BitSight releases Peer Analytics, improving security performance management

BitSight, the Standard in Security Ratings, announced the availability of BitSight Peer Analytics, the latest Security Performance Management offering on the BitSight platform. Leveraging the world’s most trusted and comprehensive view of security performance across hundreds of thousands of global organizations, BitSight Peer Analytics provides security and risk leaders unprecedented visibility into the relative performance of their security programs against their peers and sector.

The solution enables organizations to meet and surpass their industry standard by setting achievable security performance improvement goals, effectively allocating limited resources, and efficiently prioritizing security efforts. Peer Analytics will be demonstrated at the BitSight booth #3434 at RSA Conference, being held March 4-8, 2019 in San Francisco.

BitSight Peer Analytics provides organizations with the world’s leading industry and critical peer group cybersecurity performance measurements. Security leaders now have real-time access to broad, deep, meaningful, objective data and metrics on industry-wide security and peer-level performance across multiple categories of vulnerabilities and incidents.

The Peer Analytics solution allows customers to compare themselves to configurable groups of their peers — a group of hundreds or even thousands of companies, by industry, sub-industry, company size, and other useful benchmarks. This information allows security and risk leaders to:

  • Discover the security performance standard: Peer Analytics helps organizations discover the cybersecurity performance standards that exist in their industry, sector, and peer group. Knowing and meeting the industry security performance standard is critical for organizations to win new business and remain competitive in their respective markets.
  • Identify performance gaps: Peer Analytics helps organizations uncover the factors that most significantly affect their industry’s security performance standard and pinpoint the biggest discrepancies with their peers.
  • Establish achievable security performance targets: With Peer Analytics, security leaders can see how they compare to their industry or peer group and identify a security performance target that makes sense for them in relation to that group. Targets can be set at the overall security rating level, at the individual risk vector level, and even at the specific event level.
  • Effectively allocate resources: Peer Analytics allows organizations to confidently distribute limited resources and prioritize security team efforts for the greatest impact on security performance improvement.
  • Create effective improvement plans: Alongside BitSight Forecasting — the security rating industry’s first analytics tool that allows customers to comprehensively model different scenarios and paths of remediation to project future security performance — Peer Analytics helps companies understand where they fall short of the industry standard and create improvement plans to meet that standard.
  • Report confidently: Leveraging Peer Analytics, security and risk leaders can confidently report critical metrics about their security program internally to senior executives and corporate directors, as well as externally to customers or regulators, knowing that their program is aligned with or exceeds industry standards of care.

It has never been more important for security and risk leaders to know their industry’s security performance standards and perform peer and sector-wide security benchmarking. Organizations face legal liability for failing to meet customer requirements and industry-wide standards of care for cybersecurity. But due to the ever-changing nature of the cyber landscape, expectations and standards of care are constantly in flux — what was “adequate” security yesterday may not be today.

Traditional approaches to cyber assessment (like point-in-time security audits and compliance reviews) provide only limited internal security performance analysis with no insight into industry-wide standards for a comprehensive, real-time comparative assessment.

“Peer Analytics offers unprecedented visibility at the most granular level to help security leaders make data-driven, defensible decisions — proactively rather than reactively,” said Dave Fachetti, Executive Vice President and Chief Marketing Officer at BitSight. “On a larger scale, this capability will help organizations meet industry standards of care for cybersecurity, enabling them to benchmark security performance against their peers in order to remain competitive and firmly aligned to their sector’s best practices. This standardization of security performance will be invaluable as we continue to see legal, financial and reputational fallout for organizations involved in major breaches.”