Skip to main content

Bitsight – cyber security ratings service

BitSight is an external service that can help your organisation to measure levels of cyber security risk. Find out more about the platform and how to sign up for the service.

About BitSight

The BitSight platform uses externally observable events, data sinkholes and 3rd party data to continuously assess cyber security ratings.

It's a non-intrusive solution and does not collect any data directly from organisations.


BitSight will help you:

Who the service is for

This service is currently for ICBs and NHS trusts.

What it involves

Once access is granted, there's minimal work to maintain the platform.

Help is available to resolve any technical fixes identified, which could include on-site work, depending on the issues identified. 

Register for BitSight 

To register, or to find out more, email [email protected]. 

How this service aligns with the Cyber Assessment Framework

Open the expanders below to find out how this service aligns to the principles and outcomes of the Cyber Assessment Framework (CAF).

Objective A: Managing security risk

A2.a Your organisation has effective internal processes for managing risks to the security of network and information systems related to the operation of essential functions and communicating associated activities.

A2.b You have gained confidence in the effectiveness of the security of your technology, people, and processes relevant to essential functions.

Objective B: Defending systems against cyber attack

B4.a You design security into the network and information systems that support the operation of essential functions. You minimise their attack surface and ensure that the operation of the essential function should not be impacted by the exploitation of any single vulnerability.

B4.b You securely configure the network and information systems that support the operation of essential functions.

B4.d You manage known vulnerabilities in your network and information systems to prevent adverse impact on the essential function.

Objective C: Detecting cyber security events

C1.a The data sources that you include in your monitoring allow for timely identification of security events which might affect the operation of your essential function.

C1.c Evidence of potential security incidents contained in your monitoring data is reliably identified and triggers alerts.

C1.d You contextualise alerts with knowledge of the threat and your systems, to identify those security incidents that require some form of response.

C1.e Monitoring staff skills, tools and roles, including any that are outsourced, should reflect governance and reporting requirements, expected threats and the complexities of the network or system data they need to use. Monitoring staff have knowledge of the essential functions they need to protect.

C2.a You define examples of abnormalities in system behaviour that provide practical ways of detecting malicious activity that is otherwise hard to identify.

C2.b You use an informed understanding of more sophisticated attack methods and of normal system behaviour to monitor proactively for malicious activity.

Last edited: 15 November 2023 4:34 pm