Available in: Starter, Pro, and Ultimate
What is the Security Score?
Your organization and your customer organizations will receive a Security Score from 0 to 100. The score represents the organization's security maturity. The higher the number, the more secure it is.
The Security Score is located in the top right of the dashboard (Single Customer View). If the score passes the insurance threshold (80), you will be eligible to apply for cyber insurance (currently US only).
How is the Security Score Calculated?
Each individual security control is given a score. The Security Score is the sum of these individual scores. The maximum Security Score is 100.
The score is impacted by coverage and issues. These are details about how it is calculated:
Coverage:
Each security control impacts the score by a predetermined percentage (not all security controls are equally impactful).
The percentage of impact reflects a control's significance to the overall security posture.
If a security control is not activated, the score will be reduced by a predetermined percentage.
Issues:
Open issues within each security control impact the score by their severity and quantity.
The impact of issues is capped at the security control’s contribution to the overall score, ensuring no security control's issues can disproportionately affect the total score.
Info-level issues do not impact the score.
Selecting “ignore” to remediate an issue will positively impact the score. However, overuse of ignoring for critical and high-level issues can be included in an insurance audit and may negatively affect a claim.
How is the Security Score Different from the Prospecting Report Security Score?
The Security Score for your organization or an active customer’s organization is different from the Security Score in the Prospecting Reports for potential customers. Prospecting Reports only take the Dark Web Monitoring and External Footprint Scan into account whereas the Security Score on the dashboard takes all of the Security Controls into account. Therefore, when a potential customer becomes a customer, their score will change.
FAQ Cloud Data Protection
Question: Why is the security score in the prospecting report different from the one on the dashboard?
📍Answer: The Security Score for your organization or an active customer’s organization is different from the Security Score in the Prospecting Reports for potential customers. Prospecting Reports only take the Dark Web Monitoring and External Footprint Scan into account whereas the Security Score on the dashboard takes all of the Security Controls into account. Therefore, when a potential customer becomes a customer, their score will change.
Question: Why did the security score decrease?
📍Answer: The score will decrease due to either a reduction in coverage (deactivating a security control) or an increase in issues. Open issues within each security control impact the score by their severity and quantity.
Question: How is my security score calculated?
📍Answer: The score is impacted by coverage and issues:Each security control impacts the score by a predetermined percentage (not all security controls are equally impactful).
The percentage of impact reflects a control's significance to the overall security posture.
If a security control is not activated, the score will be reduced by a predetermined percentage.
Open issues within each security control impact the score by their severity and quantity.
The impact of issues is capped at the security control’s contribution to the overall score, ensuring no security control's issues can disproportionately affect the total score.
Info-level issues do not impact the score.
Selecting "Ignore" will positively impact the score. However, overuse of ignoring for critical and high-level issues can be included in an insurance audit and may negatively affect a claim.