New third-party risk management features and NIS2 services address strong regulatory focus on digital supply chain and help businesses streamline the path to compliance
London, UK – June 6, 2024 – Bitsight, the global leader in cyber risk management, today announced strategic investments to expand its third-party risk management solutions in Europe. Bitsight already delivers a fully integrated solution to manage the supplier lifecycle and extended supply chain, the new capabilities will focus on helping enterprises not only adhere to looming NIS2 Directive requirements, but manage exposure risk across the digital supply chain.
NIS2 marks the most recent development in a wave of new cybersecurity legislation, contributing to a complex web of regulation that many CISOs and security leaders struggle to navigate. Given the scale of many businesses, gaining a comprehensive overview of cyber risk in the supply chain poses a growing challenge for security leaders.
“Regulators recognising the magnitude of risk presented by the digital supply are taking action,” said Stephen Boyer, Co-founder and Chief Innovation Officer at Bitsight. “But forward-leaning risk and security leaders know that this is not a matter of mere compliance. Mitigating risk across the supply chain is critically important to the continuity of enterprise business operations. And when working in conjunction with our customers, this is what we do best.”
Bitsight Delivers Deeper Risk Insights to Enhance Supply Chain Transparency
With 80% of European businesses admitting they still need to properly secure their supply chain against cyber risk1, Bitsight’s strategic expansion includes several new product enhancements and services to deliver deeper supply chain insights and align with NIS2 guidelines. Additional innovations - including AI-powered features - are planned throughout the year to further accelerate efficiency, speed and scale.
New NIS2 offerings include:
- NIS2 Cybersecurity Assessment: a new automated supplier assessment to help EU organisations manage risk across the supply chain. With the new assessment - mapped to Bitsight’s cyber risk data - security leaders can more efficiently evaluate supplier risk and NIS2 adherence with greater transparency and accuracy.
- NIS2 Professional Services: Given the complexity of the new regulations, Bitsight will launch new services to help remove the guesswork around the NIS2 supply chain requirements. Specific offerings will include a jumpstart service to help customers manage critical supplier assessments, as well as identify, surface and communicate risks both to the suppliers and organisations. Bitsight will also release new consultation services leveraging Bitsight data and mapping to automatically detect issues and recommend actions to help with more efficient adherence to NIS2.
- Enhanced Exposure Management for Digital Supply Chain - With critical elements of NIS2 focused around communicating risk to vendors and accelerating vulnerability remediation within the supply chain - Bitsight will continue to invest in Exposure Management. The new enhancements, which will focus on the depth and breadth of discoverable assets within the supply chain, along with an enhanced approach to prioritisation across critical supplier assets, will be integral to NIS2 adherence.
Learn more on how Bitsight is helping customers secure their supply chain and adhere to new NIS2 requirements here on the Bitsight blog.
About Bitsight
Bitsight is a global cyber risk management leader transforming how organisations manage exposure, performance, and risk for themselves and their third parties. Companies rely on Bitsight to prioritise their cybersecurity investments, build greater trust within their ecosystem, and reduce their chances of financial loss. As the innovator and creator of the cyber risk ratings market, Bitsight’s integrated solutions deliver value across enterprise security performance, digital supply chains, cyber insurance, and data analysis. For more information, visit Bitsight.com or connect with us on LinkedIn.
1https://www.infosecurity-magazine.com/news/third-organizations-comply-nis2/