Bitsight is a global leader in cyber risk intelligence, leveraging advanced AI to support organizations with precise insights derived from one of the industry’s most extensive external cybersecurity dataset. Bitsight delivers real-time visibility into cyber risk and threat exposure, allowing teams to rapidly identify vulnerabilities, detect emerging threats, prioritize remediation, and mitigate risks across their extended attack surface.
Bitsight proactively uncovers security gaps across infrastructure, cloud environments, digital identities, and third- and fourth-party ecosystems. From security operations and governance teams to executive boardrooms, Bitsight provides the objective intelligence organizations need to manage cyber risk and operationalize cyber resilience.
Data resell
Moody’s and Bitsight partner to deliver a comprehensive view of organizational risk by combining cyber intelligence with broader business and financial data. Moody’s enriches Bitsight’s external cyber risk ratings, exposure insights, and threat intelligence with firmographic, financial, and entity-level context, helping customers better understand the business impact of cybersecurity risks.
Through this integration, organizations gain visibility across the extended attack surface, including third-party and supply chain risk, and can prioritize exposure based on real-world threat activity and business relevance. This helps risk, underwriting, and investment teams move beyond siloed risk views and incorporate cyber risk into core decisions alongside credit, operational, and compliance risks.
A fireside chat with Bitsight, Moody’s, and Ivalua.
8 July, 3:00 PM — 4:00 PM CEST
Continuously map internet-facing assets, vendors, and supply chain exposure to identify risk across the extended enterprise.
Combine cybersecurity data with firmographic and financial context to support a more holistic understanding of cyber risk and its potential business impact.
Leverage threat intelligence and externally observable risk signals to help identify and prioritize vulnerabilities and exposures that may present a higher likelihood of exploitation.
Embed cyber risk insights into broader risk management and business processes, such as third-party risk management, compliance, and due diligence, to support more consistent and informed decision-making.
Continuously monitor changes in cybersecurity posture and emerging threats across organizations and supply chains to improve awareness of evolving risk signals.
Moody’s highlights 10 major forces that provide a clearer view of the pressures redefining loss patterns, coverage needs, and long‑term resilience not only for insurers, but for the businesses and communities they serve.
With estimates of at least US$3 trillion of investments going into the construction of data centers and infrastructure worldwide over the next five years—to double data center global capacity by 2030, in the first of a multi-part blog series from Derek Blum and Theresa Lederer, they explore the challenges and opportunities that make data centers top of mind for many insurers.
Recent major cyber risk events such as Jaguar Land Rover and the AWS outage from October 2025 differed in cause, but they shared a common signature: losses propagating through shared technology dependencies that traditional cyber insurance portfolio views struggle to make visible.
With the second week of the U.K. Prudential Regulation Authority (PRA) Dynamic General Insurance Stress Test (DyGIST) exercise closing in and the PRA issuing its fourth scenario inject on May 14, Edwina Lister provides an update on how we have helped clients tackle the five scenarios from earthquakes, hurricanes, cyber attacks and market stress events, the current status of DyGIST, and looks ahead to the remaining weeks.
Amid growing concern about potential AI-driven economic disruption, we expect the impact of artificial intelligence (AI) on the global insurance sector to unfold gradually and to be credit neutral to positive overall.
How can cyber insurance-linked securities (ILS) providers and insurers distinguish between cyber events that are more ‘normal’ and those genuinely systemic cat events that the insurance industry should worry about?
