<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=26304&amp;fmt=gif">
Security Ratings

Why We Collaborated with Verizon on the Verizon Risk Report

Dave Fachetti | May 9, 2018

When 1+1 Truly Equals 3

Recently, Verizon announced the Verizon Risk Report (VRR), a new managed service offering that provides a security assessment framework to enable customers to gain a comprehensive view of their cyber risk. By combining external cybersecurity ratings, internal analysis, and culture and process assessments, Verizon is able to provide customers with a holistic profile of security performance and current posture, enabling customer to prioritize security investment and mitigate risks.

The launch of this innovative service underscores Verizon’s commitment to remaining a market- leading managed security service provider (MSSP) and shifting the security conversation away from a solutions and tools-oriented approach to a more strategic one around managing dynamic cyber risk. As a leader in security ratings, BitSight is aware that quantitative external measurement is a critical component to understanding, prioritizing and mitigating cyber risk. Verizon is committed to leveraging their leading data while BitSight Security Ratings serves as an objective, consistent standard for organizations (and the market) to reconcile to.

When BitSight began to discuss and develop a joint vision centered around this idea with Verizon last year, it was clear to us that this was something that we should not only support but help advance. We knew this could dramatically move forward the way companies prioritize and allocate resources to address cyber risk; a security rating is a core part of most assessment, risk, and security conversations. We are firm believers in the phrase, “if you can measure it, you can improve it.” The VRR is a powerful manifestation of that concept.

BitSight Security Ratings’ role in the VRR is to provide an objective, industry-standard view of an organization’s security performance as part of an overall comprehensive 360 degree view. This includes quantitative and qualitative assessments. The Verizon Risk Report arms customers with BitSight ratings and other external data which, alongside internal data from security tools and process assessments, will provide customers with a comprehensive view of their security performance. Customers will be able to access BitSight Security Ratings and risk vector grades within the VRR, as well as drill down into more detail on forensics. Within the VRR, Verizon leverages their proprietary Data Breach Investigations Report (DBIR) industry insights to drive additional actionability for the customer. For example, users will be able to see BitSight risk vectors that are prioritized by industry threat patterns from data that Verizon collects in the DBIR.

The Verizon Risk Report closely aligns with BitSight’s mission to bring quantitative measurement and data to cyber risk decision making. BitSight and Verizon plan to continually invest to combine our leading expertise and data to drive additional value for customers. Ongoing areas of investment include data science collaboration to better understand the relationship between external and internal security performance measurement, the creation of algorithms to correlate BitSight data to data collected by Verizon via third party tools, and other activities meant to drive new insights and value for customers. This unique relationship will enable both organizations to continue to help customers prioritize and allocate resources to reduce risk through data-driven insights.

The VRR is an industry-shifting approach to how organizations are able to measure and prioritize their own risk and allocate security spend accordingly. We are excited to collaborate with Verizon as it highlights our growth as a global company and as the leader in objective, data-driven security ratings.

How well do you know your security posture? Find out with the Verizon Risk Report.

Suggested Posts

Cybersecurity Metrics Your CIO Expects You to Know

Creating a third-party vendor risk management program is a top priority in today’s threat landscape. It’s critical to not only put a program in place, but understand the cybersecurity metrics you should be looking at within your own...

READ MORE »

Third Party Tiering: The Cornerstone of a Strong Third-Party Risk Management Program

With the number of third parties connected to businesses increasing, risk and security teams need to ensure they are spending the right amount of attention on the right third parties. To do this, organizations need a clearly defined,...

READ MORE »

A Forward-Looking View Into Security Performance

For the last five years, BitSight Security Ratings have been helping companies gain insight into the efficacy of their security programs, as well as the security performance of third and fourth party vendors. Today, the BitSight Security...

READ MORE »

Subscribe to get security news and updates in your inbox.