The Forrester Wave™: Cybersecurity Risk Ratings Platforms, Q2 2024
Innovative scoring methodology created to address industry feedback
NEW YORK – Jan. 9, 2024 — SecurityScorecard today announced the industry’s first security ratings developed exclusively for telecommunications, internet service providers, and cloud providers. Through close collaboration with industry leaders, SecurityScorecard sets a new standard for cybersecurity across these critical sectors.
Jeff Simon, SVP & Chief Security Officer at T-Mobile, said:
“At T-Mobile, building cybersecurity into everything we do is a critical part of our mission to be the best at keeping customers connected to their world. Security ratings are an essential tool that we and other wireless providers use to help create a safer digital ecosystem for our customers, partners, and beyond. We applaud SecurityScorecard for their proactive efforts to advance security ratings for the telecom industry, and we believe that together, we can set new standards for cybersecurity.”
The universal standard for security ratings
Created in partnership with wireless providers to address industry feedback and requests for a tailored approach for their unique digital ecosystem, innovations include:
- New industry-specific scoring
SecurityScorecard’s algorithm now dynamically accounts for the distinctive complexities of specific industries. Through identifying industry-specific factors, such as open DNS resolvers, SecurityScorecard’s evaluation accounts for unique security landscapes and operational practices.
- Precision through Network Partitioning
Wireless providers are challenged with highly complex digital ecosystems because networks are their products. Previously, these companies were evaluated on all assets they owned, such as IPs and domains – even if their customers controlled most of these assets. To solve this, SecurityScorecard now excludes customer assets from their digital assets scored. Customer assets are outside their security policies, operational authority, and control, posing limited risk to these companies.
- AI automatically detects and categorizes assets leased to third parties
SecurityScorecard uses proprietary AI models to automatically detect and categorize assets leased to third parties. Organizations can audit the digital footprint detected by SecurityScorecard and understand how various assets impact their overall score. SecurityScorecard conducts regular audits to ensure the categorization of customer assets remains accurate.
- Positive scoring with user-contributed data
Any organization can now supplement its security rating with internal data, awarding achievements such as certifications, penetration testing, and cybersecurity training with positive scoring. SecurityScorecard provides a secure repository for certifications such as SOC 2 and ISO 27001 in its Evidence Locker. Once documentation is verified, organizations receive evidence-based score improvements.
Shinichi Yokohama, Chief Information Security Officer at NTT, said:
“SecurityScorecard has been an indispensable partner. The company’s commitment and dedication to understanding the unique challenges faced by the telecom industry will greatly contribute to our cybersecurity strategy. This collaboration will empower us to strengthen our security posture and foster a sense of shared responsibility within the industry.”
Collaborative cybersecurity trust and transparency
A staggering 85% of the top telecom companies in the U.S., U.K., France, Italy, Denmark, and Germany experienced a third-party data breach in the past 12 months alone. These eye-opening findings emphasize the critical need for a metrics-driven approach to cybersecurity across the supply chain.
Security ratings have the power to restore public trust in cybersecurity. With a watchful eye on over 12 million organizations, SecurityScorecard’s impact is not just theoretical — it’s empirical. An extensive study found organizations that achieve an A rating are 7.7 times less susceptible to a breach.
Christos Kalantzis, Chief Technology Officer of SecurityScorecard, said:
“We refine and improve our algorithm continuously to ensure that our ratings provide the most accurate reflection of a company’s cybersecurity. We believe that together, we will transform cybersecurity for the benefit of all.”
Free security ratings for all organizations
SecurityScorecard firmly believes that security ratings are a fundamental right necessary to safeguard society and the economy. Since its founding over ten years ago, SecurityScorecard has upheld an ethos of transparency, fairness, and inclusivity. This commitment is validated by the active participation of over 60,000 organizations on the SecurityScorecard platform.
Trust and transparency are built into all of SecurityScorecard’s products and services from the moment an organization registers for a free account. SecurityScorecard believes cybersecurity is a collective responsibility, and everyone should have a voice in ensuring the accuracy of security ratings.
Discover more about SecurityScorecard’s commitment to cybersecurity trust and transparency by visiting https://securityscorecard.com/trust/.
Availability
The enhanced scoring algorithm is available now globally, after being tested with industry leaders. For more information, read the white paper.
Any organization — at no cost — can always access and improve its security rating: https://securityscorecard.com/free-account/
ABOUT SECURITYSCORECARD
Funded by world-class investors, including Evolution Equity Partners, Silver Lake Partners, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings, response, and resilience, with more than 12 million companies continuously rated.
Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard’s patented rating technology is used by over 25,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight.
SecurityScorecard makes the world safer by transforming how companies understand, improve, and communicate cybersecurity risks to their boards, employees, and vendors. SecurityScorecard achieved the Federal Risk and Authorization Management Program (FedRAMP) Ready designation, highlighting the company’s robust security standards to protect customer information, and is listed as a free cyber tool and service by the U.S. Cybersecurity & Infrastructure Security Agency (CISA). Every organization has the universal right to its trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.
MEDIA CONTACT
Ashley Nakano
SecurityScorecard
[email protected]