BitSight Introduces Portfolio Thresholds and Analytics to Empower Vendor Risk Decision Making

New Capabilities Provide Alerts and Visibility Into Risk Level Changes Within An Entire Portfolio of Vendors

BitSight, the standard in Security Ratings, today released new Security Ratings Platform enhancements, which enable organizations to gain actionable insights into the aggregate cybersecurity risk of their vendors. The BitSight Portfolio Quality Dashboard provides thresholds, alerts and notifications, and detailed analysis around vendor risk, allowing users to instantly identify and continuously monitor trends and shifts in the cybersecurity posture of their entire vendor ecosystem, as well as compare their aggregate risk against a broader universe of companies.


With comprehensive insight into the ever-changing security posture of their vendors, companies use BitSight to take a proactive approach to risk management by focusing on the vendors and security issues that pose the most immediate risk. Previous studies from BitSight, independently verified by third parties, show that companies with a security rating of 400 or lower are more than five times likely to experience a publicly disclosed breach than companies with a security rating of 700 or higher. BitSight has further enhanced its Security Ratings Platform with thresholds backed by this correlation research that enable customers to easily assess whether any of their vendors fall within certain risk zones. If any vendors are within or move down to a lower bracket, organizations can leverage BitSight’s Enable Vendor Access capability to share access to the platform and empower vendors to do their own remediation.

“Security Ratings have emerged as a critical risk management capability by driving activities that reduce risk across organizations’ ecosystems,” said Stephen Boyer, co-founder and CTO of BitSight. “The BitSight platform has become more than just a tool for security ratings – it’s now a Platform for Information Exchange where customers actively analyze security risk and take coordinated, collaborative action to remediate cybersecurity issues.”

The enhanced BitSight Portfolio Quality Dashboard is supported by a powerful reporting engine that generates interactive reports depicting the security ratings of an organization’s entire vendor portfolio and delivers the following features and benefits:

  • Alerting capabilities for critical portfolio rating changes to help ensure that organizations manage risks as quickly as they emerge.
  • Aggregated risk level changes of vendor ratings between rating categories over time, which helps teams better understand the probability of a breach across their entire portfolio of vendors.
  • Ability to leverage proven correlation data to drill down and instantly gain visibility into vendors with an elevated risk of a data breach, enabling collaborative and productive discussions with each vendor.
  • Insight into how an organization’s third party ratings fare against the entire BitSight index of rated companies, which helps teams benchmark the performance of their portfolio.

For more information about the BitSight Security Ratings Platform, visit