3rd Party Risk Management , Governance , Risk Assessments

Reputational Risk and Third-Party Validation

CA Veracode's Ryan Davis on the Value of Security Ratings
Reputational Risk and Third-Party Validation
Ryan Davis, CA Veracode

Security ratings are increasingly popular as a means of selecting and monitoring vendors. But Ryan Davis at CA Veracode also uses BitSight's ratings as a means of benchmarking his own organization for internal and external uses.

"Taking somebody's word for it isn't enough these days," says Davis, an Information Security Manager at CA Veracode. "You can't just say 'Oh, yeah, well that person said they're secure ..."

For CA Veracode, security ratings provided by BitSight offer validation to prospective customers. "We want [customers] to be able to have that comfort that somebody else is also asserting that we're secure."

In an interview about the value of security ratings, Davis discusses:

  • How he employs BitSight Security Ratings;
  • The business value - internally and externally;
  • How these ratings can be a competitive differentiator.

Davis is CA Veracode's Information Security Manager. He is responsible for ensuring the security and compliance of thousands of assets in a highly scalable SaaS environment. Davis has more than 15 years of experience in information technology and security in various industries.

Prior to joining CA Veracode, Davis supported a number of different Department of Defense customers at MIT Lincoln Laboratory in various Information Assurance roles.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.