sb-as logo
Story image

BitSight and ServiceNow announce integrations improving cyber risk management

26 Sep 2019

Security ratings company BitSight and ServiceNow have announced the launch of two new certified ServiceNow applications – BitSight for Vendor Risk Management and BitSight for Security Incident Response – now available in the ServiceNow app store.

These applications bring a new level of automation, prioritisation, and insight, providing customers to digital workflows.

These integrations build on an existing partnership between the two companies, including joint go to market activities and BitSight membership in the ServiceNow IRM Ecosystem announced earlier this year.

Together, BitSight and ServiceNow provide organisations with prioritised visibility and automated workflows to manage cyber risk, and a system that gives customers the ability to take action, report and monitor the cyber health of their own organisation and their broader business ecosystem.

Third-party risk is a top concern for companies worried about data privacy and service availability and facing an ever-expanding list of vendors.

With the BitSight for Vendor Risk Management application, customers have better visibility on a continuous basis to help prioritise their resources, enable data-driven conversations with vendors, and bring scale to their assessment and remediation processes.

Risk leaders now have access to BitSight Security Ratings, risk vector grades, 12 months of ratings history and alerts for their third-parties within ServiceNow, including the ability to share data directly with third parties.

Additionally, customers can create Vendor Risk Issues using BitSight alerting capabilities, which in turn integrate with ServiceNow’s workflows to initiate the remediation process with vendors.

With ServiceNow’s Vendor Risk Management portal and mobile capabilities, employees and vendors gain a streamlined experience.

Security teams continue to be plagued with more work than available staff, driving intense interest in prioritisation based on business impact.

With the BitSight for Security Incident Response application, joint security leaders can leverage compromised system event information from BitSight to pinpoint and control attacks within their own corporate infrastructure.

With BitSight for Security Incident Response, customers gain access to event forensics data that reveals source ports, destination ports, time stamps, and more to unite security and IT teams for faster and more effective threat response and remediation.

ServiceNow’s correlation of risk, threat, and business intelligence as part of closed-loop workflows enables better, faster and more efficient task hand-off and coordinated security responses, while BitSight dashboards and reporting features provide visibility into the organisation’s security performance and progress.

“Every organisation is challenged to measure and manage cyber risk in their own environment and extended business ecosystem and quickly address related cyber threats and incidents when they arise,”  says BitSight strategic partnerships vice president Matt Cherian.

“Many businesses lack a centralised, holistic view into cyber risk, requiring companies to spend scarce resources on unnecessary manual work,” says ServiceNow security business unit business development senior director Odin Olson.

Story image
The business case for an in-house ethical hacker
Ethical hackers, also known as penetration testers or white-hat hackers, mimic the techniques used by malicious hackers to try and break into computer systems and discover vulnerabilities before the bad guys can exploit them.More
Story image
COVID-19 crushes fingerprint reader market
However, the biometrics market is expected to regain momentum with alternatives already beginning to find their feet.More
Story image
Experiencing ransomware significantly impacts cybersecurity approach
"The survey findings illustrate clearly the impact of these near-impossible demands. Among other things, those hit by ransomware were found to have severely undermined confidence in their own cyber threat awareness."More
Story image
Why zero trust could fail due to lack of understanding​, not technology
Security architects are being forced to re-examine the concept of identity, with many turning to a zero trust security model to provide a better architecture for protecting their sensitive resources.More
Story image
Video: 10 Minute IT Jams - SonicWall VP discusses the importance of endpoint security
In this video, Dmitriy discusses the exposure points and new risks that come as a result of widespread flexible working arrangements, how organisations should secure their massively distributed networks, and how SonicWall's Boundless Cybersecurity model can solve these issues.More
Story image
Radware signs on two more clients for DDoS protection
While Radware did not share the names of its two clients, the company did explain more about the partnerships.More