Since creating the Security Ratings market in 2011, a core component of BitSight’s value to users has been providing industry-leading comprehensive visibility into malware communications.
The existence of malware on a company’s network signals a breakdown in some control or process. With a proven correlation between the presence of malware successfully reaching beyond a network’s firewalls and that company’s risk of suffering a publicly disclosed data breach, visibility into malware activity is essential in identifying cyber risk across their business ecosystem.
The Industry’s Best Visibility Just Got Better
BitSight already owns and operates the world’s largest sinkhole infrastructure, giving our customers the ability to see the highest volume and variety of infections of any security ratings provider. In an effort to continuously improve visibility into critical aspects of an organization’s security posture, BitSight has just released expanded capabilities that improve visibility into compromised systems for BitSight users to identify cyber risk within their organization. With our security ratings covering over 23 risk vectors, this only furthers the gap between BitSight and other security ratings services.
In recent years, many companies have turned to web gateways to manage the dramatic increase in encrypted traffic, which allows for the use of the secure sockets layer (SSL) to cloak malware activity. SSL inspection is processor-intensive, and traditional firewalls are poorly suited for this activity — leading to a drastic drop off in both performance and speed. This trend has spurred the rapid adoption of web proxies, with trusted names such as Cisco, Symantec, Zscaler and Forcepoint leading the market. This has also lead to a mistaken sense of impenetrability.
By observing and collaborating with some of the well-known and trusted web gateways of notable security organizations (web proxies), BitSight is now able to detect the origin of malware (IP address) that is communicating with our sinkholes through such proxies.
What does this mean for Security Performance Management?
For companies using BitSight to measure, monitor, and improve their own risk posture, this new visibility provides unique insight into the effectiveness their internal security tools — specifically, the effectiveness of their web gateways and proxies. By leveraging these expanded capabilities, BitSight users can now identify if malware is surpassing these proxies and exposing their organization to previously unseen risks.
What does this mean for Third-Party Risk Management?
For those leveraging BitSight to manage third-party risk, they now have visibility into malware that was previously very difficult to detect. As the presence of malware on a company’s network is a strong indicator of the probability of breach, BitSight users now have even greater ability to identify which third parties could be exposing their data to cyber risk — and why. This gives them the ability to effectively collaborate with those third parties to remediate security issues before they are affected by a breach and its subsequent consequences.
This important expansion on BitSight’s compromised systems risk vectors provides a more comprehensive picture of the effectiveness of security controls and policies of an organization. BitSight is leading the way in the security rating services industry to provide this granular detail to better equip security and risk professionals to reduce risk.