SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
BitSight and ServiceNow announce integrations improving cyber risk management
Thu, 26th Sep 2019
FYI, this story is more than a year old

Security ratings company BitSight and ServiceNow have announced the launch of two new certified ServiceNow applications – BitSight for Vendor Risk Management and BitSight for Security Incident Response – now available in the ServiceNow app store.

These applications bring a new level of automation, prioritisation, and insight, providing customers to digital workflows.

These integrations build on an existing partnership between the two companies, including joint go to market activities and BitSight membership in the ServiceNow IRM Ecosystem announced earlier this year.

Together, BitSight and ServiceNow provide organisations with prioritised visibility and automated workflows to manage cyber risk, and a system that gives customers the ability to take action, report and monitor the cyber health of their own organisation and their broader business ecosystem.

Third-party risk is a top concern for companies worried about data privacy and service availability and facing an ever-expanding list of vendors.

With the BitSight for Vendor Risk Management application, customers have better visibility on a continuous basis to help prioritise their resources, enable data-driven conversations with vendors, and bring scale to their assessment and remediation processes.

Risk leaders now have access to BitSight Security Ratings, risk vector grades, 12 months of ratings history and alerts for their third-parties within ServiceNow, including the ability to share data directly with third parties.

Additionally, customers can create Vendor Risk Issues using BitSight alerting capabilities, which in turn integrate with ServiceNow's workflows to initiate the remediation process with vendors.

With ServiceNow's Vendor Risk Management portal and mobile capabilities, employees and vendors gain a streamlined experience.

Security teams continue to be plagued with more work than available staff, driving intense interest in prioritisation based on business impact.

With the BitSight for Security Incident Response application, joint security leaders can leverage compromised system event information from BitSight to pinpoint and control attacks within their own corporate infrastructure.

With BitSight for Security Incident Response, customers gain access to event forensics data that reveals source ports, destination ports, time stamps, and more to unite security and IT teams for faster and more effective threat response and remediation.

ServiceNow's correlation of risk, threat, and business intelligence as part of closed-loop workflows enables better, faster and more efficient task hand-off and coordinated security responses, while BitSight dashboards and reporting features provide visibility into the organisation's security performance and progress.

“Every organisation is challenged to measure and manage cyber risk in their own environment and extended business ecosystem and quickly address related cyber threats and incidents when they arise,”  says BitSight strategic partnerships vice president Matt Cherian.

“Many businesses lack a centralised, holistic view into cyber risk, requiring companies to spend scarce resources on unnecessary manual work,” says ServiceNow security business unit business development senior director Odin Olson.