There’s one piece of information that every financially savvy American knows: their FICO® Score. And if that consumer is looking to secure any type of credit, the party on the other end of the transaction will use the FICO Score to critically inform an important decision: should my organization assume business risk by transacting with this person?
Now, in conjunction with National Cybersecurity Awareness Month, FICO is launching the new FICO® Enterprise Security Score (ESS), a metric that quantifies the vulnerability of an organization to cyber attack. This score can be used by an enterprise to understand its cyber risk and shore up defense gaps. The FICO Enterprise Security Score can also be used as an assessment tool by third parties such as cyber insurance providers and potential business partners.
A score that quantifies cyber risk
It’s my belief that in business circles, the FICO Enterprise Security Score will become part of the lingua franca of daily activity. Just as people brag about their FICO Scores at cocktail parties or on the golf course, business people will know, and take pride in, their company’s FICO Enterprise Security Score. Why? Because it matters.
The long tail of cyber vulnerability
Cybersecurity has emerged as the most critical issue for today’s enterprises. Cybercrime, whether perpetrated through data breaches, malware, ransomware or a multitude of other attack vectors, inflicts vast monetary and reputational damage. Organizations of all kinds are struggling to fight an enormous, amorphous enemy. Insurers lack standardized tools to assess and calculate cyber risk. Companies are unsure whether engaging with a new business partner will expose their assets and customer base to massive cyber threat.
Quantifying vulnerability is the first step in effectively fighting cybercrime. Just as the FICO Score provides the foundation for evaluating consumer credit risk, I believe the FICO Enterprise Security Score will become the cyber analog in the business-to-business world. Our proven empirical approach to analytically assess risk—as opposed to relying on notional methods—has made FICO an objective, trusted third party in numerous industries: consumer credit decisions, fraud protection, credit card portfolio management and broad-based analytic decision management.
I am confident that the FICO Enterprise Security Score will add cyber risk management to this formidable list – and I can’t wait to see how positive changes in the cybersecurity ecosystem unfold.
Follow me on Twitter @ScottZoldi.