BitSight Insights: Beware the Botnets

Tom Turner | April 9, 2015

Today BitSight published our most recent BitSight Insights report, Beware the Botnets; Botnets Correlated to a Higher Likelihood of a Significant Breach. Within this report BitSight has identified a solid correlation between botnet infections and publicly disclosed breaches. To arrive at this finding, BitSight leveraged botnet grades that are available to all customers in the Security Ratings platform. These letter grades, which are available for a wide range of risk vectors, provide insight into a company’s performance relative to others. These grades also take into account factors such as frequency, severity, and duration (for events) as well as record quality, evaluated based on industry-standard criteria (for diligence).

Download the latest BitSight Insight Report By analyzing a statistically significant subset of companies, BitSight found that companies with a BitSight botnet grade of B or lower were more than twice as likely to experience a publicly disclosed data breach. Botnets are networks of computers that have been compromised or infected with malicious software and controlled as a group by an adversary without the owners’ knowledge. A botnet infection means that an attacker has obtained partial or complete administrative control of a system. Although a botnet compromise may not always equate to data loss, it invariably means that one or many protective controls have failed and that at least some data or system confidentiality, integrity, or availability is at risk. This finding has far reaching and important implications for security and risk professionals, as well as executives, for managing risks to the enterprise:

  • Vendor Risk Management: Risk managers and security teams can leverage this finding to communicate with vendors about the possibility of data loss in their information supply chain. It is also useful information when evaluating new vendors.

  • Benchmarking Security Performance: Businesses can easily benchmark this important metric against peers and industry averages. CISO’s can more readily talk about and answer questions about their organization’s risk of a breach compared to others.

  • Cyber Insurance: Underwriters are looking for actionable metrics to understand a company’s susceptibility to a breach. By analyzing botnet grades, insurers can become better informed of a company’s likelihood of a breach before underwriting a policy. They can also use this information to actively monitor their insureds.

  • Mergers & Acquisitions: Companies that are actively looking to acquire or merge with another company can leverage this information to assess the possibility of data loss events of a potential acquisition target.


This report also analyzed key findings of five major industry sectors: Finance, Retail, Healthcare, Utilities and Education. Echoing BitSight’s previous research on the topic, our analysis uncovered some major differences between industries in relation to botnet grades. Some key highlights:Q215BotnetGraphicFig2
  • Utilities was a poor performer with more than 52% of companies falling below the A threshold. Tasked with protecting the nation’s critical infrastructure, this finding is an important issue that should be addressed. In addition, BitSight has observed some complex and potentially harmful botnets targeting the industry.

  • Retail and Healthcare are middle of the pack performers, but are by no means secure. These two industries have been hit by major breaches in the past year, yet more than half of companies received A grades for botnet remediation.

  • Finance continues to be top performer, with 74% of companies gaining a grade of A. This is likely due to the industry’s focus on regulatory compliance and culture of awareness of cyber threats.

  • Education fails to make the grade, with a mere 23% of schools and universities earning an A. More than 33% of these institutions are failing (a grade of F), as this industry struggles with protecting campus and educational networks. This finding echoes our previous Insights report of college security performance.

To read the report, you can download it here. To learn more about the findings, register for the webinar on April 28.

Suggested Posts

What Companies Using Cloud Services Need To Know About Their Risk Responsibilities

Cloud computing is not new to the cyber world; it’s here to stay. Web services are common in our everyday lives and workplaces, with things like Facebook, Salesforce, JIRA, Adobe, and GSuite all falling into the cloud-based category. But...


Joint Effort with Microsoft to Disrupt Massive Criminal Botnet Necurs

Since 2017 BitSight has been working together with Microsoft’s Digital Crimes Unit (DCU) to understand the inner workings of the Necurs malware, its botnets and command and control infrastructure in order to take disruptive action against...


Forecasting and Advanced Analytics: Building a Solid Security Strategy For 2020

2020 is not only the beginning of a new year, but the start of a new decade, and with it comes the dawn of a new era for the digital world. We’re now in the midst of the once far-off, “futuristic” time periods old books and movies used to...


Subscribe to get security news and updates in your inbox.