Measuring Cyber Hygiene

Measuring Cyber Hygiene

What you can’t measure, you can’t improve.

  • When you’re driving a car, you have an indicator showing you the speed so that you know if you’re within the safety limits.
  • If you go to a doctor, they measure your blood pressure, weight, etc. to determine if you’re healthy.

In cybersecurity, nothing like this existed until SecurityScorecard came along.

We introduced a set of objective KPIs that are trustworthy, accurate, and could be used to compare companies to each other.

We do this by assembling hundreds of different signals across different categories of risk, such as application security, network security, endpoint security, leaked credentials, and shared records.

And we look for indicators of poor hygiene.

For example, if you go to a website and it says “Copyright 2005” at the bottom, you know that the organization has not updated it.

That's an indication of poor security hygiene.

There are hundreds of data points like this that you can measure and report on.

What are some ways of measuring cyber hygiene that you find particularly useful and effective?


SecurityScorecard is the global leader in cybersecurity ratings and the only
service with over 12 million companies continuously rated. The company is
headquartered in New York and operates in 64 countries around the globe.

#cybersecurity #cyberrisk #cyberratings #linkedin