BitSight and Telefónica Deliver Enhanced Visibility into Supply Chain Risk with Continuous Monitoring

Security Ratings Market Leader Expands Global Reach with New Strategic Alliance

BitSight, the Standard in Security Ratings and ElevenPaths, Telefónica Cybersecurity Unit specializing in the development of innovative security solutions, today announced a new alliance that will enhance visibility into supply chain risk for Telefónica customers worldwide.

The agreement between BitSight and ElevenPaths provides Telefónica customers with access to the BitSight Security Ratings Platform for security benchmarking and continuous supply chain risk management. This new offering will be part of CyberThreats, ElevenPaths’ threat intelligence service, delivering:

  • Objective, outside-in ratings measuring the security performance of individual organizations within the supply chain.
  • Comprehensive insight into the aggregate cybersecurity risk of the entire supply chain, with the ability to quickly generate context around emerging risks.
  • Actionable information included in Security Ratings that can be used to communicate with third parties and mitigate identified risks. 

Using evidence of security incidents from networks around the world, the BitSight Security Ratings Platform applies sophisticated algorithms to produce daily security ratings for organizations, ranging from 250 to 900, where higher ratings equate to lower risk. Previous studies from BitSight, independently verified by third parties, show that companies with a Security Rating of 500 or lower are almost five times more likely to experience a publicly disclosed breach than companies with a Security Rating of 700 or higher.

“As an organization’s supply chain and network of vendors and third parties grow, so does the risk of a potential breach. For most companies, it is essential that third parties have access to sensitive systems and files in order to effectively conduct business. The challenge is how to continuously assess those vendors’ security practices,” said Nikolaos Tsouroulas, Head of Cybersecurity Product Management, for ElevenPaths. “For the first time, we are offering our customers a scalable solution for continuous visibility into the security posture of their own organizations and their entire supply chain, through BitSight’s trusted and time-tested technology.”

Data from Tacyt, the cyber intelligence mobile threat tool developed by ElevenPaths, will also be integrated into the BitSight Security Ratings Platform for Telefónica customers to enhance an organization’s view into mobile app risks posed in the supply chain.

"Traditional strategies and existing tools for measuring and mitigating third party risk are not designed to address the new and rapidly accelerating stream of constant threats," said Dave Fachetti, SVP of partnerships for BitSight.  "BitSight's Security Ratings Platform delivers visibility into dynamic risks that are accelerating faster than traditional methods can scale, without being intrusive or resource-heavy.  We're excited about bringing our unique solution to market with such a strong global partner, while expanding our reach around the world."

About BitSight

BitSight is transforming how companies manage information security risk with trusted, time-tested and actionable Security Ratings. Founded in 2011, the company built its Security Ratings Platform to continuously analyze vast amounts of external data on security issues and behaviors in order to help organizations manage third party risk, underwrite cyber insurance policies, benchmark performance, conduct M&A due diligence and assess aggregate risk. Seven of the top 10 cyber insurers, 80 Fortune 500 companies, and 3 of the top 5 investment banks rely on BitSight to manage cyber risks. For more information, please visit, read our blog or follow @BitSight on Twitter.

About ElevenPaths

At ElevenPaths we believe in the idea of challenging the current state of security, an attribute that must always be present in technology. We’re always redefining the relationship between security and people, with the aim of creating innovative security products which can transform the concept of security, thus keeping us one step ahead of attackers, who are increasingly present in our digital life.

More information: