Inside the Security Ratings for the Riskiest Government Contractors

The government of the Unites States of America is perhaps the largest target on Earth for cyber attacks. The US has plenty of enemies, a track record of perpetrating cyber warfare and espionage (even upon its allies), numerous recent instances of susceptibility to such attacks, countless official documents attesting to its weakness against cyber attacks, and, of course, the US government leads the wealthiest nation with the most powerful military. These facts are not lost on the good people responsible for the well being of American citizens and people all over the world.

Read More

Security Ratings Explained

The Problem of Digitization The digitization of business has increased the speed of commerce, the scope of customers, the understanding of consumer habits, and the efficiency of operations across the board. It has also increased the risk surface of business, creating new dangers and obstacles for the business itself, not just its technology. This risk is compounded by the interrelations of digital businesses as data handling and technological infrastructure is outsourced, as each third party becomes a vector for breach or exposure for the primary company. The technical nature of this risk makes it inaccessible to those without advanced skills and knowledge, leaving organizations without visibility into an extremely valuable and critical part of the business.

Read More

What are Security Ratings?

Security ratings are like credit ratings, but for the assessment of a company’s web-facing applications. Where a credit rating lets a company determine the risk of lending to a prospective debtor, a security rating lets it decide how risky it will be to deal with another in handling data. The comparison even flattens out when we remember one of the key principles ofcyber resilience: that cyber risk “is actually business risk, and always has been.”

Read More

UpGuard CyberRisk and Fair and Accurate Security Ratings Principles

In June of 2017 the U.S. Chamber of Commerce posted the “Principles for Fair and Accurate Security Ratings,” a document supported by a number of organizations interested in the emerging market for measuring cyber risk. The principles provide a starting point for understanding the current state of security ratings and for establishing a shared baseline for assessing vendors in that market.

Read More