Case Study: NASA achieves 50% efficiency savings and stronger supply chain cybersecurity with BitSight's Third-Party Risk Management

Mitigating Supply Chain Vulnerabilities with BitSight’s Third-Party Risk Management Solution

NASA, responsible for multi‑million‑dollar missions and human safety, faced a major supply‑chain cybersecurity challenge: it relies on more than 3,000 vendors but had been using manual monitoring, public disclosures, and breach notices that missed many risks. To get deeper, real‑time visibility into third‑ and fourth‑party risk, NASA adopted BitSight—specifically BitSight for Third‑Party Risk Management (TPRM) with a deep integration into the GRC tool Interos.

BitSight’s TPRM solution delivered daily alerts, easy‑to‑understand security ratings and a real‑time dashboard that helped NASA uncover high‑risk vendors (including those using services banned under Section 889), align vendors to the NIST Cybersecurity Framework, and prioritize assessments and remediation. The automated monitoring and reporting produced about 50% time and efficiency savings, faster, data‑driven risk prioritization, and timely, actionable alerts and reports that reduced supply‑chain exposure and improved NASA’s vendor security posture.

NASA

Kanitra Tyle

Information and Communications Technology (Ict) Supply Chain Risk Management (Scrm) Service Element Lead