chicksdaddy writes "A Boston-area startup, BitSight, has announced what they say is the first objective security risk rating system that can be used to determine how (relatively) hackable your company is.
BitSight wants to serve the same role with security risk as the “Big Three” credit rating agencies (Standard & Poor’s, Moody’s, and Fitch Group) or consumer rating firms like Experian and TransUnion, which evaluate the credit worthiness of individuals. (BitSight even appears to use the same 800-point scale favored by Experian, TransUnion and the other credit rating agencies).
The company recently secured a $24 million Series A funding round (http://www.bitsighttech.com/news/press/060513-bitsight-technologies-secures-24-million-series-A-financing) after emerging from NSF-sponsored research by co-founders Stephen Boyer and Nagarjuna Venna. (http://blogs.wsj.com/venturecapital/2013/06/05/youth-and-age-mix-at-bitsight/)
BitSight Partner SecurityRating, announced on Tuesday, is a cloud based service that offers realtime ratings of organizations’ security risk based on what it calls “externally visible network behavior." In the consumer credit space, that might be new lines of credit, or a late payment to an existing lender. In security risk, it could be the presence of stolen data on a cyber criminal group’s “drop site” – a likely indicator of compromise. Systems attached to corporate domains that participate in a botnet or distributed denial of service attack (DDoS) could also bring an organization’s risk rating down."
Link to Original Source