Security Ratings: A Big Data Approach to Measuring and Mitigating Security Risk

Manage webcast
Stephen Boyer of BitSight Technologies and Oliver Brew of Liberty International Underwriters
The increasing volume of breaches we hear about in the news highlights the challenge risk managers face in working to address cyber risk. Current assessment methods, while insightful, are inadequate due to the pace at which security postures change, leaving organizations vulnerable and exposed in the blink of an eye. In order to truly reduce security risk, managers need more insight and better tools that allow for continuous visibility into the ever-changing network environments they are administering.

Join Stephen Boyer, CTO and co-founder of BitSight Technologies, and Oliver Brew, Vice President of Professional Liability at Liberty International Underwriters (LIU) for this webinar to discover:

- Why measuring security risk is difficult and how some assessment methods leave organizations vulnerable to threats and financial loss

- How forward-looking organizations are using Big Data to reduce risk, increase transparency and address new regulatory requirements

- Case Study: How LIU is using Security Ratings to mitigate risk
Apr 17 2014
46 mins
Security Ratings: A Big Data Approach to Measuring and Mitigating Security Risk
More from this community:

IT Security

  • Live and recorded (5851)
  • Upcoming (122)
  • Date
  • Rating
  • Views
  • Channel
  • Channel profile
  • Legal Requirements in Third Party Cyber Risk Management Jul 22 2015 3:00 pm UTC 45 mins
    Jake Olcott, VP of Business Development, BitSight
    In recent years, third party cyber risk management has become increasingly challenging as businesses become interconnected. Major breaches caused by insecure third parties have raised public awareness of the problem. New legal requirements are shaping the way that organizations build and monitor their third party cyber risk management programs.
    Join Jake Olcott, VP of Business Development at BitSight and guest panelists as they discuss some of the legal precedents and requirements in this emerging field.

    Attendees will learn about:

    - Existing and evolving legal obligations to manage the cyber risk of third parties and vendors in industries like retail, healthcare, defense, and finance.
    - Issues that lawyers face in helping organizations manage third party cyber risk, including negotiating contract requirements for breach notification, assessing written questionnaires, and performing on-site vendor risk assessments.
    - Emerging "standards of care" for third party cyber risk management.
  • Risk Mitigation Services in Cyber Insurance Underwriting Recorded: Jun 30 2015 57 mins
    Tracie Grella, Advisen; Neeraj Sahni, FINEX; Ira Scharf, BitSight Technologies
    Cyber insurance is becoming an increasingly competitive market. In order to differentiate their offerings, underwriters are beginning to offer unique risk mitigation services to their insureds. But with all the noise in this space, how do risk managers find and choose the policy that is best for them?

    In this webinar hosted by Advisen, Tracie Grella, Global Head of Professional Liability at the world's largest insurer, AIG, Neeraj Sahni, Vice President, FINEX North America—Cyber and Technology Risks at Willis, and Ira Scharf, General Manager of Cyber Insurance at BitSight Technologies, to learn how underwriters, brokers and technology firms are working together to bring risk mitigation services to their clients

    Join this webinar to learn:

    - How cyber coverage has evolved
    - How the insurance market is bringing value related to cyber risks
    - How risk mitigation services lower expected costs and help insurers do a better job of underwriting
    - Why risk mitigation services and cyber insurance create a safer cyber ecosystem
  • Looking from the Outside In: Implementing Data-Driven Security Practices Recorded: Jun 17 2015 47 mins
    Bob Rudis, Security Data Scientist, Verizon and Stephen Boyer, CTO and Cofounder, BitSight Technologies
    As Internet threats continue to evolve and emerge, how can companies keep up? Security practitioners need actionable information in order to identify and remediate incidents as quickly as possible.

    Following their contributions to the 2015 Verizon Data Breach Investigation Report (DBIR), Bob Rudis, Verizon Security Data Scientist, and Stephen Boyer, BitSight Co-Founder and CTO, will discuss how to implement a security practice that has data analysis at the heart of the decision-making process. This use-case based presentation will talk about the lifecycle of transitioning data use from an art to a science that can be reproduced across organizations.

    Attendees will learn:
    - How to establish a baseline of data analysis to assess security performance
    - About the skills required to practice data science for security
    - How historical analysis of security data can be used in order to benchmark security performance, manage third party risk and assess cyber risk in underwriting
  • Cyber Insurance Underwriting - A High-Tech Discipline? Recorded: May 28 2015 56 mins
    Ira Scharf, GM of Insurance, BitSight and Advisen Insurance Intelligence
    The cyber market is an ever-changing industry. So how are insurance carriers currently assessing the risks their insured face? And how are they mitigating those risks?

    In this webinar, Ira Scharf, our GM of Insurance, teams up with Advisen Insurance Intelligence to discuss how cyber exposures have grown and changed over the last 20 years, and how the insurance product has evolved to keep pace.

    Watch this on-demand webinar to:

    learn exactly how the underwriting process has developed over the years,
    hear experts discuss the current trends in the industry, and
    find out the latest tools carriers are adopting to better assess corporation’s cyber preparedness.
  • Security Ratings by the Numbers: Taking Mountains of Data to Create Risk Metrics Recorded: May 13 2015 38 mins
    Mike Woodward, Program Director of Data, BitSight
    Every day BitSight processes and synthesizes tens of billions of events into easy-to-understand, high-quality security ratings. These ratings empower organizations to confidently assess and manage their security performance and that of peers, vendors, insureds, and acquisition targets.

    Join Mike Woodward, BitSight’s Program Director of Data, to learn how the data scientists and researchers at BitSight collect, analyze, and process all of this data to produce actionable and insightful Security Ratings.

    Attendees will also learn:

    How BitSight calculates ratings using a wide variety of risk vectors including security events, diligence factors and user behaviors

    The importance of comprehensive network footprint maps in producing industry standard security ratings

    Why monitoring performance over time can be beneficial for identifying trends and new risk indicators

    The ways customers are using Security Ratings to manage third party risk, benchmark security performance, assess and negotiate cyber insurance premiums, and remediate security risk involved in mergers and acquisitions.
  • Managing Cyber Risk In Your Vendor Ecosystem Recorded: Apr 28 2015 64 mins
    Stephen Boyer, Co-Founder and CTO , BitSight; Mike Rothman, President, Securosis
    Sharing network access and sensitive information with your business
    partners could be putting you at risk of third-party breach. These
    breaches can be very damaging and may account for major losses in
    data, time, and resources. If you’re looking for a better risk
    management method, you’re not alone.

    Watch this webinar to will learn more about:

    - Security risks that could be facing your corporation today.
    - How you can utilize selection criteria to build the best solution.
    - Methods you can use to assess partner security risk.
    - How to make better risk-based decisions by factoring in the security
    posture of your organization.
  • Beware the Botnets: Botnets as an Indicator of Breach Likelihood Recorded: Apr 28 2015 36 mins
    Stephen Boyer, Co-Founder and CTO , BitSight
    A 2015 PwC survey found that 96% of CEO’s in the US have indicated rising concern about data breaches - and rightly so. With the record-breaking breaches of 2014 barely behind us, organizations want to take steps to avoid becoming the next victim and are looking for signs that can indicate troubling performance. BitSight Technologies may have found one such indicator. Using their Security Ratings data, recent research shows a solid correlation between a company’s botnet grade and their likelihood of experiencing a publicly disclosed breach, demonstrating that Security Ratings are a powerful metric for communicating cyber risk across the enterprise.

    Join BitSight CTO and Cofounder Stephen Boyer to discuss this research and to learn why continuous security performance monitoring should be an essential part of your enterprise risk management strategy.

    Attendees will learn:
    -What is the correlation between botnet grades and publicly disclosed breaches
    -Why botnet grades vary across key industries and what the top infections are by sector
    -How Security Ratings are generated and the impact botnets and other risk vectors have on these security performance metrics
  • From the SOC to the BOD: The Board’s Role in Cyber Security Recorded: Mar 26 2015 48 mins
    Donna Dabney, Executive Director of The Conference Board Governance Center; Bill Ide, Partner at McKenna Long & Aldridge
    As major breaches cause financial and reputational damage to businesses across all industries, there is a push for cyber security to become a board level issue. A recent survey from BDO International found 59% of board directors have become more involved in cyber security within the past twelve months. But how can board members unfamiliar with the ins and outs of network security effectively manage these risks?

    Join BitSight’s VP of Business Development, Jacob Olcott, Partner at McKenna Long & Aldridge, Bill Ide and the Executive Director of The Conference Board Governance Center, Donna Dabney on Thursday, March 26 at 11:00am EDT for an online roundtable discussion on board involvement in cyber security. The panelists will discuss how both security leaders and board members should approach the communication and management of cyber risks in the enterprise.

    Attendees will also learn:

    - What cyber security metrics are most important for the board
    - Methods for security leaders to communicate cyber issues across the enterprise
    - How BitSight’s platform enables communication on security performance throughout the enterprise
  • BitSight Security Ratings Product Demo Recorded: Mar 24 2015 37 mins
    Mathew Cherian, Product Manager, BitSight
    BitSight Security Ratings are an automated, data-driven assessment of network security performance that are being used by leading organizations to:

    - Benchmark Security Performance: Measure the impact of your security program & communicate key performance metrics with the board.

    - Manage Third Party Cyber Risk: Continuously monitor security performance in third party networks and be alerted to potential security issues that put your information at risk.

    - Underwrite Cyber Insurance: Assess security performance of potential insureds to reduce underwriting risk.

    Join us to see how easily you can quantitatively monitor your security performance today.
  • Security Rivals? The Value of Measuring & Comparing Network Security Performance Recorded: Feb 27 2015 50 mins
    Stephen Boyer, CTO & Co-Founder, BitSight Technologies; Rebecca Sandlin, CIO, Roanoke College
    Who has earned the bragging rights as the most secure college athletic conference?

    Colleges have rivals both on the football field and in the classrooms, but how do they fare in security performance? Watch this webinar featuring Stephen Boyer, CTO and Co-Founder of BitSight Technologies, and Rebecca Sandlin, CIO of Roanoke College, to learn how the major athletic conferences compared in key security performance metrics. There is also a discussion about why security benchmarking is so significant in education.

    Watch this webinar to discover:

    - The unique challenges higher education faces in securing their networks and how benchmarking can help
    - Why performance varies across the industry, and how that translates into actionable intelligence for security teams
    - How Security Ratings are enabling Roanoke College to gain tremendous insights about security strategy and performance issues that they can share with their board.
  • Continuous Third Party Monitoring Powers Business Objectives Recorded: Feb 26 2015 48 mins
    Stephen Boyer, CTO & Co-Founder, BitSight Technologies; Featuring Renee Murphy, Senior Analyst, Forrester Research
    While many companies focus their effort on reducing cybersecurity risk, more threats are being discovered daily. Point-in-time, subjective questionnaires are not in line with the new regulations requiring continuous monitoring of vendors, partners and other third parties.

    In “Continuous Third Party Monitoring Powers Business Objectives,” BitSight CTO and Co-founder Stephen Boyer and guest speaker, Forrester Research Senior Analyst Renee Murphy will discuss the value businesses are finding in using a solution that has a constant eye on third party cyber threats.

    Boyer and Murphy will also discuss:

    - The results of the study BitSight commissioned Forrester Consulting to undertake, examining how IT decision-makers feel about objective, reliable and continuous monitoring.
    - What can be done beyond compliance to increase security performance.
    - Which industries stand to benefit most from using automated, objective information security data.
    - Specific use cases for continuous monitoring and how they help companies improve information security performance.
  • 'Tis the Season for Safer Shopping? An analysis of retail security performance Recorded: Jan 30 2015 37 mins
    Stephen Boyer, CTO & Co-Founder, BitSight Technologies
    Are retailers more secure now than last year? The retail industry has been a common target for data breaches, especially in the past year. Since the Target breach in December 2013, there has been at least one major breach reported every month. What makes retailers so vulnerable to cyber threats?

    Join Stephen Boyer, CTO of BitSight Technologies, for this webinar to learn:

    -How third parties make retailers more vulnerable to attack
    -Which security metrics can serve as meaningful performance indicators
    -How continuous performance monitoring can make retailers (and other companies) safer
    -What can be learned from benchmarking security performance against competitors and the industry.
  • The Overlooked Aspect of M&A Due Diligence: Info Security Risk Recorded: Jan 28 2015 43 mins
    Stephen Boyer, CTO & Co-Founder, BitSight Technologies
    Companies must assess many different risks when planning to acquire another business. The information security risk that a given company presents is an often-overlooked element during the M&A process, but its importance is growing with the proliferation of cyber attacks.

    During this webinar, BitSight CTO and Co-Founder Stephen Boyer will show you how to use Security Ratings to quickly and accurately assess the security risk an acquisition target brings to your information ecosystem.

    He will also explain:

    - How Security Ratings can help not just before, but also during and after the acquisition to make your entire network safer
    - The value of analyzing risk using Security Ratings
    - A case study of a customer using Security Ratings to drive risk-based conversations with acquisition targets
  • Transforming IT Risk Management With Security Ratings Recorded: Aug 14 2014 48 mins
    Stephen Boyer, BitSight Technologies | Jon Oltsik, Enterprise Strategy Group (ESG)
    If organizations have learned anything from the high volume of recent breaches, it’s that boards are paying attention to cyber security now more than ever, and they want to know one thing - are we more or less secure than the latest victim?

    Join Jon Oltsik of the Enterprise Strategy Group and Stephen Boyer of BitSight Technologies to learn how businesses are using security ratings to mitigate internal and external security risks while driving better communication of performance metrics with their boards. By allowing executives to measure and compare security performance over time, organizations are improving situational awareness and are able to make risk-based decisions about preparedness, resources, and overall security strategy.

    Attendees of this webinar will learn how:

    - Boards are challenged to understand security performance and why benchmarking key metrics can lead to better communication and transparency
    - Teams are using security metrics to show improvements across their business ecosystem
    - BitSight Security Ratings are generated and are being used by customers today
  • Security Ratings: A Big Data Approach to Measuring and Mitigating Security Risk Recorded: Apr 17 2014 46 mins
    Stephen Boyer of BitSight Technologies and Oliver Brew of Liberty International Underwriters
    The increasing volume of breaches we hear about in the news highlights the challenge risk managers face in working to address cyber risk. Current assessment methods, while insightful, are inadequate due to the pace at which security postures change, leaving organizations vulnerable and exposed in the blink of an eye. In order to truly reduce security risk, managers need more insight and better tools that allow for continuous visibility into the ever-changing network environments they are administering.

    Join Stephen Boyer, CTO and co-founder of BitSight Technologies, and Oliver Brew, Vice President of Professional Liability at Liberty International Underwriters (LIU) for this webinar to discover:

    - Why measuring security risk is difficult and how some assessment methods leave organizations vulnerable to threats and financial loss

    - How forward-looking organizations are using Big Data to reduce risk, increase transparency and address new regulatory requirements

    - Case Study: How LIU is using Security Ratings to mitigate risk
Find Out How Security Ratings can Reduce Your Company's Risk.
The BitSight Security Rating Platform gathers terabytes of data on daily security outcomes from hundreds of sensors deployed across the globe.

All of the data is externally available and collected without any intrusive testing. Data is classified into several risk categories, including botnets, spam, malware, unsolicited communication, DDoS, and system configuration, and then mapped to an organization's known networks.

BitSight’s sophisticated algorithms analyze the data for severity, frequency, duration, and confidence to create an overall rating of that organization’s security performance.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Security Ratings: A Big Data Approach to Measuring and Mitigating Security Risk
  • Live at: Apr 17 2014 4:00 pm
  • Presented by: Stephen Boyer of BitSight Technologies and Oliver Brew of Liberty International Underwriters
  • From:
Your email has been sent.
or close
You must be logged in to email this