<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=26304&amp;fmt=gif">
BitSight

How BitSight Helps Drive Quick Risk Reduction Across Third Party Ecosystems

Noah Simon | March 27, 2018

At a recent BitSight Roadshow, a customer with an advanced third party risk management program declared “assessments are not risk reduction.” The statement was not meant to convey that assessments are useless for third party risk; rather, that assessments themselves don’t inherently drive risk down.

Assessments may lead risk managers to findings that can in turn drive risk reduction, but the path to remediating security issues is not always straightforward. There may be a lot of back and forth between the first and third party on the validity of the finding, the risk it actually presents, or the way in which to remediate the issue.

BitSight customers now have the ability to collaborate with third parties to get to a clear, quick path to risk reduction. Leveraging the Enable Vendor Access feature, which grants third parties access to the BitSight portal and customer success team free of charge, customers can pinpoint and share specific areas of risk that their third parties should look into. This makes feedback provided to third parties about their cybersecurity both manageable and actionable.

For example, customers can be alerted to new infections or malware that appear on a third party’s network, and then reach out to discern whether or not that infection may put their own data at risk.contextual eva.gif

Share specific records of botnet infections with third parties.

contextual eva2.gifShare and dig into certain security controls gaps on a company’s network, such as risk services being run on unsecured ports.

 

Third parties who receive this free access will understand exactly which issues are of concern, and can access the BitSight platform for remediation resources and context needed to resolve issues.

This process takes the path to potential risk reduction down to hours and minutes — a feat that is not possible with more manual, traditional vendor risk management exercises. Moreover, this kind of automation is key for organizations looking to bring scale and greater efficiency to their vendor risk management programs.

Learn more about how BitSight helps bring technology-enabled automation to vendor risk management.

Suggested Posts

BitSight Releases New VPNFilter & Oracle Weblogic Vulnerability Identification Filters

Within the BitSight Security Ratings platform, we prioritize features that help organizations both identify and manage risks across their own networks and the networks of their third parties. BitSight now enables users to identify...

READ MORE »

BitSight Raises $60 Million in Series D Funding To Further Cement Status as Security Ratings Leader

Last Thursday, BitSight announced the closing of our Series D Round of funding. Not only is this important for our company, it is also extremely significant for the security and risk market as a whole.  

READ MORE »

BitSight Joins Local Boston Companies Participating in Annual Pride Parade

On June 9th, a BitSight team participated in the annual Boston Pride parade for the first time. Boston Pride is a celebration of the city's LGBTQ community and its allies that brings thousands of marchers and spectators into the streets....

READ MORE »

Subscribe to get security news and updates in your inbox.