6 Principles for Cyber Risk Scores — and Why We Need Them

The use of scores that rate a firm’s cybersecurity risk — such as the FICO® Enterprise Security Score — is picking up momentum. In an effort to ensure that these scores consistently add value, and to ensure that they help rather than harm businesses, a group of firms recently convened to develop industry standards for cybersecurity ratings. FICO joined this group, along with several Fortune 500 companies and a number of the country’s biggest banks, and I am proud of the principles we...