New Bitsight Executive Reporting Engine Enables First Easy and Effective Presentation of Cybersecurity and Vendor Risk to Board Members and Senior Executives

Bitsight Executive Reports Deliver Actionable Metrics that Foster More Educated and Powerful Business Decisions About Cybersecurity Risk

Bitsight, the Standard in Security Ratings, today announced the general availability of Bitsight Executive Reports, the first security ratings-based executive reporting engine to enable board members and executives to properly measure their organization’s third-party cyber risk. With the ability to produce flexible, customized reports on the security performance of third parties, organizations will not only be more empowered to take the appropriate steps to mitigate risk, but also make strategic decisions to optimize their security and risk programs.

“Cybersecurity is a board-level issue. Now more than ever, security and risk professionals are tasked with sharing security performance data on their organization with senior executives and the board,” said Tom Turner, President and CEO of Bitsight. “As we have seen in recent breaches, any vendor or third-party with access to an organization’s sensitive data poses a risk, therefore, it isn’t enough to only continuously monitor your own security. It is critical that the security of third and even fourth parties is continuously monitored. Compiling this data is challenging, and Executive Reporting is designed to enable organizations to quickly gain insights into the performance of their security and risk programs and look for areas of improvement across their ecosystem.”

According to James Lam, a noted risk management expert and public company director, “When it comes to risks related to cybersecurity and third party management, directors need useful, risk-based metrics to fulfill their fiduciary responsibility and provide program oversight. The quality of metrics and reporting directly influence the quality of discussions and decisions. However, many companies today are challenged to develop useful metrics to monitor cyber and third-party risks as part of their enterprise risk management programs. Bitsight’s Executive Reports represent a major advancement that will help drive meaningful board-level discussions with assessable, comparative, and actionable metrics.”

As part of the Bitsight Security Ratings Platform, Executive Reports enables customers to identify and report on gaps in their risk and security programs, as well as determine what resources are needed most for improvement.

Bitsight Executive Reports Deliver:

  1. Streamlined creation of reports, keeping all business units informed of the performance of security and risk programs, and the security performance of critical third parties.
  2. Effective metrics to inform organizations where to allocate resources to reduce cyber risk in their ecosystem, as well as data for the potential escalation or negotiation of strategic vendor relationships, or a change in contractual or legal procedures with vendors in regard to cybersecurity.
  3. Customer-defined reporting and the ability to query all data in the Bitsight Security Ratings platform, at a high-level or in granular detail, including forensics, compromised machines, security diligence, user behavior, ratings history, network and domain infrastructure.
  4. Over a dozen readily-available reports on security ratings, compromised systems, user behavior risks, security diligence, network infrastructure, and domain infrastructure for organizations and their vendor portfolio. 

Bitsight pioneered the Security Rating Services market in 2011, and strives to help all organizations identify and manage cyber risk. The Bitsight Security Ratings Platform generates objective, outside-in ratings on companies’ security performance. Using evidence of security outcomes from networks around the world, Bitsight applies sophisticated algorithms to produce daily security ratings ranging from 250 to 900, where higher ratings equate to lower risk.

For more information on Executive Reports, visit

About Bitsight

Bitsight is transforming how companies manage information security risk with trusted, time-tested and actionable security ratings. Founded in 2011, the company built its Security Ratings Platform to continuously analyze vast amounts of external data on security issues and behaviors in order to help organizations manage third party risk, underwrite cyber insurance policies, benchmark performance, conduct M&A due diligence and assess aggregate risk. Seven of the top 10 cyber insurers, 80 Fortune 500 companies, and 3 of the top 5 investment banks rely on Bitsight to manage cyber risks. For more information, please visit, read our blog or follow @Bitsight on Twitter.