All of those factors are then boiled down into scores. For instance, the security-rating firm BitSight Technologies Inc., rates companies on a scale of 250 to 900, with scores below 500 considered poor and above 700 considered good. Companies at the low end of the scale are five times more likely to suffer a data breach than a company at the high end of the scale, according to Stephen Boyer, BitSight’s chief technology officer. The company also serves companies seeking insight into the security of vendors, partners or acquisition targets, as well as their own operations.