FICO® Enterprise Security Score

FICO® Enterprise Security Score assess the cybersecurity risk of any organization

Log In

FICO® Enterprise Security Score

FICO® Enterprise Security Score Profile

Focused on the needs of assessing third-party cybersecurity risk for cyber insurance underwriting as well as active vendor and partner management. Allows users to monitor the Enterprise Security Score of third parties without exposing specific details behind the results.

  • Help CROs and CPOs tackle active vendor management
  • Vet the risk of potential partners
  • Monitor the risk of your entire partner portfolio
  • Benchmark across categories or segments of partners
  • Support breach insurance underwriting

FICO® Enterprise Security Score Portrait

Designed to help CISO’s demonstrate and improve the security posture of their respective organizations. Delivers the actionable information needed to quickly understand risk exposure and proactively strengthen defenses.

  • Helps CISO’s demonstrate security performance over time
  • Delivers detailed threat info across all evaluated network assets
  • Provides drill-down to primary threat vectors
  • Delivers actionable information to proactively strengthen your defenses
  • Supports investment decisions and resource allocation
Balance competing objectives


Forecasts the likelihood of a future material data breach.

Balance competing objectives


Machine learning models that utilize historical data breach patterns.

Balance competing objectives


Concise intuitive metric from a trusted source in scoring.

U.S. Chamber of Commerce Principles for Fair and Accurate Security Ratings

The FICO® Enterprise Security Score is aligned with the U.S. Chamber of Commerce Principles for Fair and Accurate Security Ratings, which promote accuracy, fairness, utility, and transparency in the provision of cybersecurity scores and ratings (the “Principles”). FICO supports the Principles through its adherence to empirically-derived models for cyber risk scoring, prudent disclosure of contributing risk factors, sound model governance practices, and the enablement of direct client involvement in the resolution of data and definitional issues. FICO was a key contributor in the establishment of the Principles, and is committed to upholding them.

Use Cases

Balance competing objectives


Utilize FICO® ESS for cybersecurity risk assessments and underwriting decisions.

FICO® ESS accurately captures the risk posture of an organization as observed from an external vantage point. This risk estimate can be used to price insurance policies and determine exclusions or riders.

Balance competing objectives

Vendor Risk

Understand cybersecurity risk created by your relationship with your vendors.

FICO® ESS presents aggregated data and measurements that capture the cybersecurity risk of your vendors via a diverse set of measurements. Linked tools allow a conversation with your vendors regarding the reported data.

Balance competing objectives


Evaluate your cybersecurity posture on the basis of specific data measurements.

FICO® ESS provides organizations with continuous monitoring of key cybersecurity properties most associated with data breaches. FICO® ESS provides an easy-to-understand cybersecurity metric suitable for c-suite discussions.

Anatomy of a Score

FICO® ESS is based on an empirical score that relies on a comprehensive and diverse set of cyber security data signals in order to determine the risk profile for an organization. These signals capture several key symptoms including the health and hygiene of IT systems, network infrastructure and software and services. A historical set of these data signals is combined with a set of good and bad exemplars to train a machine learning model. This trained model then serves as the engine that can score any organization's cyber security posture and its data breach risk. The score is presented on a scale of 300-850.

Want to take your business to new heights?

Request more information. Enter your information and we will respond directly to you.