Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    BitSight Launches Forecasting Capability for Cyber-Risk

    By
    Sean Michael Kerner
    -
    September 5, 2018
    Share
    Facebook
    Twitter
    Linkedin
      BitSight Forecasting

      Security ratings firm BitSight announced on Sept. 5 that it is expanding its offerings with the launch of the new BitSight Forecasting service.

      The BitSight Forecasting capability builds on BitSight’s existing ratings service that helps organizations measure and benchmark cyber-security posture and maturity. With Forecasting, BitSight now enables organizations to estimate the impact of different technology and process changes on their cyber-security risk score.

      “As we have gotten broader adoption of our platform, we have seen organizations set targets for where they want to be,” Stephen Boyer, founder and CTO of BitSight, told eWEEK. “BitSight Forecasting is really a way to give teams a way to understand what performance will look like in six to 12 months and what are some of the key things they can do to reach their targets.”

      BitSight was founded in 2011 and launched its inaugural service for rating organizations’ cyber-security in 2013. The company has raised a total of $151 million in venture capital, including a $60 million Series D round announced on June 28 and $40 million in Series C funding announced  in September 2016.

      Boyer said that a common question that he has heard over the years from organizations is if they are spending enough on cyber-security. He noted that the question of how much is being spent isn’t always the right question; rather it’s more important to understand how different investments can lead to different outcomes and impact on an organization’s overall cyber-risk.

      Forecasting Risk

      Modeling cyber-risk to be able to forecast the impact of changes is not a trivial exercise. Boyer said that BitSight has a whole team of data scientists that continuously build and update forecasting models. Boyer added that BitSight is already tracking a large volume of companies through its existing rating service, which provides a valuable data set that informs the forecasting model.

      “In the world of Big Data, better data and more data wins,” he said. 

      Using the past history for a given organization, its’ peers in the same industry as well as other industries, Boyer said that BitSight builds out machine learning and statistical models from previous performance and then uses those models to forecast the future. The model enables BitSight Forecasting users to understand how different inputs and process changes will impact cyber-risk in the future.

      Making An Impact

      What makes an impact in one organization on future cyber-risk might not be the same for all organizations. For example, Boyer said that the Financial Services industry is generally already pretty good at patch management, but there are other areas where there are gaps such user access policies.

      “We’re measuring culture by proxy, we get to see outcomes that are a confluence of execution and culture,” Boyer said.

      Boyer said that improving security is not as easy as just telling every organization to go out and patch their system. Rather he said that there are different things that organizations can do including training, technology and process improvement that will yield different results based on each individual organization’s circumstances. That said, Boyer did note that almost every organization can benefit from the use of network isolation or segmentation technologies that can limit risk.

      There also isn’t always a direct relationship between financial investments in cyber-security and improved cyber-risk.

      “You could spend a lot of money on things that may not matter, that might not be directly impactful,” Boyer said. “We have seen organizations spend a lot of money updating certain services that no one uses, rather than focusing on where the attackers are going which are key asset and hosts.”

      Looking forward, Boyer said that BitSight will be working on ways to better integrate cyber-security ratings into business processes, in a more data driven and automated approach.

      “You’ll see from us in the future increasing visibility and higher degrees of collaboration capabilities to help organizations better quantify and manage their state of risk,” he said.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      Sean Michael Kerner
      Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×