BitSight announced several new, innovative capabilities within its BitSight for Third-Party Risk Management solution that provide intelligent recommendations, operational guidance, and risk prioritization to enable more effective third-party cyber risk management.
The enhanced platform helps organizations achieve greater operational efficiency and measurably reduce risk across their extended business ecosystem.
“Third-party ecosystems are expanding rapidly and organizations of all shapes and sizes struggle to create effective risk management programs,” said Dave Fachetti, executive vice president of Strategy.
“These enhancements will help our customers clearly understand and prioritize their portfolio of third-party risk and seamlessly integrate BitSight into their programs, resulting in reduced risk and improved operational efficiency.”
BitSight surfaces actionable insights from the industry’s broadest and deepest collection of security performance data and provides intelligent recommendations and guidance based on the largest customer base and most engaged network of users.
Surfaces the most important information from across the BitSight platform onto a dynamic, customizable dashboard, enabling users to quickly visualize, identify, and prioritize urgent third-party risk issues from non-urgent ones.
Life cycle stages
Provides customers specific engagement guidance during various stages of the vendor lifecycle — from onboarding to ongoing monitoring to reassessment — based on the nature of a third-party vendor’s relationship with the customer, the stage of the relationship, and measured security performance.
Gives business context to technical findings, enabling customers to quickly identify and understand the most critical areas of concern related to third-party cyber risks, and accept or reject risk.
Aids with setting the significance of a vendor relationship by leveraging tiering best practices observed across BitSight’s customer base and providing intelligent recommendations.
Maps BitSight data to cybersecurity questions in a vendor assessment questionnaire, validating qualitative data collection, producing consumable reports, and reducing the number of questions needed in a vendor assessment.
Makes it easy for customers to apply the proper level of due diligence based on the relationship they have with that company (e.g., vendor, competitor, fourth-party).
Portfolio risk matrix
Gives an organization a clearer picture of the state of its third-party portfolio’s risk aligned to its organizational policy, with the ability to adjust vendor tiering and risk thresholds.