of these third parties, they can wreak havoc on the supply chain, affecting business operations up and down...

READ MORE »

Subscribe to get security news and updates in your inbox.