Risk assessment through continuous monitoring
As a result of the evolution in the ICT field, all industries confront new and emerging threats, and so organisations are becoming more concerned about the security performance of their interest groups and themselves in order to be prepared to face this growing threat. In this sense, Telefónica has partnered with BitSight, to offer the Benchmarking & Supply Chain Service, which provides organisations with an overall view of their security status and that of their suppliers and stakeholders.
Benchmarking & Supply Chain is:
- Non-intrusive: black box approach that uses only external sources. No access to the network or questionnaires needed.
- Scalable: fully automated. Aggregate risk for vendor portfolio.
- Objective: transversal approach that measures all organisations based on the same factors.
- Dynamic: on-going risks assessment through the continuous monitoring of security performance.
- Verifiable: third-party-validated breach to rating correlation.
- Monitor your strategic vendors in an objective and non-intrusive way.
- Measure the impact of your security processes and tools.
- Calculate the ROI of your security budget and compare to your competitors.
- Conduct data-driven due diligence.
- Proactively measure and improve insureds’ cyber risk.
The Benchmarking & Supply Chain Service is leveraged for multiple applications such as:
- Vendor risk management: continuously manage the security effectiveness of hundreds and even thousands of vendors.
- Benchmarking: assess the effectiveness of your security initiatives and compare performance to your industry and peers.
- Mergers & acquisitions: assess the security of companies you are considering purchasing, or continuously monitor your portfolio companies.
- Cyber insurance: assess cyber risk for applicants and continuously monitor insureds.
Contact us for more information or you can start measuring the security level of your company with a Proof of Value.
- Intuitive and user-friendly interface that offers a quick overview of the general risk status of the customer’s organization business ecosystem.
- API availability for programmatic access to information and the possibility of integration with third-party solutions and the organization’s own tools.
- Role-based access control that enables restricting user access to certain groups of companies.
- Powerful alert engine to define different thresholds on the basis of the selected group of organizations.