BitSight is in the business of IT vendor risk management, essentially helping vet third-party providers to make sure they don’t open the door to attackers, put the company afoul of regulatory or compliance guidelines, or otherwise disrupt operations. After all, sensitive data exposed by a contractor is every bit as in-the-wind and damaging as data lost by an insider — just ask Target.