Forrester Recognizes BitSight as a Leader in Cybersecurity Risk Rating Solutions

This past Tuesday, BitSight was named a Leader in The Forrester New Wave™: Cybersecurity Risk Rating Solutions, Q4 2018 evaluation. This report evaluates the current offering and strategy of vendors in a particular technology market, such as security ratings. This is significant, as this is the first analyst report that has a core focus on evaluating security ratings services solutions side-by-side.

BitSight’s inclusion and positioning in this report further affirms our dominant market presence in the emerging, globally significant security ratings market. Over many years, BitSight has invested heavily in data and innovative capabilities that provide superior analytics, risk context, and prioritization. BitSight continues innovating — having recently launched the most-advanced Vendor and Asset Risk Prioritization tools available in the marketplace today.

Forrester New Wave Cybersecurity Risk Rating Solutions

BitSight was differentiated in seven of the ten categories highlighted in the report — the most of any evaluated vendor. They are:

  • Vision and Execution: BitSight pioneered the security ratings market in 2011 and we continue to expand upon our founders’ vision of security ratings as a solution to be used in every business to business transaction. BitSight continues to lead the market in providing ratings for vendor risk management, benchmarking, insurance underwriting, and investor due diligence. With over 1,300 customers today, a global presence, and ability to service small, medium, and large customers, BitSight is clearly The Standard in Security Ratings.

  • Surface and deep web intelligence: This category largely focused on data collection across the web. BitSight has the largest proprietary sinkholing infrastructure in the world, a massive data collection and processing engine and a focus on collecting a wide breadth of data that other solutions do not have (e.g. mobile, IoT). By leveraging this data, customers are provided with continuous visibility into their ecosystem and can confidently share security ratings with third parties.

  • Risk Rating Efficacy and Transparency: BitSight has led the market in providing fair and accurate security ratings and transparency around the ratings methodology we deploy. We are an original signatory to the Principles for Fair and Accurate Security Ratings and the only SRS vendor with third-party validated correlation to breach. AIR Worldwide, one of the leading insurance modeling agencies, has noted a clear correlation between BitSight ratings and publicly disclosed data breaches. This enables BitSight customers to assess their portfolio of vendors and prioritize certain actions based on those organizations with a higher likelihood of breach (and who pose the greatest risk to their company).

  • Dashboard and Alerts: BitSight reports are regularly used for Board reporting by CIOs and CISOs. The platform has extensive dashboarding, reporting and alerting capabilities, including our Rating Change, Portfolio Analysis, Vendor Risk Matrix, Asset Risk Matrix and our extensive filtering and alerting features.

  • Global Reach: This category primarily looked at our ability to support a global customer base. BitSight has offices in Boston, Raleigh and Lisbon, and a presence in countries across Europe and Asia. In addition, our worldwide value-added reseller network enables services and support for our ratings worldwide. Our inventory of 140K+ rated organizations is truly a global network.

  • Thought leadership and strategic partnerships: BitSight is a pioneer and innovator in the market and has produced a wide variety of impactful research reports (BitSight Insights), notably on the topics of ransomware and outdated (unpatched) systems. In addition, BitSight has the most extensive strategic partner ecosystem that provides innovative solutions for customers and expands the universe of market participants that interact with BitSight ratings.

    BitSight has active partnerships with global brands including Verizon, AT&T, Telefonica, Singtel, and leading Insurance Catastrophe Modeling and Risk Assessment organizations, to name a few. BitSight also has robust integrations with all the leading third-party risk/GRC solutions (RSA Archer, ServiceNow, MetricStream, Lockpath, etc.) and ability to provide infection details to SIEM providers (ArcSight, IBM QRadar, etc).

  • Dark web and technical intelligence: BitSight has dark web and exposed credentials for all rated organizations that enable customers to understand the threat landscape facing them or a potential vendor. Organizations monitoring their own security performance are able to leverage this information to strategically improve their security performance.