Cyber Score is a methodology that allows companies to measure their cybersecurity maturity and risk level. The evaluation can be at the Company level or at the level of a particular product, system, or solution.
This methodology was created in an appropriate language so that Investors, Board Members and top Executives can understand the level of compliance of their Companies, in relation to the best practices and security policies worldwide, as well as follow their evolution with each new control adopted by the technical areas to mitigate the risks.
Cyber Score uses, as a base, the regulations, best practices and security policies that are published by the world’s most respected agencies and organizations that define regulations and standards, such as: NIST, ANSSI, ETSIAI, FIDO, SEC, among others.
The assessments are generated from the publications of these agencies and organizations. The SDL team and its partners develop the assessments that aim to understand this maturity level, which will be translated into the Cyber Score.
The questions that make up the assessments are extracted from one or more documents published by the main regulatory agencies or standard-setting entities, and this definition is made based on a previously defined scope, based on the assessment’s objective.
Each control receives a score, according to the level of criticality, divided into 3 scales:
Critical, Important, and Desirable.
Controls are also classified by level of implementation complexity, divided into:
High, Medium, and Low complexity.
All the assessments are filled out online, and at the end of it, the Company receives a complete report that contains its Cyber Score.
The report also contains suggestions for the implementation of controls that will allow the company to improve its cybersecurity maturity level, starting with the most critical and least complex to implement controls, all the way to the most complex to implement controls.
Go to Plans and see the assessments we have available and how they can help your Company, knowing your current level of maturity in cybersecurity, as well as the controls that may be adopted to mitigate cyber risks, based on the latest global regulations.