Cybersecurity rating

Security ratings are an objective, data-driven, quantifiable measurement of an organization’s overall cybersecurity performance.[1]. Security ratings provide businesses and government agencies with a third-party, independent view into the security behaviors and practices of their own organization as well as that of their business partners. Security ratings are a useful tool in evaluating cyber risk and facilitating collaborative, risk-based conversations[2].

According to Gartner, cybersecurity ratings will become as important as credit ratings when assessing the risk of existing and new business relationships. Gartner predicts that these services will be a perquisite for business relationships[3]

Security Rating Services

The adoption of security rating services platforms is on the rise. In fact, Forrester Consulting found that 87% of respondents find security ratings valuable (37%) or extremely valuable (50%)[4]. There are a number of companies that provide security ratings services, including SecurityScorecard, BitSight, RiskRecon and UpGuard.

References

  1. ^“Principles for Fair and Accurate Security Ratings”. U.S. Chamber of Commerce. 2017-06-19. Retrieved 2020-02-12.
  2. ^“Principles for Fair and Accurate Security Ratings”. U.S. Chamber of Commerce. 2017-06-19. Retrieved 2020-02-12.
  3. ^“Innovation Insight for Security Rating Services”. Gartner. Retrieved 2020-02-12.
  4. ^“Adoption of security ratings platforms is on the rise”. Help Net Security. 2018-04-27. Retrieved 2020-02-12.

 

Ofer Abarbanel online library