Bitsight unveils fully integrated solution for managing entire third-party risk lifecycle

Feb. 21, 2024
The combined solution arrives amidst growing demands to comply with NIS2, DORA, SEC and other cyber security regulations.

BOSTONFeb. 21, 2024 -- Bitsight, a leader in cyber risk management, today announced the launch of the industry's first fully-integrated Third-Party Risk Management solution to help enterprise risk and security leaders protect the digital supply chain. By combining Vendor Risk Management and Continuous Monitoring into a single platform, enterprise teams can assess vendor health, manage onboarding, monitor vendor security hygiene, and respond to security incidents.

"Third-party vendors often present the single biggest risk to enterprise security," said Vanessa Jankowski, SVP, Applications & Data Products at Bitsight. "But more than half of risk and security teams lack the tools and people to combat it. By combining automation and workflows with the power of Bitsight data, we help unlock exponential efficiency gains, making it possible for companies to secure the digital supply chain and focus on what matters — protecting the business." 

High-profile breaches arising from vulnerabilities in integrated providers like MOVEit and SolarWinds have prompted renewed focus on enterprise Third-Party Risk Management.  The annual Threat Landscape Report from the European Union Agency for Cybersecurity shows that an "astonishing 61% of companies have been impacted by a software supply chain attack in the last twelve months." They estimate that the costs placed on businesses resulting from these attacks will grow 76% by 2026.2

Over 40K Vendor Profiles Help Jumpstart Third-Party Risk Programs

With a growing network of more than 40,000 pre-populated and updated vendor profiles, Bitsight's integrated Vendor Risk Management and Continuous Monitoring solution helps risk teams automate workflows, track vendor status, and create world-class third-party risk and compliance programs. 

"We save hundreds of hours annually by using Bitsight," said Elizabeth Olson Lennon, Director of Vendor Management, Alameda Alliances for Health. "We've integrated Bitsight Vendor Risk Management into our onboarding and evaluation process, and it's helped us identify the actual risk level associated with vendors."

Customers leveraging Bitsight TPRM solutions today have seen upwards of a 3x return on investment in 6 months, a 50% reduction in vendor monitoring time, and a 75% reduction in the time it takes to onboard vendors.This allows teams to save time on vendor administration, enabling them to focus more on building resilience against supply chain attacks.

NIS2, DORA and SEC Cyber Regulations Highlight the Need for Action

Security and risk teams are looking for efficiencies as more cyber reporting and compliance requirements are placed on them through global cyber regulations. The Securities and Exchange commission recently published new rules on cyber risk management while enforcement of the Network and Security Directive (NIS2) and Digital Operational Resilience Act (DORA) in the European Union continues to ramp up. 

"The challenge now is not only about protecting the organization, but complying with an ever increasing tsunami of cyber regulations around the world," said Tim Grieveson, former CSO & SVP Information Security at AVEVA and now Global Cyber Risk Advisor at Bitsight. "Being able to not only see, but communicate the effectiveness of security programs across the digital ecosystem is essential. This is what we enable companies to deliver with actionable, prioritized insights and data trusted by the world's leading brands, insurance providers and industry organizations."

To learn more about Bitsight's offerings for Vendor Risk Management and Third-Party Risk Management, visit: www.bitsight.com.

1 Customer growth from Feb 1 2023 to Feb 1 2024
2 https://www.enisa.europa.eu/publications/enisa-threat-landscape-2023
3 As reported by existing Bitsight customers.