itb-au logo
Story image

BitSight enhances fourth-party risk management solution

19 Dec 2019

Security ratings solutions provider BitSight has introduced enhancements to its fourth-party risk management solution to provide deeper customer visibility into their extended business ecosystems.

The company explains that as organisations’ vendor and fourth-party ecosystems continue to expand, so does their risk surface; however, lack of visibility into that ecosystem and the cyber risk within it makes it difficult for them to understand and effectively manage that risk.

Despite new regulatory requirements, security and risk leaders are challenged to provide measurable updates and confidence to executives and board members about their fourth-party risk management and operational resiliency plans, BitSight continues.

BitSight for Fourth-Party enables customers to identify areas of business and cyber risk. It does this by automatically pinpointing connections between any organisation, its business partners, and potentially risky fourth parties.

Updates to the solution include expanded observable fourth-party datasets, including an enhanced user experience and 80 categories of technology service providers (e.g. hosting, DNS, CDN, security, expense management) and more than 11,000 technology products such as Amazon Web Services, Microsoft Azure, Dyn DNS, and Microsoft Office 365.

“Outages, disruptions and compromises affecting fourth-party service providers are becoming an increasing threat, while regulatory pressure on organisations to get a better handle on fourth-party risk continues to mount,” says BitSight’s vice president of product management, Vineet Seth.

“BitSight for Fourth-Party Risk Management equips organisations with the needed visibility to better evaluate and select vendors, identify common dependencies in order to triage and prioritise outreach to vendors, and continuously monitor fourth- and nth-parties to better manage cyber risk across the extended business ecosystem.”

BitSight states that the solution can offer the following information:

  • Improve visibility across their extended business ecosystem:
    • Identify connections across their extended ecosystem;
    • Continuously monitor and be alerted to newly uncovered and ended relationships;
    • Validate vendor assessment and questionnaire responses; and
    • Receive alerts when new relationships are developed that could pose risk.
       
  • Pinpoint concentration risk and achieve a higher level of business resilience:
    • Quickly identify and highlight risky business connections;
    • Explore and understand service provider dependencies for disaster recovery planning;
    • Know which products and vendors have the greatest potential for impacting an organisation’s level of risk;
    • Gain insights for disaster recovery planning, including downstream impact assessments, and streamline their breach response; and
    • Understand location risk by pinpointing services in the supply chain of specific regions.
       
  • Communicate effectively to internal and external stakeholders:
    • Generate dynamic reports to communicate oversight and governance to executives, board members, regulators, auditors and insurers; and
    • Leverage an intuitive, user-friendly dashboard with reports that instantly depict relationships between third- and fourth parties.
Story image
Extracting insights from data requires more than just a pretty dashboard
If you’re not sure where your data comes from, or how clean it is, you can’t trust the reports you generate from it. In some cases, if you don’t know what you have, you don’t even know how to ask the right questions. More
Story image
Slack unveils new security features as remote working skyrockets
Slack has introduced new security features, integrations and certifications to its platform in response to growing security concerns as more people work remotely.More
Story image
Banking and securities IT spending down, Gartner forecasts 2021 rebound
“With a better understanding of the impact of COVID-19, banks and securities firms are now accelerating automation initiatives, such as customer-facing chatbots, robotic process automation (RPA) and end-to-end account origination solutions."More
Download image
A guide to the email galaxy - and how to avoid catastrophic cyber threats
Some 60% of organisations believe it’s inevitable or likely they will suffer from an email-borne attack in the coming year.More
Story image
Internet outages drastically increased during COVID-19 lockdowns, report finds
Global internet disruptions increased 63% in March, with internet service providers hit the hardest. This is according to the 2020 Internet Performance Report from ThousandEyes, the internet and cloud intelligence company.More
Story image
Google and Amazon overtake Apple as most imitated brands - Check Point
Google and Amazon were the most imitated brands in phishing attempts for the second quarter of 2020, according to Check Point. More