Security Performance Management
Continuous Monitoring
Cyber Insurance
National Cybersecurity

Articles in this section

See more

Security Ratings Panel and Highlights

Avatar
Ingrid
Follow
  • March 30, 2023: Edge case where no RCE is generated.
  • November 12, 2021: Added navigational instructions for the Continuous Monitoring application.
  • November 2, 2021: New (i) indicator for Ratings Algorithm Update; Updated panel screenshot; Instructions for downloading data or chart image.

The Security Ratings panel, a.k.a. Rating Change Explanation (RCE), highlights the rating changes of a company from the past year, such as:

  • Drops of 10 points or greater in a company’s Bitsight Security Rating by showing findings that contributed to the change (if any).
  • Rating algorithm changes, including changes to risk vectors.
  • Historical rating changes, such as a network remap.

In rare cases, cumulative drops of 10 points or greater due to multiple Compromised Systems findings that occur over several days may not result in an RCE. This is because:

  • Specific risk vector’s grade did not change the day of the drop.
  • Compromised Systems risk vectors are weighted collectively in the rating.

Navigation Options

Select a company from the context switcher dropdown, then go to:

SPM App: Dashboards ➔ Company Details

CM App: Vendor Risk ➔ Overview

Insurance App: Client Risk ➔ Overview

National Cybersecurity: Vendor Risk ➔ Overview

Indicator Description
Blue (#) Circle The rating was affected by changes to risk vector letter grades.
Red (#) Circle There’s a large drop in rating, such as a ratings-impacting Security Incident event.
Red (!) Circle

When a ratings-impacting Security Incident event occurred. View the details of the incident and the source news report by selecting the external link. Use this as a starting point to track down and fix recent issues, identify areas for improvement, and initiate more informed conversations with your third parties.

  • The red band indicates the date range when this particular event impacts security ratings. The range starts from the effective date and continues until the event completes its lifetime.
  • The icon size can vary depending on the number of breaches happening on the same day.
Violet (#) Circle An update has been made to the ratings algorithm. See the 2021 updates.
  • Use the “Show Technology Industry Range” toggle to display a blue band in the chart, that represents the range of ratings for all companies within the same industry. Outliers are excluded.
  • Use the “Show Portfolio Range” toggle to display a gray band in the chart, that represents the range of ratings for all companies within your portfolio. Outliers are excluded.
  • If you are monitoring another company, use the Share button to send a request to collaborate via the Enable Access Program.
  • Use the Options button at the top-right to download the company’s ratings history (CSV) or save this chart as an image (PNG).

Related articles