Company:BitSight

From HandWiki
Short description: American cybersecurity ratings company
BitSight
TypePrivate
IndustryCyber Security
Risk Management
Security
Founded2011[1]
Founders
  • Nagarjuna Venna
  • Stephen Boyer
HeadquartersBack Bay, Boston, United States[2]
Key people
Websitewww.bitsight.com

BitSight is a cybersecurity ratings company that analyzes companies, government agencies, and educational institutions.[4][5] It is based in Back Bay, Boston.[1][2] Security ratings that are delivered by BitSight are used by banks and insurance companies among other organizations.[6] The company rates more than 200,000 organizations with respect to their cybersecurity.[7]

History

BitSight was founded in 2011 by Nagarjuna Venna and Stephen Boyer and currently has both United States-based and international employees.[1][2] In 2016, BitSight raised $40 million USD in funding in the month of September.[1]

In 2014, BitSight acquired AnubisNetworks, a Portugal-based cybersecurity firm that tracks real-time data threats.[8][9]

By September 2016, BitSight had raised $40 million in a Series C round led by GGV Capital, with participation from Flybridge Capital Partners, Globespan Capital Partners, Menlo Ventures, Shaun McConnon, and the VC divisions of Comcast Ventures, Liberty Global Ventures, and Singtel Innov8.[10][11][12]

Shaun McConnon stepped down as the CEO of BitSight in July 2017 but remains the executive chairman of the board.[13] The CEO position was filled by Tom Turner in 2017,[13] and then by Stephen Harvey in 2020.[3]

In June 2018, BitSight closed $60 million in Series D funding, bringing the company's total funding to $155 million.[14] BitSight's Series D financing was led by Warburg Pincus, with participation from existing investors Menlo Ventures, GGV Capital and Singtel Innov8.[14][15]

In 2018, the company was located in Cambridge but purchased property in order to shift to Back Bay, where BitSight is currently located.[2] Forbes has estimated BitSight's revenue as being US$100 million as of 2018.[16]

In 2021, BitSight acquired VisibleRisk, a cyber risk assessment startup company and received a $250 million investment from Moody’s Corporation.[17][18]

In 2023, BitSight partnered with Schneider Electric to develop a new way to quantify operational technology risk.[19]

Services

Organizations purchase BitSight's services in order to understand "security risks associated with sharing sensitive data with business partners."[20][21][22] As of 2018, BitSight serves clients, including Lowe's, AIG, and Safeway.[23][16][24]

BitSight assembles models that produce company ratings, which are based on a scale that enables insurers to rule on the ability of businesses to receive coverage.[25] It produces ratings for 200,000 organizations as of 2020.[7]

With respect to its services, Amy Feldman of Forbes wrote that "Customers pay on a subscription basis with annual fees ranging from a few thousand dollars to analyze a single company to more than $1 million to review thousands of suppliers."[26] Similar to a credit score, BitSight's ratings range from 250 to 900.[27]

References

  1. 1.0 1.1 1.2 1.3 O'Brien, Kelly J. (16 May 2018). "BitSight to double HQ size in move from Cambridge to Boston" (in English). American City Business Journals. https://www.bizjournals.com/boston/news/2018/05/16/bitsight-to-double-hq-size-in-move-from-cambridge.html. Retrieved 10 October 2018. 
  2. 2.0 2.1 2.2 2.3 Jon Chesto (17 May 2018). "Investors dump GE shares" (in English). The Boston Globe. https://www.bostonglobe.com/business/talking-points/2018/05/16/investors-dump-shares/LXlDhR19o6wRlKrn0LBibL/story.html. Retrieved 11 October 2018. "Cybersecurity ratings firm BitSight is setting its sights on a move to the Back Bay, to a space that is roughly double the size of its existing headquarters in Cambridge. The venture capital-backed firm has leased 48,000 square feet across two floors in the Prudential Center, at the 111 Huntington Ave. tower owned by Boston Properties. BitSight currently employs about 145 people in Cambridge, but will likely have 170 by January and another 30-plus by the end of next year after it moves to Boston." 
  3. 3.0 3.1 "BitSight Appoints Stephen Harvey as Chief Executive Officer". 7 January 2020. https://www.prnewswire.com/news-releases/bitsight-appoints-stephen-harvey-as-chief-executive-officer-300981919.html. Retrieved 15 February 2020. 
  4. Romo, Vanessa (30 March 2018). "As Atlanta Seeks To Restore Services, Ransomware Attacks Are On The Rise" (in English). NPR. https://www.npr.org/sections/thetwo-way/2018/03/30/597987182/as-atlanta-seeks-to-restore-services-ransomware-attacks-are-on-the-rise. Retrieved 10 October 2018. "Data compiled by BitSight, a cybersecurity ratings company, is even more staggering. A 2016 report analyzing government, health care, finance, retail, education and utilities concluded that education institutions are most likely to be on the receiving end of a ransomware attack." 
  5. Clarke, Richard (13 June 2017). "Why is it so easy for hackers to infiltrate - our mistakes" (in English). Quartz. https://qz.com/1000272/its-not-just-the-nhs-in-the-internet-of-things-everything-is-more-hackable-than-you-think/. Retrieved 11 October 2018. "BitSight, a Boston firm that ranks companies for their level of cybersecurity, compared five industries: health care, finance, retail, utilities, and federal agencies." 
  6. Lunden, Ingrid (10 July 2018). "BitSight, a provider of security ratings, raises $60M at a valuation of around $600M". TechCrunch. https://techcrunch.com/2018/06/28/bitsight-a-provider-of-security-ratings-raises-60m-at-a-valuation-of-around-600m/. Retrieved 11 October 2018. ". Typical customers include large to mid-sized organizations, and while BitSight doesn’t provide specific names it says the list includes seven of the top 10 cyber insurers, 20 percent of Fortune 500 companies, and three of the top five investment banks, an impressive list. Others that use these ratings are cyber insurance companies, when devising what kind of rates to charge customers, and also to monitor those customers after they are insured. And they are also used by companies, Turner says, to assess acquisition targets when a company is going through due diligence; or before making investments." 
  7. 7.0 7.1 Whitney, Lance (21 January 2020). "Windows 7 remains an albatross at many large organizations". CBS Interactive. https://www.techrepublic.com/article/windows-7-remains-an-albatross-at-many-large-organizations/. Retrieved 24 January 2020. 
  8. Reader, Ruth (21 October 2014). "Security ratings company BitSight acquires threat analytics service" (in English). VentureBeat. https://venturebeat.com/2014/10/21/security-ratings-company-bitsight-acquires-a-threat-analytics-service/. Retrieved 11 October 2018. "Security ratings company BitSight Technologies just picked up a small Portugal-based threat intelligence company called AnubisNetworks." 
  9. Castellanos, Sara (23 October 2014). "BitSight Technologies acquires cybersecurity firm AnubisNetworks" (in English). American City Business Journals. https://www.bizjournals.com/boston/blog/startups/2014/10/bitsight-technologies-acquires-cybersecurity-firm.html. Retrieved 10 October 2018. "Cambridge-based BitSight Technologies, which rates businesses on their cyber security performance, has acquired Portugal firm AnubisNetworks, which tracks real-time data threats." 
  10. Zakrzewski, Cat (15 September 2016). "Cybersecurity Ratings Startup BitSight Raises $40M" (in English). The Wall Street Journal. https://www.wsj.com/articles/cybersecurity-ratings-startup-bitsight-raises-40m-1473939005?mod=djemVentureCapitalPro&tpl=vc. Retrieved 10 October 2018. "BitSight Technologies Inc. has raised $40 million to provide security ratings. GGV Capital led the Series C round, with participation from existing investors Flybridge Capital Partners, Globespan Capital Partners, Menlo Ventures and the company’s chief executive, Shaun McConnon. The venture arms of Comcast Ventures, Liberty Global Ventures and Signtel Innov8 also participated." 
  11. Woodward, Curt (15 September 2016). "BitSight raises $40M to expand IT security ratings software" (in English). The Boston Globe. https://www.bostonglobe.com/business/2016/09/15/bitsight-raises-expand-security-ratings-software/Si4XIFMKtKDG8B0bx1bHNK/story.html. Retrieved 10 October 2018. "Investors are pouring another $40 million into BitSight Technologies Inc., a Cambridge startup that analyzes Internet traffic to generate the equivalent of a credit score for a company’s risk of cybersecurity attacks." 
  12. Kuchler, Hannah (8 January 2017). "Insurers tap cyber security ratings to limit liabilities" (in English). Financial Times. https://www.ft.com/content/1cfd5d28-c26f-11e6-81c2-f57d90f6741a. "Bitsight recently announced a fundraising of $40m, led by GGV Capital, as it expands to cater for insurers’ desire to know more about the security weaknesses of their potential — and existing — customers." 
  13. 13.0 13.1 O'Brien, Kelly J. (30 July 2017). "Longtime cybersecurity exec to step down as BitSight CEO" (in English). American City Business Journals. https://www.bizjournals.com/boston/news/2017/06/30/longtime-cybersecurity-exec-to-step-down-as.html. Retrieved 11 October 2018. "He's adamant that he's not retiring, but after leading three Massachusetts cybersecurity companies to $1 billion worth of total exit value and a fourth to the verge of an IPO, Shaun McConnon is done being a CEO at his latest company. McConnon will step down as CEO of Cambridge-based cybersecurity ratings company BitSight Technologies Inc. on July 1, but will stay on as the executive chairman of BitSight's board. BitSight's chief operating officer Tom Turner will take over as top executive." 
  14. 14.0 14.1 Lunden, Ingrid (10 July 2018). "BitSight, a provider of security ratings, raises $60M at a valuation of around $600M" (in English). TechCrunch. https://techcrunch.com/2018/06/28/bitsight-a-provider-of-security-ratings-raises-60m-at-a-valuation-of-around-600m/. Retrieved 10 October 2018. "BitSight, which provides an ongoing, changing “risk security posture” of some 1,200 organizations, has raised $60 million in a Series D round led by Warburg Pincus, funding that it will use to expand its risk management solutions — specifically in areas like analytics — and overall business development. This brings the total raised by BitSight to $155 million. Tom Turner, BitSight’s CEO, said the company was not disclosing its valuation with this round, but he hinted that it was ten times more than the company’s valuation at its Series A. That round, according to figures from PitchBook, was at $60 million post-money, meaning that the company is now valued at around $600 million. Others in this round include Menlo Ventures, GGV Capital and Singtel Innov8, all previous investors." 
  15. Jim Finkle, Bill Rigby (15 September 2016). "Cyber-ratings firm BitSight raises $40 million, GGV Capital leads round" (in English). Reuters. Reuters. https://www.reuters.com/article/us-bitsight-funding-idUSKCN11L0JD. Retrieved 11 October 2018. "BitSight Technologies, a firm that sells cyber security ratings on businesses to insurers, said on Thursday that it has closed $40 million in series C funding, in a round led by GGV Capital. Previous investors that joined the round include Flybridge Capital Partners, Globespan Capital Partners, Menlo Ventures and Shaun McConnon." 
  16. 16.0 16.1 Feldman, Amy (14 December 2016). "Meet The 72-Year-Old 'Whiz Kid' Behind Cybersecurity Startup BitSight" (in English). Forbes. https://www.forbes.com/sites/amyfeldman/2016/12/14/the-septuagenarian-whiz-kid-behind-cybersecurity-startup-bitsight/#62c6805b53d2. Retrieved 11 October 2018. "FORBES estimates BitSight's revenues will reach $50 million in 2017 and $100 million in 2018, when McConnon hopes to take the company public. He expects it to be profitable by 2019." 
  17. Novinson, Michael (2021-09-13). "BitSight Buys Startup VisibleRisk, Gets $250M From Moody’s" (in en). https://www.crn.com/news/security/bitsight-buys-startup-visiblerisk-gets-250m-from-moody-s. 
  18. "Moody's to invest $250 million in BitSight and create a 'cybersecurity risk platform'" (in en). https://www.zdnet.com/article/moodys-to-invest-250-million-in-bitsight-create-cybersecurity-risk-platform/. 
  19. "BitSight, Schneider Electric partner to quantify OT risk | TechTarget" (in en). https://www.techtarget.com/searchsecurity/news/252529063/BitSight-Schneider-Electric-partner-to-quantify-OT-risk. 
  20. Sawers, Paul (15 September 2016). "BitSight raises $40 million to help companies rate partner firms' cybersecurity credentials" (in English). VentureBeat. https://venturebeat.com/2016/09/15/bitsight-raises-40-million-to-help-companies-rate-partner-firms-cybersecurity-credentials/. Retrieved 11 October 2018. "Founded in 2011, BitSight offers a platform that helps companies mitigate security risks associated with sharing sensitive data with business partners." 
  21. Schoenberg, Carter (16 January 2018). "Cyber insurance in the 2018 regulatory landscape". CSO. https://www.csoonline.com/article/3247834/risk-management/cyber-insurance-in-the-2018-regulatory-landscape.html. Retrieved 11 October 2018. "Some firms have tools for existing clients or potential clients to measure how good of a risk they are. Some firms are using BitSight or similar technologies." 
  22. Olcott, Jacob (12 February 2015). "Q&A: BitSight Technologies' new VP of business development talks cybersecurity" (in English). American City Business Journals. https://www.bizjournals.com/boston/blog/startups/2015/02/q-a-bitsight-technologies-new-vp-of-business.html. Retrieved 11 October 2018. "This is Olcott's sixth week at BitSight Technologies, a four-year-old company that rates businesses on their cyber security performance — which has proven to be an essential service for organizations looking for third-party vendors they can trust." 
  23. Yakowicz, Will (19 September 2017). "In an Era of Major Hacks, Cyber Insurance May Be the Industry's Riskiest Bet Yet" (in English). Inc.. https://www.inc.com/will-yakowicz/cyber-insurers-hottest-product-might-not-handle-disaster.html. Retrieved 11 October 2018. "But that long history of data on past catastrophes does not exist in the cyber insurance policy world, says Stephen Boyer, the CTO and co-founder of risk-rating company BitSight, a company that assesses company risk for cyber policies written by AIG, Travelers, and others." 
  24. Woodward, Curt (15 September 2016). "BitSight raises $40M to expand IT security ratings software" (in English). The Boston Globe. https://www.bostonglobe.com/business/2016/09/15/bitsight-raises-expand-security-ratings-software/Si4XIFMKtKDG8B0bx1bHNK/story.html. Retrieved 11 October 2018. "BitSight customers, which include Lowe's, Ferrari, and The Hartford, use the startup's security ratings when they're deciding whether to do business with another company – buying its products, making an acquisition offer, or writing an insurance contract, Turner said." 
  25. Kuchler, Hannah (8 January 2017). "Insurers tap cyber security ratings to limit liabilities" (in English). Financial Times. https://www.ft.com/content/1cfd5d28-c26f-11e6-81c2-f57d90f6741a. "Then, it creates a model that rates companies on a scale and insurers use the rating to decide if applicants get coverage." 
  26. Feldman, Amy (14 December 2016). "Meet The 72-Year-Old 'Whiz Kid' Behind Cybersecurity Startup BitSight" (in English). Forbes. https://www.forbes.com/sites/amyfeldman/2016/12/14/the-septuagenarian-whiz-kid-behind-cybersecurity-startup-bitsight/#62c6805b53d2. Retrieved 11 October 2018. 
  27. Perlroth, Nicole (7 May 2017). "Hackers Find Celebrities' Weak Links in Their Vendor Chains" (in English). The New York Times. https://www.nytimes.com/2017/05/07/technology/hackers-exploit-celebrities-vendor-chains.html?_r=0. Retrieved 11 October 2018. "BitSight uses a scoring system of 250 to 900, similar to a credit score. SecurityScorecard gives grades from A to F." 

External links