This study helps security leaders, executives, and members of the board navigate the increasingly complex cyber risk landscape. Learn where global organizations struggle and where they’re improving!
Bitsight and Google have collaborated to study global organizational performance across cybersecurity controls in the Minimum Viable Secure Product (MVSP) framework. Amid heightened stakeholder demands, security leaders, board members, and executives are all asking how they can better inform their cybersecurity strategy through benchmarking, keep up-to-date with current cyber risks, and prioritize budgets and workforce readiness to meet the latest challenges.
What is the MVSP framework?
Backed by Google, Salesforce, Okta, and other major technology companies, MVSP is a baseline security checklist for B2B software and business process outsourcing suppliers. The goal of MVSP is to ensure that all companies building B2B software or otherwise handling sensitive information adhere to a minimally viable security posture for their product.
Our study benchmarks global cybersecurity performance based on the MVSP framework.
To obtain a deeper understanding of how organizations are performing across security controls, read the report now!
This joint study between Bitsight and Google arms organizations with actionable insights, providing the current status of global cybersecurity performance by analyzing nearly 100,000 global organizations across 16 cybersecurity controls and nine industries, revealing:
Current Control Gaps and Encouraging Insights
- Which security controls are organizations passing/failing across industries?
Positive Progress
- Across which security controls are organizations improving?
Who is this Study for?
A variety of stakeholders can leverage this information to enact change:
- Security professionals: Inform your cybersecurity strategy with the latest cybersecurity performance insights.
- Board members: Know what challenges your CISO faces so you can ask the right questions to protect your organization.
- Executives: Prioritize your budget and workforce to reflect current challenges.
Organizations Face Challenges but Improvements are Underway
Our study unveils critical areas where organizations struggle to meet the mark, plus where we observe improvements.
Bridging Control Gaps
We found that many organizations are failing controls critical to a programmatic area significantly correlated with incidents like breach. Compounding concerns, we found that eight MVSP controls have either high 2023 Fail rates, low Pass rates, or both, across all industries. By identifying these gaps and improvements, and more, we’re arming organizations with the knowledge to fine-tune their cybersecurity strategies effectively and benchmark their security performance.
The Stakes are High
Business leaders need to know where cyber risk lies and how their company compares to their peers, in order to effectively manage increasingly complex cyber risks, and stakeholder demands.
Celebrating Positive Strides
But it’s not all doom and gloom. Our research highlights success stories where organizations have successfully elevated their cybersecurity game. Learn from these examples to pave your path to a stronger security posture. In fact, every industry in 2023 has a high Pass rate for 10 of the 16 MVSP controls we studied.
We were surprised to see strong performance across security controls usually thought of as weak points, among broad improvements across the board. In general, we observed industries increasing their Pass rates and reducing their Fail rates, a positive indication.
Take Action Now
Organizations need actionable insights now more than ever to secure their digital ecosystem. Leverage this joint research between Bitsight and Google to help benchmark your cybersecurity program and to better inform your strategy with the latest performance insights.
We have collaborated with Google to study organizational performance across cybersecurity controls in the MVSP framework
