- March 9, 2022: Updated screenshots.
- March 28, 2018: Published.
Overview
The Portfolio Assessment report delivers visibility into aggregated risk, data breaches, and the security effectiveness of vendors. This report can be used to generate insights on the health of a large set of vendors, answering such questions as:
- Should my organization worry about the security risk that this set of vendors poses to my business?
- How many vendors are below a tolerable risk level?
- How many vendors is my organization collaborating with to reduce their cyber security risks?
- How many vendors improved their security risk profile?
This can also be used to look into particular aspects of GDPR compliance for a set of vendors, particularly related to:
- Effectiveness of technical measures vendors have in place to avoid data breaches.
- Data breach notification.
- Safeguards related to data transfers to other jurisdictions.
- Territorial scope of data processing and storage.
Table of Contents
- Overview
- Reading This Report
Reading This Report
Header
The Header section contains the name of the selected folder and the number of companies contained in the folder.
Quarter to Date versus Previous Quarter
This section presents quarter-to-date metrics about the companies in your selected folder.
Median Rating
The median rating of all companies in the selected folder.
- The upper value is the median rating on the day that the report was generated; the color indicates the current rating category.
- The lower value (gray) is the median rating registered at the end of the previous quarter.
Vendors with Basic Ratings
The number of companies in the selected folder that had a rating in the Basic category at the end of the previous quarter.
- A red downward arrow indicates that there are currently more companies with Basic ratings in this folder than there were at the end of the last quarter.
- A green upward arrow indicates that there are currently fewer companies with Basic ratings in this folder than there were at the end of the last quarter.
To learn more about our rating categories, see What is a Bitsight Security Rating?
Vendors Collaborating to Improve Their Ratings
The number of companies you're currently collaborating with.
- A red downward arrow indicates that the current number of companies that are collaborating is lower than the number of companies in the last quarter.
- A green upward arrow indicates that the current number of companies is higher than the number of companies in the last quarter.
Vendors with Improved Ratings
The number of companies in the folder that had an increase in their security rating during this quarter.
Footprint and Security Incidents
This section contains information about the EU vs Non-EU distribution of the vendors' IP address footprint and occurrences of security incidents over the past 12 months.
Footprint
This section indicates:
- The number of IPs in this folder in EU and Non-EU jurisdictions
- The number of companies in this folder that have a footprint in one or both jurisdictions
Security Incidents Analysis and Most Recent Security Incidents
The Security Incidents Analysis section indicates the number of data breaches that occurred across the vendors in the selected folder in the last 4 quarters, including the current quarter to date.
The Most Recent Security Incidents section lists the most recent security incidents at companies in the selected folder. If a breach occurred in a subsidiary of a company in the folder, the breach information will be shown in the list with an asterisk.
Portfolio Risk Vectors Average Grades
This section provides a breakdown per risk vector of the aggregate performance of the vendors in the selected folder.
For each risk vector, the average grade across all companies in the selected folder is shown. The number of companies below that average is shown beneath it.