BitSight Delivers First Objective Measurement of National Cybersecurity Risk

BitSight Sovereign Security Ratings Enable Governments to Continuously Monitor Cybersecurity Risks In Their Countries

BitSight, the Standard in Security Ratings, today announced the general availability of Sovereign Security Ratings, the first objective measurement of national cybersecurity risk. Sovereign Security Ratings enable national intelligence and law enforcement organizations to align security initiatives within a country and its industries, identify risks and vulnerabilities, and drive improvement through a nation’s critical infrastructure organizations.

Governments tasked with securing their nation’s critical infrastructure from cyber threats are often left without credible context when processing security intelligence. BitSight’s Sovereign Security Ratings synthesize cybersecurity data, allowing analysts to benchmark the security and risk posture of multiple countries and industries in one view. With this information, government organizations glean intelligent and actionable insights into threats and can initiate remediation with the appropriate parties.

As part of the BitSight Security Ratings Platform, the Sovereign Security Ratings portal also allows organizations to investigate cyber threats at a country-wide scope, using historical forensics within their given country. Security practitioners can use this feature to analyze whether a specific cyber threat affects organizations in their country.

“We want to extend the trusted, time-tested, and actionable benefits of Security Ratings to government agencies and organizations, allowing them to assess cyber risk on a national scale,” said Stephen Boyer, co-founder and CTO for BitSight. “While many organizations leverage a variety of intelligence feeds, they struggle to find an objective measurement of security performance at a national level. They also lack the ability to benchmark the security performance at a country-by-country or industry-by-industry level. Sovereign Security Ratings provide greater context, allowing organizations to understand their level of cyber risk relative to others. There is no other equivalent offering on the market. Today’s announcement marks another industry first for BitSight.”

Sovereign Security Ratings Deliver:

  1. Global Security Benchmarking: An innovative way to assess country and industry cybersecurity risk exposure, enabling national agencies to self-assess their cybersecurity capabilities. Governments can then compare industries and critical infrastructure companies against counterparts in other nations.
  2. Portfolio Analytics: The ability to continuously monitor and compare the security performance of critical infrastructure companies.
  3. Forensics: Access to forensic details and readily available infection data to facilitate remediation.

BitSight pioneered the Security Rating Services market in 2011, and strives to help all organizations identify and manage cyber risk. The BitSight Security Ratings Platform generates objective, outside-in ratings on companies’ security performance. Using evidence of security outcomes from networks around the world, BitSight applies sophisticated algorithms to produce daily security ratings ranging from 250 to 900, where higher ratings equate to lower risk.

For more information on Sovereign Security Ratings, visit

About BitSight

BitSight is transforming how companies manage information security risk with objective, verifiable and actionable Security Ratings. Founded in 2011, the company built its Security Ratings Platform to continuously analyze vast amounts of external data on security issues and behaviors in order to help organizations manage third party risk, underwrite cyber insurance policies, benchmark performance, conduct M&A due diligence and assess aggregate risk. Seven of the top 10 cyber insurers, 80 Fortune 500 companies, and 3 of the top 5 investment banks rely on BitSight to manage cyber risks. For more information, please visit, read our blog or follow @BitSight on Twitter.