Security Ratings Critical to Addressing Society's Cybersecurity Challenges
2018 presented significant cyber risk management challenges for global organisations and their stakeholders. Cyber-attacks -- many successful through infiltration of third-party contractors, vendors, and suppliers -- caused material financial and reputational harm to organisations, as well as operational disruption. New regulations -- GDPR, NYDFS, and others -- highlighted the critical role that executives and Boards play in overseeing cyber risk and the importance of building robust third-party cyber risk management programs. These trends will continue in 2019 and beyond.
Security ratings can help society address these critical challenges. Security ratings increase transparency about cybersecurity, enabling dynamic, informed interactions between global market participants and incentivising a more secure global ecosystem. Industry analysts at independent research firms Gartner and Forrester have recognised the important role of security ratings solutions in helping organisations manage and reduce cyber risk.
BitSight has created the most productive security ratings platform in the world. A security ratings platform's value increases as each participant engages in more of the platform's intended uses; thus, the platform with the largest number of participants across the largest number of use cases is the most efficient, useful, productive platform and most likely to have the desired global impact in addressing cyber risk.
In 2018, BitSight's platform set new performance records:
• 1,500+ customers, including over a quarter of the Fortune 500, actively engaged on the platform.
• 25,000+ users actively monitoring 160,000 organisations.
• 100,000+ unique pieces of user-generated data, providing greater insight and context for all users across all use cases.
• Increased the scope and volume of data collected to more than 120 billion pieces of security data, providing greater insight into the security performance of organisations across 23 different risk vectors.
• Addressing a variety of critical, interconnected internal and external use cases at scale:
o 850+ customers leveraging BitSight for third party risk management.
o 1150+ customers leveraging BitSight for their own security performance management.
o 50+ global government agencies and regulators leveraging BitSight ratings, including financial regulators and critical infrastructure regulators in the US, Europe, Middle East, and Asia/Pacific.
o Nearly 50% of global cyber insurance premium is written by BitSight's insurance customers.
• BitSight was named a Leader in The Forrester New Wave™: Cybersecurity Risk Rating Solutions, Q4 2018, receiving a differentiated rating (the highest possible rating) in seven criteria.
Over the last five years, BitSight built the most valuable security ratings platform by delivering innovative products, features, and insights to customers. In 2018, these innovations included:
• Vendor Risk Matrix, allowing users to perform critical risk analysis and remediation prioritisation of their third-party ecosystem.
• Asset Risk Matrix, the market's first AI-driven asset prioritisation tool, enabled by BitSight's advanced data collection and data science capabilities.
• Forecasting, the first analytics offering in the Security Rating Services industry to provide direct visibility into an organisation's current and future security program, as well as insights into the efficacy of its investments and initiatives.
• Partnering with Verizon on the Verizon Risk Report, an automated, comprehensive security risk scoring framework that identifies current security gaps, weaknesses and associated risks on a daily basis.
• Partnering with IHS Markit to create Research Signals: Cybersecurity Factors, providing asset managers with critical cybersecurity intelligence on organisations worldwide, allowing them to incorporate cybersecurity into their investment decision-making processes.
BitSight generated critical insights for customers and the market in 2018, including:
• Leading a conversation about the "Intersection of Business and Cyber Risk" at EXCHANGE, BitSight's inaugural event in New York City. EXCHANGE was attended by over 150 senior executives and business leaders who gathered to network, collaborate and share best practices to measure and minimise cyber risk. BitSight plans to host EXCHANGE 2019 again in the fall in New York City.
• Published research, including an assessment of U.S. Government contractor cybersecurity performance, a new report designed exclusively for corporate board members, critical analysis into mobile application security and other critical cyber risks affecting organisations, and critical insight for policymakers about the potential impact of GDPR regulations on the security performance of European organisations.
• Research published by IHS Markit leveraging BitSight data, which demonstrated signal in BitSight's data that is useful in investment decision-making.
BitSight is able to provide these capabilities to the market by building a world-class business:
• BitSight hires and nurtures world-class talent: in 2018, BitSight hired over 130 new employees, bringing the total number of employees to more than 400, with plans to exceed 500 in 2019.
• In 2018, BitSight made strategic hires of industry veterans focused on customer success, long-term growth, and strategy, including: Dave McCann, Vice President of Customer Success and Support; Vineet Seth, Vice President of Product; John Kelly, Vice President of Worldwide Channels; and Jim McInerny, Vice President of Worldwide Commercial Sales.
• BitSight promoted key contributors in 2018, including: Marc Light, Vice President of Data and Research; John Truelove, Vice President of Engineering; Matt Cherian, Vice President of Strategic Partnerships; Dave Fachetti, Executive Vice President of Strategy and Chief Marketing Officer.
• The company is fully capitalised after raising $60 million in a Series D round led by Warburg Pincus, with participation from existing investors Menlo Ventures, GGV Capital and Singtel Innov8.
• BitSight's relocation of headquarters to Boston's Back Bay provides the company with the ideal environment to keep pace with its tremendous business, customer and employee growth. BitSight also expanded office space in Raleigh and moved into a new facility in Lisbon, Portugal.
• BitSight continues to leverage strategic channel relationships to meet increasing customer demand, growing channel revenue 68 percent year-over-year.
In 2019, BitSight will continue to expand the company's market-leading position across all of the interconnected use cases with a planned focus on allowing security leaders to perform strategic planning and analysis on their own organisation. Empowering organisations to better understand and address security issues within their own environment will measurably benefit the broader ecosystem of BitSight users.