Forecasting: The Missing Link in Your Annual Security Performance Planning Process

Alex Campanelli | November 29, 2018

When it comes to security performance management within your organization, how do your security teams measure performance? If they’re using security ratings, they know that this objective, quantitative measurement is an effective place to start when evaluating performance in certain areas.

For the last seven years, BitSight Security Ratings have been helping companies gain insight into the efficacy of their security programs, as well as the security performance of third and fourth party vendors. Today, the BitSight Security Rating platform provides a year’s worth of data on all companies to paint a comprehensive picture of a company’s historical security posture over time. However, we identified an opportunity to create a more holistic picture.

BitSight Forecasting, the company’s first analytics offering, gives customers the ability to model different scenarios and paths of remediation to project future security performance. With Forecasting, businesses can answer difficult yet critical questions about where to spend security budgets, and what sets of activities will help reduce risk most quickly, and whether or not technology implementations should be changed.

Forecasting provides two years of data: one year of historical data and one year that shows a projection of the upcoming year’s level of security performance based on the BitSight Security Rating. Forecasts are not just based on your company’s performance alone: the Forecasting model is built on the security performance data of hundreds of thousands of companies, providing a more robust, comprehensive, and realistic projection. BitSight can confidently say that our Forecasting offering is built on the biggest network in the security ratings market.

Forecasting in Action: Assess, Project & Plan

Forecasting allows businesses to project their organization’s security performance — based on the BitSight rating — into the future to better inform strategy and resource allocation. Additionally, the tool also allows security and risk leaders to track their security performance over time and see what areas either improved or declined during that time period. Together this information provides a more comprehensive picture of security performance over time — something most organizations have lacked in this area of the business up until this point.

BitSight’s Advanced Analytics Forecasting solution enables security and risk leaders to:

  • Assess their current performance based on historical analysis,
  • Run a variety of scenarios and project a future state to determine a reasonable ratings goal,
  • Allocate resources efficiently and track progress over time to ensure goals are being met. 

Armed with quantitative and objective performance data, security and risk leaders can make more informed decisions about their security programs and feel more confident in their team’s ability to achieve expected outcomes. 


If your business is thinking about 2019 security program planning or security budget allocation, Forecasting can help determine areas of focus for key stakeholders and decision makers within your organization. BitSight Forecasting’s analytic capabilities enable security teams to allocate resources and focus attention more effectively and, ultimately, improve security performance in the years ahead.

Request A Demo for BitSight Forecasting

Suggested Posts

What Companies Using Cloud Services Need To Know About Their Risk Responsibilities

Cloud computing is not new to the cyber world; it’s here to stay. Web services are common in our everyday lives and workplaces, with things like Facebook, Salesforce, JIRA, Adobe, and GSuite all falling into the cloud-based category. But...


Joint Effort with Microsoft to Disrupt Massive Criminal Botnet Necurs

Since 2017 BitSight has been working together with Microsoft’s Digital Crimes Unit (DCU) to understand the inner workings of the Necurs malware, its botnets and command and control infrastructure in order to take disruptive action against...


Forecasting and Advanced Analytics: Building a Solid Security Strategy For 2020

2020 is not only the beginning of a new year, but the start of a new decade, and with it comes the dawn of a new era for the digital world. We’re now in the midst of the once far-off, “futuristic” time periods old books and movies used to...


Subscribe to get security news and updates in your inbox.