OnDemand Includes 4 Months Access to Course Content - Special Offers Available Now!


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

The Data Disconnect: Why All Security Ratings are Not Created Equal

  • Thursday, December 15, 2016 at 12:30 PM EST (2016-12-15 17:30:00 UTC)
  • Dave Shackleford, Stephen Boyer


  • Bitsight

You can now attend the webcast using your mobile device!



From time-consuming audits to expensive penetration tests, evaluating a companys security posture can seem like a daunting task. However, todays organizations are increasingly adopting Security Rating Services (SRS) as a means to quantify and monitor their own cyber risk, as well as the risk of their third party vendors. 

So, how should you go about using security ratings? Whats the real difference between different rating services? And how does that impact your business?

Join BitSight Technologies CTO and Co-founder, Stephen Boyer, as he discusses the importance of curating high-quality data for security ratings and explores why verifiable data should be at the heart of any security rating solution.

In this webinar, you'll learn:

●      The key components of highly-actionable security ratings

●      How those components impact your cyber risk

●      Why data quality is so important

●      What the difference between subpar and superior security ratings could mean for your business

Speaker Bios

Stephen Boyer

Stephen cofounded BitSight in 2011 and serves as Chief Technology Officer. Prior to founding BitSight, Stephen was President and Cofounder of Saperix, a company spun out of the MIT Lincoln Laboratory focused on vulnerability and network topology risk analysis. Saperix was acquired by FireMon in 2011.

While at the MIT Lincoln Laboratory, Stephen was a member of the Cyber Systems and Technology Group where he led R&D programs solving large-scale national cybersecurity problems. His work at the MIT Lincoln Laboratory included research, development, and evaluation of next generation intrusion detection correlation architectures, attack graph vulnerability analysis, large-scale cyber situational awareness, security risk measurement, and cyber simulation and testing.

Prior to joining the MIT Lincoln Laboratory, Stephen designed, developed, and tested products at one of the earliest Linux startup companies, Caldera Systems. Stephen holds a Bachelors degree in Computer Science from Brigham Young University and Master of Science in Engineering and Management from the Massachusetts Institute of Technology.

Dave Shackleford

Dave Shackleford, a SANS analyst, senior instructor, course author, GIAC technical director and member of the board of directors for the SANS Technology Institute, is the founder and principal consultant with Voodoo Security. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. A VMware vExpert, Dave has extensive experience designing and configuring secure virtualized infrastructures. He previously worked as chief security officer for Configuresoft and CTO for the Center for Internet Security. Dave currently helps lead the Atlanta chapter of the Cloud Security Alliance.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.