Failing to manage cyber risk could cost you money, reputation—and even your business. But it is difficult to protect yourself from something you don’t know about. A cyber risk score can help point out potential vulnerabilities and more.
So, what is a cyber risk score?
First, let’s start by defining risk. Cyber risk is the intersection of assets, threats, and vulnerabilities. To put it simply:
Threats + Vulnerability = Risk
A cyber risk score is an easy to understand representation of an organization’s level of exposure to cybercrime. The score takes the threats and vulnerabilities into account.
When it comes to cyber risk, the lower your score, the better. A lower score often indicates better cyber hygiene, stronger security practices, and can even result in lower insurance premiums over time.
How a Cyber Risk Score is Calculated by Trava
Trava first checks to see where your business is vulnerable. This is done by conducting a port scan, certificate scan, and breach scan.
65% of unauthorized access comes through 3 ports. Trava checks the external surface for open network ports and divides them into 4 categories:
- Normal ports
- Risky ports
- Administrative ports
- Other ports
Certificates protect your online identity and communication.
Certificates ensure that:
• No one has read your message
• No one has changed your message
• You are communicating with the intended entity
Without certificates, communications are susceptible to hijacking, identity spoofing, data loss, and denial of service.
Public breaches often contain various data classes that malicious actors can exploit to conduct further attacks against targeted organizations. Some of the most common types of data obtained from public breaches are username, email address, and password. 28% of data breaches in 2020 involved the use of stolen credentials.