Additional functionality added to the fourth-party risk solution providing better visibility and insights into vendor risk
BOSTON – Nov. 16, 2022 – BitSight, the Standard in Security Ratings, today announced that it has enhanced its Third-Party Risk Management (TPRM) platform to provide additional insights to customers, helping them to more proactively detect and mitigate vulnerabilities and exposure across their third-party vendor ecosystem. BitSight also expanded its Fourth-Party Risk Management solution to increase visibility into risk across an organization's extended supply chain and to help manage and prioritize mitigation efforts more efficiently.
Third-Party Vulnerability Detection helps organizations to uncover, attribute, and prioritize vulnerabilities and exposures. Risk managers can use these real-time insights to respond to major security events, and in their ongoing efforts to find and remediate threats within their vendor portfolio. These enhancements allow users to save time by prioritizing vendor outreach efforts, easily access critical vulnerability data, and build stronger vendor relationships through timely and evidence-based collaboration.
"When Zero Days and other major security events occur, organizations struggle to quickly understand, remediate, and report on their exposure," said Vanessa Jankowski, Vice President and General Manager of Third Party Risk Management, BitSight. "This new capability from BitSight enables organizations to uncover, prioritize, and respond to vulnerabilities and other exposure across their vendor ecosystem. With easy access to vulnerability data that scales across an entire third-party portfolio, customers can now take action on high-priority incidents quickly, while surfacing critical information to board members and executive-level stakeholders."
BitSight also announced that it has enhanced the fourth-party capabilities within its platform by providing critical data and insights to help customers gain better visibility into concentrated risk within their extended supply chain, and more easily communicate risk emanating from fourth-party service providers.
"Customers are trying to understand the state of cyber risk not only in their third-party portfolio but in their extended digital footprint," continued Jankowski. "We’re seeing networks of fourth-party vendor relationships that are indirect and increasingly complicated, making it necessary to prioritize based on impact. BitSight’s enhanced fourth-party risk management capability automatically discovers service providers and products in use across the extended ecosystem, surfaces areas of risk based on concentration and fourth-party security posture, and provides visibility into fourth-party security incidents. Together, customers can connect concentration risk and security risk, allowing them to prioritize across an extended network that often goes unmanaged."
BitSight provides a complete Third-Party Risk Management offering with solutions for continuously monitoring vendor security performance, measuring security controls, mitigating supply chain risk, and quantifying cyber risk for business leaders. In September, as part of its acquisition of ThirdPartyTrust, BitSight launched its new Vendor Risk Management product to help address the evolving needs of third-party risk managers and provide customers with the tools they need to successfully manage vendor risk in one place, from procurement all the way through the lifecycle of the vendor relationship.
BitSight creates trust in the digital economy and transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk. With the largest ecosystem of users and information, BitSight is the Standard in Security Ratings. For more information, please visit www.bitsight.com, read our blog or follow @BitSight on Twitter.