Cyber Risk Assessment for U.S. Businesses Holds Steady for First Quarter of 2019
More information: www.cyber-abc.com
The report reveals that since the fourth quarter of 2018, small firms showed a slight improvement—up to 740 from 737—while large firms moved from 646 to 643. These changes indicated relatively stable risk performance from quarter to quarter.
"The disparity in risk scores between small and large organizations is due to the fact that large firms have a wider attack surface and are more frequently the target of cybercriminals," said
"As businesses review the results for their organizations, it's important to note that industries carry different levels of risk, which are outside the control of individual firms," said Clare. "Banks are riskier than bakeries because they are richer targets, with more data to steal and that data is more valuable. The FICO® Cyber Risk Score looks at both security preparedness and sector-level risk factors, and both are reflected in the
Tips for Improving Cybersecurity
"When we launched the
Managing risk in the world of cybersecurity is about managing behavioral risk and skills gaps, as well as technical flaws. Based on the observations of thousands of businesses scored for the
- Use the
National Institute of Standards and Technology (NIST) Cybersecurity Frameworkto develop an information security program. The framework enables organizations—regardless of their size, risk profile, or cyber sophistication—to develop a cybersecurity plan or improve an existing one.
- Develop a reliable understanding of one's network. This includes identifying assets to apply security management based on risk.
- Identify functions and teams whose process and policy maturity are not performing adequately. This will enable organizations to identify weak links in technology, personnel, policy, and leadership.
- Oversee an organization's network team to confirm alignment to the details of network management policies. Avoid unnecessarily exposing network infrastructure assets and ensure correct configuration for those that must be exposed.
- Protect and monitor network endpoints. Organizations that monitor endpoints are able to provide an early warning of potential problems.
- Develop a process to confirm that active certificate management programs are in place and are being implemented.
More information on how to improve cybersecurity in your organization can be found in the report and on the FICO Blog.
Organizations that choose to learn more about their specific security performance can register for a free subscription at cyberscore.fico.com.
The Chamber has been leading on cybersecurity for years. In 2014, it launched a new comprehensive campaign under the banner Improving Today. Protecting Tomorrow™ to advance cybersecurity policies and legislation while educating businesses of all sizes about cyber threats and how to protect against them.
FICO (NYSE: FICO) powers decisions that help people and businesses around the world prosper. Founded in 1956 and based in
Join the conversation at https://twitter.com/fico and https://www.fico.com/blogs/.
For FICO news and media resources, visit www.fico.com/news.
FICO is a registered trademark of
View original content to download multimedia:http://www.prnewswire.com/news-releases/cyber-risk-assessment-for-us-businesses-holds-steady-for-first-quarter-of-2019-300830261.html
FICO Media: Greg Jawski, Porter Novelli for FICO, +1 212-601-8248, firstname.lastname@example.org; FICO Investors/Analysts: Steven Weber, FICO, +1 800-213-5542, email@example.com; U.S. Chamber of Commerce Media: Kathleen Ward, 202-463-5682, firstname.lastname@example.org