BitSight: Security Vendor Management Made Easy?
Let’s face it: Customers are struggling to manage their IT security vendor relationships. In many cases, businesses don’t know if they’re leveraging the proper security tools and associated settings.
That’s where BitSight Technologies enters the picture. The company offers a SaaS-based security rating platform that’s vendor agnostic. BitSight doesn’t care which security products a customer or partner selects. Instead, an algorithm-based system simply rates the products and their effectiveness in the ever-changing world of cybersecurity. Indeed, BitSight seeks to “transform how organizations evaluate risk and security performance by employing the outside-in model used by credit rating agencies.”
BitSight: From Launch to Partner Strategy
Launched in 2011, BitSight began selling its SaaS service in 2013 and built the foundation for a partner program in 2014, according to Carla Morss, director of worldwide channel and partner alliances. The early results sound impressive: Roughly 28 percent of BitSight’s revenues involved partners in 2015, and that figure will grow in 2016 — though Morss wants to drive growth in a responsible manner.
Indeed, BitSight isn’t seeking to work with every reseller and VAR. Instead, the company is going narrow and deep with partners that truly understand BitSight’s business value. The company’s partner ecosystem includes resellers (selling into corporate IT); risk consultants who manage audits and assessments; and MSP-type firms that manage customers’ overall security stance.
And therein resides the opportunity: BitSight’s technology — similar to a security dashboard — can raise red flags. But it doesn’t take corrective action — providing channel partners with ample opportunity to assist customers with their security stance, Morss says. “The partner can recommend remediation services, new security products — or whatever best fits the customer need,” she says.
A New Approach to IT Security Vendor Management?
I’m intrigued. On a somewhat related note, ConnectWise CEO Arnie Bellini has spent the past five years or so telling MSPs and technology service providers to offer vendor management services. Assuming it works as advertised, BitSight seems like a potential way for partners to make more informed decisions about security infrastructure — unlocking potential managed services and product upsells along the way.