Scoring and Rating

SecurityScorecard is an information security company that rates cybersecurity postures of corporate entities through completing scored analysis of cyber threat intelligence signals for the purposes of third party management and IT risk management.

Security scores are used by cyber insurance underwriters to evaluate a company's potential risk, by companies to evaluate the cyber-risk posture of third-party vendors and partners, and by senior executives to explain a company's cyber risk to its board of directors with an easy-to-understand rating.

Anything below a Secure Score of 30% means you are highly vulnerable I believe. – Anything below a Secure Score of 50% indicates that best practices have not been fully applied. – Around 67% is the Secure Score you should expect for a tenant configured to best practices and with all security features enabled.

Security ratings are an objective, data-driven, quantifiable measurement of an organization’s overall cybersecurity performance. Security ratings provide businesses and government agencies with a third-party, independent view into the security behaviors and practices of their own organization as well as that of their business partners. Security ratings are a useful tool in evaluating cyber risk and facilitating collaborative, risk-based conversations.

A rating agency is a company that assesses the financial strength of companies and government entities, especially their ability to meet principal and interest payments on their debts. The rating assigned to a given debt shows an agency's level of confidence that the borrower will honor its debt obligations as agreed.

Security ratings or cybersecurity ratings are a data-driven, objective, and dynamic measurement of an organization's security posture. They are created by a trusted, independent security rating platform making them valuable as an objective indicator of an organization's cybersecurity performance.

Just as credit ratings and FICO scores aim to provide a quantitative measure of credit risk, security ratings aim to provide a quantitative measure of cyber risk.

The higher the security rating, the better the organization's security posture.

Thousands of organizations like yours use security ratings as a tool to understand and mitigate a variety of critical, interconnected internal and external security risks.