SecurityScorecard has partnered with CompTIA ISAO to provide users with a risk rating for their company’s cybersecurity proficiency. This allows them to either boast a high grade or work on improving where they are struggling. It’s one thing for you to tell customers that you have the cybersecurity skills, processes, and tools to keep them safe. It’s another to prove it. CompTIA ISAO members now have this opportunity thanks to a new partnership between SecurityScorecard, which provides a cyber risk rating of their cybersecurity proficiency.
The risk rating is a badge that solution providers, MSPs and distributors can wear to show off their cyber prowess (if they have a high grade) or to highlight areas where they are struggling and what they can do better. According to M.J. Shoer (senior vice president and executivedirector of CompTIA ISAO), it can be valuable information that can help your business.
“It’s a clear description of your risk and the recommended steps to mitigate it. It’s important that customers have this information so they know that you’re paying attention,” Shoer stated at CompTIA’s EMEA Partner Conference in London. This conference was where the CompTIA ISAO was made available to UK companies. “Customers will be asking for third-party verified information about your business. It can be shown to vendors, and they can ask for their scores. It’s a great way to monitor your supply chain. You can help each other.”
CompTIA ISAO membership includes the cyber risk rating at no additional cost. This comes at a crucial time for MSPs as well as their clients, as cybersecurity threats continue increasing and getting more complex.
“My MSP sisters and brothers are getting killed.” It’s amazing that the cyber risk rating is offered as a benefit,” said Ian Thornton Trump, CISO at Cyjax and executive council member of CompTIA ISAO’s Cybersecurity Community. He is also a member of the CompTIA ISAO’s SME Champions Council. “Here’s the hard truth, especially in the U.S. Cybercriminals will run over your company and take out a lot of customers. What’s the outcome? You will be sued. You will be sued. It won’t work if it’s a D. But let’s give the benefit to the good guys.
A detailed risk rating report can be generated by users. It will describe where their risk lies and what they can do to reduce it. You might get five points if you update an old web browser.
“Tell me about the risk and then tell me how you can fix it. Shoer stated that you can then present the report to every customer or prospect who highlights your score. “This report is gold to my eyes.”
There is always room for improvement
Customers are concerned about security. Only 69% of respondents to CompTIA’s 2021 State of Cybersecurity Research Report feel that cybersecurity is improving, a drop of 80% from 2020. Similar to last year, 70% of employees were satisfied with their company’s cyber strategy, compared with 82%.
It is imperative that tech companies work with their customers to improve cyber resilience. Unfortunately, practices that were once considered acceptable might not be sufficient anymore.
Shoer stated that the average risk rating score of 1,200 CompTIA ISAO members was an 81. About 19% of members have earned an “A”, 49% have a “B”, 19% have a “C”, and 13% have a “D”.
“There is a lot of room to improve here. While there are some positive aspects, I don’t like how the grades are distributed. MSPs aren’t taking proper care of their homes enough. Shoer stated, “How can you provide valuable services if your house isn’t in good repair?” “We believe this will be a game-changer for the industry. If I was in the C or D quadrant, I wouldn’t feel confident trying to sell security services.
Making the World a safer place
SecurityScorecard’s goal, according to Jason Cowie (senior director of global strategic alliances at SecurityScorecard), is to provide companies, including customers, with security by ensuring that their tech partners don’t pose any unneeded risks.
“The likelihood of a third party breach is high for most entities that have adopted digital transformation.” Cowie stated that security ratings can be used to assess risk and exposure in order to improve security.
SecurityScorecard anticipates being actively monitoring over 20 million entities by 2021.
“Ultimately, our goal is to make the world safer. Security ratings are easy-to-communicate, non-intrusive and allow for entitie
