This blog is an announcement of Thru’s successful alignment to established cybersecurity frameworks as evaluated by Bitsight Technologies.
Who Is Bitsight Technologies?
What Is the Bitsight Security Rating?
Bitsight rates companies on a scale of 250 (lowest) to 900 (highest) as a measurement of security performance. The ratings are a measurement of a company’s security performance over time and are generated through the analysis of externally observable data, leveraging Bitsight’s proprietary techniques to identify the scope of a company’s entire digital footprint.
Diving into the Cybersecurity Reports
Security and risk leaders use the Bitsight Security Rating to assess, monitor, prioritize and communicate cyber risk. This objective, data-driven tool provides several different reports in alignment with specific industry standards to reveal the health of an organization’s cyber security program.
Thru was recently analyzed and assessed by Bitsight. Our initial rating was 790 (Advanced) which is well above the average of 730 (Intermediate) for the computer software industry. Refer to the Bitsight badge in our footer for our current rating.
The following sections introduce the three reports created by Bitsight for Thru:
Executive Report
The Executive Report includes the Bitsight Security Rating of Thru plus its separate ratings of the likelihoods of ransomware and data breach incidents, including how Thru compares to the industry averages of each type of incident. The report also reveals if any publicly disclosed security incidents have occurred in the past 18 months and, if so, applies a grade based on several factors, including the number of data records lost or exposed.
ISO/IEC 27001 Report
This report is a high-level summary of Thru’s alignment with the ISO/IEC 27001:2013 standard using Bitsight’s risk vectors and existing data as evidence.
The Bitsight ISO/IEC 27001 report shows all the criteria that it can qualify with the Bitsight Security Ratings data, along with letter grades that reflect the degree to which an organization has coverage within the ISO/IEC 27001 standard in each of those areas. An “A” indicates strong coverage within the category, and an “F” indicates the company needs to make significant improvements to their cybersecurity posture.
NIST Cybersecurity Framework Report
This report is a high-level summary of Thru’s alignment with the United States National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF) using objective Bitsight Security Ratings data. The NIST CSF is not a mandate; it is completely voluntary for organizations to use it.
As in the ISO/IEC 27001 report, letter grades (A to F) are used in each category consisting of sub-categories which are graded based on evidence sourced directly from Bitsight Security Ratings data.
Request All Three Bitsight Security Rating Reports
If you are considering Thru for secure file transfer for your organization and would like a copy of the reports, please contact your account representative or visit our Trust Center to download »