The second level to understanding a company or organization's cyber risks and risk management strategies is the BreachRisk™ Report, which is available quarterly for free when you sign up for a BreachRisk™ for Business account. The BreachRisk™ Report can also be shared securely with other organizations for free through your BreachRisk™ Dashboard. If you are using BreachRisk™ Portfolio services, you can also request that companies in your portfolio share their Report with you.
What's in the Report?
A BreachRisk™ Report adds a first layer of detail to the BreachRisk™ Score with details found from analyzing a company's IT infrastructure. The report contains the various threats that went in to determining a BreachRisk™ Score, providing an accurate representation of potential security threats.
Our cyber risk chart describes these threat vectors with green, yellow, and red to easily identify the risk level. The placement of the markers on the risk chart is based on two things: the likelihood a cyber attacker could successfully breach and the impact to your organization. Using this proven measurement system, the danger rating for an individual threat describes how easily an attacker could exploit it and the nominal danger that could be done.
Consider the Report's threat scatter plot a roadmap or plan of action. A high danger rating means an increased risk. All high and very high risks could indicate the need for immediate action to bolster defense again potential attacks or exploitations.
Start improving your security (and your score) by handling the highest risks first.
A threat's danger and likelihood can change over time. One way to decrease a vector's potential threat rating is to enable Penetration Testing, allowing for active testing of existing security measures. Only available for BreachRisk™ for Business Pro level and above.
In addition to the summary of threats and their plotting along the risk management chart, the report contains a summary of the BreachRisk™ Score history and a plain language assessment of positive and aggravating factors to help understand how the score was influenced. The Score History chart allows for a quick understanding of the Score trend, whether security has improved or worsened over time.
The plain language assessment, "Factors Influencing Your BreachRisk™ Score" contains non-specific and recommendations for continuing to improve the Score, recommendations are described in such a way as to be comprehensible (if not addressable) by someone without a technical background.
Premium BreachRisk™ for Business subscribers will be able to access past versions of their Report, allowing you to see full Reports and how each component of it has changed over time.
The goal of the BreachRisk™ Report is to provide more information for making smart business decisions when it comes to cyber security. While the specificity is increased from the Score, the Report is meant to be high level and to allow for conversations across company departments. It should allow for understanding even for those without a technical or security background.