Digital Exposure


Risk assessment through continuous monitoring

As a result of the evolution in the ICT field, all industries confront new and emerging threats, and so organisations are becoming more concerned about the security performance of their interest groups and themselves in order to be prepared to face this growing threat. In this sense, Telefónica has partnered with BitSight, to offer the Benchmarking & Supply Chain Service, which provides organisations with an overall view of their security status and that of their suppliers and stakeholders.

Benchmarking & Supply Chain is:

  • Non-intrusive: black box approach that uses only external sources. No access to the network or questionnaires needed.
  • Scalable: fully automated. Aggregate risk for vendor portfolio.
  • Objective: transversal approach that measures all organisations based on the same factors.
  • Dynamic: on-going risks assessment through the continuous monitoring of security performance.
  • Verifiable: third-party-validated breach to rating correlation.


  • Monitor your strategic vendors in an objective and non-intrusive way.
  • Measure the impact of your security processes and tools.
  • Calculate the ROI of your security budget and compare to your competitors.
  • Conduct data-driven due diligence.
  • Proactively measure and improve insureds’ cyber risk.

Target group:

The Benchmarking & Supply Chain Service is leveraged for multiple applications such as:

  • Vendor risk management: continuously manage the security effectiveness of hundreds and even thousands of vendors.
  • Benchmarking: assess the effectiveness of your security initiatives and compare performance to your industry and peers.
  • Mergers & acquisitions: assess the security of companies you are considering purchasing, or continuously monitor your portfolio companies.
  • Cyber insurance: assess cyber risk for applicants and continuously monitor insureds.