BreachBits has announced BreachRisk, a new standard to understand, measure and communicate cyber risk.
Built by U.S. military cyber warfare veterans and based on the same methods used by hackers, BreachRisk allows individual companies, insurers, portfolio managers and others to continuously assess an organization’s likelihood of a data breach while quantifying and communicating their risk reduction with a simplified cyber risk score.
“Our goal is to help organizations confront the rising tide of ransomware and other cyber attacks that are increasing every year. To accomplish that, you need more than strong defenses and advanced cybersecurity technology. You need to include more stakeholders in the effort,” said BreachBits CEO and Co-Founder John Lundgren. “With BreachRisk, we’ve taken the complicated processes that hackers actually use and translated that into a cyber risk score. Now everyone from the server room to the boardroom can better manage risk knowing where hackers will break in.”
The BreachRisk score uses a 10-point scale to communicate relative risk of a cyber breach without getting bogged down with technical details. The score includes context such as level of rigor, fidelity achieved and risk range. A BreachRisk report provides the next level of insight to understand and influence that score. The cyber risk scoring standard is easy to understand and allows an organization to safely share its risk summary with trusted parties, such as investors, cyber insurance providers, parent companies or new partners.
“BreachRisk helps you understand the risk of other companies, not just your own,” said BreachBits COO and Co-Founder J. Foster Davis. “Whether you’re trying to estimate risk for cyber insurance rates or conducting due diligence before a key acquisition, you can easily compare an organization’s risk over time or even compare companies to make smarter business decisions.”
The new BreachRisk scoring standard uses dynamic and strategic risk management principles implemented by organizations from the Pentagon to Wall Street. BreachRisk also considers threats far beyond the National Vulnerability Database with active attack methods and incorporates the Common Vulnerability Scoring System standard to characterize all threats in a way that is coherent and compatible. The resulting cyber risk score and report offer companies the most realistic and understandable breakdown of cyber risks so leaders can make better decisions.