What You Need to Know About Cybersecurity Ratings

What Are Security Ratings?

Security ratings are metrics used by a number of different companies to quantify businesses’ cyber risk. As security ratings continue to mature, more organizations in the public and private sectors leverage ratings to make business and risk decisions.  Because of the increased interest in security ratings, the US Chamber of Commerce has some recommendations for industry-wide approaches to increase the public confidence in them:

  • Promote quality and accuracy in the production of security ratings·
  • Promote fairness in reporting·
  • Include a coordinated process for adjudicating errors or inaccuracies in reported content·
  • Establish guidelines for appropriate use and disclosure of the scores and ratings

Some Issues Associated With Security Ratings

The general purpose of these guidelines is to provide security ratings that are as trustworthy and well-known as the current system of credit ratings. This is a worthy goal, but the cybersecurity sector just isn’t there yet. The meaning of a specific security rating can be hard to pin down, as it depends on the company’s data set as well as the methodologies they apply to those data sets.

Where Do Security Ratings Fail?

Security ratings may be incorrect, for a couple of reasons:

  • Ratings that use external data can be very vulnerable to tweaking the rating system in the favor of the business. That is, companies can make small changes that only affect their score, and don’t address the underlying security issues.
  • Ratings that use internal verticals can be years out of date.

The Only True Use of a Security Rating is Comparison and Tracking

Compare the relative security of your assets and/or your suppliers to each other.  Track the progress you’ve made.  Getting the most accurate security rating is predicated on having a recent internal cybersecurity assessment.

The SecurityGate.io platform automates this process, giving you access to your company’s milestone progress to cybersecurity compliance, as well as all your suppliers and vendors.  You can then quickly isolate your security issues with the most up-to-date information.



Brent Gage

After beginning his career as a roustabout on an offshore drilling rig, Brent is now the Manager of Cybersecurity at SecurityGate.io who performs client consultation and assessments while maintaining and monitoring the platform’s hosting infrastructure.

Share this post


Recent Articles

About Us

Contact Us