When it comes to cybersecurity, the team at GBQ doesn’t believe “what you don’t know can’t hurt you.” The more visibility a firm has for cyber risks, threats, and vulnerabilities, the more time that is required to adjust and mature its security posture. That’s why we’ve partnered with SecurityScorecard, the global leader in security ratings, to empower growth of our clients and help protect what matters most.
Every firm must address the fact that there is a real probability of cyber attacks in today’s world. Most organizations would say they are taking measures to protect employee, customer, and partner data. The reality is most businesses have a rapidly increasing digital footprint that can be challenging to keep secure with their limited resources. Every firm connected to the Internet leaves a record of its online activity. Email, remote access, firewalls, cloud platforms, and websites by their very nature are purposely available to those the firm wants to communicate with, as well as those with malicious intent.
At no cost to our clients, SecurityScorecard evaluates a firm’s cybersecurity health from the same vantage point a malicious attacker has on the public internet.
SecurityScorecard ratings offer easy-to-read A-F ratings across 10 groups of risk factors. Machine learning-tuned risk factor weights optimize the correlation between our ratings and relative breach likelihood so you can make smarter business and security decisions. According to SecurityScorecard’s data, organizations with an F rating have a 7.7x higher likelihood of sustaining a breach compared to organizations with an A. We find, though, that even companies with A or B grades are surprised at what is exposed to the outside world.
By partnering with SecurityScorecard, our clients have the ability to conduct a self-assessment using SecurityScorecard. Additionally, clients can monitor their partners’ and vendors’ exposure to the same risks to ensure they are not working with vulnerable third parties. Many companies are using SecurityScorecard and similar technologies to evaluate the risk of key vendors in the supply chain. Firms with a B2B business model, particularly those that are considered to be a key part of their customer’s supply chain, handle confidential data for their clients. Those with network connections to their customer environments are increasingly being monitored with these tools as well.
SecurityScorecard does not replace cyber risk assessments, security assessments, tabletop exercises, and penetration tests, but does provide another data point for measuring a firm’s cyber security posture or meeting the testing and visibility requirements of many security and privacy regulations.
As cyber risk ratings are seen as being on par with credit risk, when it comes to what informs us about company stability and resiliency, it is an important part of the cyber defense arsenal.
Cyber insurance carriers are using SecurityScorecard and its competitors to rate the risk of insureds and prospects. There is a high probability that your cyber insurance carrier includes cybersecurity ratings as part of its underwriting process.
SecurityScorecard and GBQ’s team of builders, breakers, operators and auditors are pleased to empower growth of your organization by protecting what matters most. Take control of your cybersecurity risk and make informed decisions with confidence by signing up for a free SecurityScorecard account that allows unlimited team members (for once, we’re not counting!) to monitor your organization’s Scorecard and receive scoring alerts for up to five third parties.
Article written by:
Doug Davidson
Director of Information Technology Services