Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    BitSight Launches Forecasting Capability for Cyber-Risk

    By
    SEAN MICHAEL KERNER
    -
    September 5, 2018
    Share
    Facebook
    Twitter
    Linkedin
      BitSight Forecasting

      Security ratings firm BitSight announced on Sept. 5 that it is expanding its offerings with the launch of the new BitSight Forecasting service.

      The BitSight Forecasting capability builds on BitSight’s existing ratings service that helps organizations measure and benchmark cyber-security posture and maturity. With Forecasting, BitSight now enables organizations to estimate the impact of different technology and process changes on their cyber-security risk score.

      “As we have gotten broader adoption of our platform, we have seen organizations set targets for where they want to be,” Stephen Boyer, founder and CTO of BitSight, told eWEEK. “BitSight Forecasting is really a way to give teams a way to understand what performance will look like in six to 12 months and what are some of the key things they can do to reach their targets.”

      BitSight was founded in 2011 and launched its inaugural service for rating organizations’ cyber-security in 2013. The company has raised a total of $151 million in venture capital, including a $60 million Series D round announced on June 28 and $40 million in Series C funding announced  in September 2016.

      Boyer said that a common question that he has heard over the years from organizations is if they are spending enough on cyber-security. He noted that the question of how much is being spent isn’t always the right question; rather it’s more important to understand how different investments can lead to different outcomes and impact on an organization’s overall cyber-risk.

      Forecasting Risk

      Modeling cyber-risk to be able to forecast the impact of changes is not a trivial exercise. Boyer said that BitSight has a whole team of data scientists that continuously build and update forecasting models. Boyer added that BitSight is already tracking a large volume of companies through its existing rating service, which provides a valuable data set that informs the forecasting model.

      “In the world of Big Data, better data and more data wins,” he said. 

      Using the past history for a given organization, its’ peers in the same industry as well as other industries, Boyer said that BitSight builds out machine learning and statistical models from previous performance and then uses those models to forecast the future. The model enables BitSight Forecasting users to understand how different inputs and process changes will impact cyber-risk in the future.

      Making An Impact

      What makes an impact in one organization on future cyber-risk might not be the same for all organizations. For example, Boyer said that the Financial Services industry is generally already pretty good at patch management, but there are other areas where there are gaps such user access policies.

      “We’re measuring culture by proxy, we get to see outcomes that are a confluence of execution and culture,” Boyer said.

      Boyer said that improving security is not as easy as just telling every organization to go out and patch their system. Rather he said that there are different things that organizations can do including training, technology and process improvement that will yield different results based on each individual organization’s circumstances. That said, Boyer did note that almost every organization can benefit from the use of network isolation or segmentation technologies that can limit risk.

      There also isn’t always a direct relationship between financial investments in cyber-security and improved cyber-risk.

      “You could spend a lot of money on things that may not matter, that might not be directly impactful,” Boyer said. “We have seen organizations spend a lot of money updating certain services that no one uses, rather than focusing on where the attackers are going which are key asset and hosts.”

      Looking forward, Boyer said that BitSight will be working on ways to better integrate cyber-security ratings into business processes, in a more data driven and automated approach.

      “You’ll see from us in the future increasing visibility and higher degrees of collaboration capabilities to help organizations better quantify and manage their state of risk,” he said.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×