Since our inception in 2002, Thru has been committed to protecting customers’ data by providing enterprise-grade secure file transfer solutions. We continue to demonstrate this commitment to excellence in security by seeking third-party security assessments of our managed file transfer (MFT) product, infrastructure and processes.
This blog is an announcement of Thru’s successful alignment to established cybersecurity frameworks as evaluated by Bitsight Technologies. Click here to get the reports »
Who Is Bitsight Technologies?
What Is the Bitsight Security Rating?
Bitsight rates companies on a scale of 250 (lowest) to 900 (highest) as a measurement of security performance. The ratings are a measurement of a company’s security performance over time and are generated through the analysis of externally observable data, leveraging Bitsight’s proprietary techniques to identify the scope of a company’s entire digital footprint.
Diving into the Cybersecurity Reports
Security and risk leaders use the Bitsight Security Rating to assess, monitor, prioritize and communicate cyber risk. This objective, data-driven tool provides several different reports in alignment with specific industry standards to reveal the health of an organization’s cyber security program.
Thru was recently analyzed and assessed by Bitsight. Our initial rating is 790 (Advanced) which is well above the average of 730 (Intermediate) for the computer software industry.
The following sections introduce the three reports created by Bitsight for Thru:
Executive Report
The Executive Report includes the Bitsight Security Rating of Thru plus its separate ratings of the likelihoods of ransomware and data breach incidents, including how Thru compares to the industry averages of each type of incident. The report also reveals if any publicly disclosed security incidents have occurred in the past 18 months and, if so, applies a grade based on several factors, including the number of data records lost or exposed.
ISO/IEC 27001 Report
This report is a high-level summary of Thru’s alignment with the ISO/IEC 27001:2013 standard using Bitsight’s risk vectors and existing data as evidence.
The Bitsight ISO/IEC 27001 report shows all the criteria that it can qualify with the Bitsight Security Ratings data, along with letter grades that reflect the degree to which an organization has coverage within the ISO/IEC 27001 standard in each of those areas. An “A” indicates strong coverage within the category, and an “F” indicates the company needs to make significant improvements to their cybersecurity posture.
NIST Cybersecurity Framework Report
This report is a high-level summary of Thru’s alignment with the United States National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF) using objective Bitsight Security Ratings data. The NIST CSF is not a mandate; it is completely voluntary for organizations to use it.
As in the ISO/IEC 27001 report, letter grades (A to F) are used in each category consisting of sub-categories which are graded based on evidence sourced directly from Bitsight Security Ratings data.
