2 min

Cyber risk management firm Bitsight has announced an expansion of the services it offers. Together with credit assessment agency Moody’s, the company is trying to respond to growing concerns about cybersecurity.

Bitsight says it is expanding toward “integrated cyber risk management”. It explains the term as a holistic overview for cybersecurity, from zero-day attacks to structural weaknesses in third-party software.

Cyber risk assessment is likely to only become more important because of the recent political focus on security weaknesses. Bitsight’s plans include collaboration with partner Moody’s and new or enhanced applications.


First, Bitsight has provided details about its plans for further integration with Moody’s offerings. Bitsight’s data is already available to nearly 2,000 credit analysts around the world. “Traditional” economic risk analysis appears to merging with the cybersecurity world. Moody’s Analytics’ BVD Orbis platform features the Bitsight data. The goal here is to give non-technical risk managers an understanding of cybersecurity as well.

Bitsight’s own independent offering also features innovations. The enhanced Third-Party Vulnerability Detection tool now includes a Response workflow. This allows organizations to easily contact vendors of software in which weaknesses have been found. The new feature means companies can now easily monitor if they have been responded to.


In addition to these enhancements, Bitsight has also tinkered with its best-known feature: assessing cybersecurity using ratings, similar to the bread-and-butter of partnered credit rating agency Moody’s. The new algorithm should better reflect what is important in reality to have security in order.

With these innovations, Bitsight is trying to prepare clients for a world with much more cybercrime than before. It often turns out that cybercriminals remain innovative, making an up-to-date assessment of one’s own cybersecurity crucial. ChatGPT is also used, for example, to construct phishing emails, a well-known means of penetrating organizations.