Digital Exposure


Risk assessment through constant monitoring

Companies operating in all sectors are facing new threats arising from developments in the ICT field. Before these increasing threats, there is a growing concern among companies to know their security levels and their stakeholders' security levels. In this regard, Telefónica has partnered with BitSight to provide the Benchmarking & Supply Chain Service, which affords organizations a security level overview of not only themselves but also their vendors and stakeholders.

Benchmarking & Supply Chain is:

  • Non-intrusive: black box approach using only external sources. No need for network access or questionnaires.
  • Scalable: fully automated. Aggregated risk for the supplier portfolio.
  • Objective: cross-cutting approach that measures all organizations based on the same factors.
  • Dynamic: om-going risk assessment by continuously monitoring security levels.
  • Verifiable: third-party-validated breach to rating correlation.


  • Objective and non-intrusive monitoring of strategic suppliers.
  • Measurement of the impact of security procedures and tools.
  • Security budget RoI calculation and comparison with the competition.
  • Data-based due diligence.

Proactive cyber-risk measurement and improvement of insureds

Target group:

Benchmarking & Supply Chain is employed for multiple applications, including:

  • Supplier risk management: continuous security management of hundreds and even thousands of suppliers.
  • Benchmarking: evaluation of security initiatives and comparison with the sector and competition.
  • Mergers & acquisitions: evaluation of the security in companies before they are purchased, or continuous monitoring of their portfolio of companies.
  • Cyberinsurance: cyber-risk assessment of new applicants and risk monitoring of the insured.