**Editor’s Note: “7 Minutes” is a feature where we ask channel executives from startups – or companies that may be new to the Channel Partners audience – a series of quick questions about their businesses and channel programs.**
BitSight is in the business of IT vendor risk management, essentially helping vet third-party providers to make sure they don’t open the door to attackers, put the company afoul of regulatory or compliance guidelines, or otherwise disrupt operations. After all, sensitive data exposed by a contractor is every bit as in-the-wind and damaging as data lost by an insider — just ask Target.
BitSight is based in Cambridge, Massachusetts, and says revenue from the channel has increased more than 100 percent year-over-year since the partner program was launched in 2014. Services based on the Security Ratings Platform include analysis to write cyber insurance policies, benchmark performance, conduct M&A due diligence and assess risk. Think of it like checking credit scores for a lineup of potential hires, only the scores indicate how well your own or a potential supplier’s security posture stacks up to peers.
Customers include seven of the top 10 cyber insurers, 80 Fortune 500 companies, and three of the top five investment banks. One differentiatior for the service is the ability to manage what’s called “fourth-party risk,” such as a subcontractor brought in by, for example, a third-party facilities company.
BitSight is well known in this space, though it does have channel-focused competitors including Brinqa, LockPath, RiskVision and Security Scorecard. Partners that serve regulated verticals should have one or more risk management offerings on their line cards — these services don’t come cheap, but they can be invaluable, and they’re a CIO’s best friend when a PCI or SOX auditor comes around.
We asked Carla Morss, senior director of worldwide partner sales and alliances, why partners should select BitSight.
Channel Partners: Tell us what customers love about your product or service. What’s the secret selling sauce?
Carla Morss: BitSight is such a unique product, it sells itself. BitSight pioneered the security-rating services market in 2011, transforming how companies manage third- and fourth-party risk, underwrite cyber insurance policies, benchmark security performance, and assess aggregate risk. By leveraging a non-invasive, efficient way to access business exposure with daily ratings updates for internal systems and that of vendors, BitSight provides an objective, accurate picture of risk and can allow companies to make smarter cybersecurity businesses decisions.
CP: Describe your channel program — metal levels, heavy on certifications, open or selective, unique features?
CM: Our partners can make the most of our channel program by being associated with the four levels of partnerships offered today: Silver, Gold, Platinum and Diamond. In 2018, we plan to expand our services to include a certification program, which will enable premier partners to increase their margins. We are very selective and strategic about the partners we engage with, ensuring that we find …