My Journey from Security Intelligence to Security Risk Management

Shaun McConnon | September 12, 2013

The past few days have been amazing. First of all, the response to the launch of our first service - BitSight Partner SecurityRating - has been great. It is rewarding to see our hard work validated. Secondly, I can finally talk publicly about something that I have been excited about for over a year!

In my previous companies, we always talked about the problem of measuring risk and could never figure out how to do it in a data-driven, cost effective manner. At BitSight, we figured it out! Our evidence based, outside-in approach is truely changing how companies manage third party risk.

Nearly 18 months ago, David Aronoff from Flybridge asked me to meet two entrepreneurs he had invested in - Nagarjuna Venna and Stephen Boyer. David had hoped that I would agree to be an advisor. Well, a few meetings and several dinners later, I said no, I did not want to be an advisor. I wanted to invest in BitSight and be their CEO. David was quite astonished, as everyone thought I would retire after Q1 Labs. But, I just couldn’t sit this one out.

At BitSight, we have an incredible opportunity to make risk management more scientific (see my previous post about art versus science in security risk mangement) and enable risk managers to proactively engage with their partners to protect sensitive data.

I'm glad I can finally share our story with you all, and I hope that the BitSight Blog will stimulate conversation among security and risk practitioners. I look forward to lively debate and knowledge exchange on this topic.


Suggested Posts

What Companies Using Cloud Services Need To Know About Their Risk Responsibilities

Cloud computing is not new to the cyber world; it’s here to stay. Web services are common in our everyday lives and workplaces, with things like Facebook, Salesforce, JIRA, Adobe, and GSuite all falling into the cloud-based category. But...


Joint Effort with Microsoft to Disrupt Massive Criminal Botnet Necurs

Since 2017 BitSight has been working together with Microsoft’s Digital Crimes Unit (DCU) to understand the inner workings of the Necurs malware, its botnets and command and control infrastructure in order to take disruptive action against...


Forecasting and Advanced Analytics: Building a Solid Security Strategy For 2020

2020 is not only the beginning of a new year, but the start of a new decade, and with it comes the dawn of a new era for the digital world. We’re now in the midst of the once far-off, “futuristic” time periods old books and movies used to...


Subscribe to get security news and updates in your inbox.