Logo Header Menu

Cyber security scores: a new standard in mitigating risk?

Andrew Martin, founder and CEO of DynaRisk, explains how cyber security scores are improving employee engagement for enterprises Cyber security scores: a new standard in mitigating risk? image

It looks like cyber attacks are here to stay, and they’re costing businesses a lot of money. According to research from Accenture, cybercrime could cost companies globally $5.2tn over the next five years.

In response, businesses are doing the obvious; ramping up spending on technologies designed to stop cyber attacks entering their networks. While this increased spending has undoubtedly brought many security benefits, one can’t help but notice companies are still overlooking cyber security’s biggest threat: human error.

In 2018, research found that 88% of UK data breaches were caused by human error, and not direct cyber attacks, in the two years previous.

Limitations of security awareness training

With so many breaches being accidentally caused by employees clicking on phishing emails or unknowingly opening suspicious documents, businesses are increasingly looking to security awareness training courses to solve their woes.

However, according to Andrew Martin, founder and CEO of DynaRisk, these courses have major limitations in that they’re not relevant enough to the individuals doing the training.

Tech Nation’s cyber security cohort: DynaRisk’s company profile

DynaRisk has created the world’s first Cyber Security Score; much like a credit score it is designed to help you understand exactly how safe you are online

“The way that companies typically train employees is they either give them a PowerPoint deck to sit through or send them on training courses run by consultants, which are often very expensive and afterwards they get a quiz which everybody passes.

“Often the problem is that nobody is engaged; they go there because it’s just something that they have to do.”

Andrew Martin, founder and CEO of DynaRisk

Benefits of cyber security scores

This is why Martin argues it’s time companies consider a new approach that engages employees more effectively.

His company has built a system that combines personal risk factors with external data and algorithms to determine an individual’s level of risk online, and then gives them simple actions to take to protect themselves.

Facial biometrics: assuring genuine presence of the user

Andrew Bud, founder and CEO of iProov, helps explain how to assure genuine presence when dealing with facial biometrics –– the new standard in security

“People generally don’t care about their work device, what they care about is themselves. By giving somebody a score and telling them if they are doing good or bad they can begin to understand what it means to them,” said Martin. “The problem with cyber risk is that it’s nebulous, you can’t see it or touch it, but when you put it into a number, people become incentivised and energised to do something about it.”

Real-time metrics

According to Martin, another benefit to security scorecards over more traditional training programmes is that they provide real-time metrics to monitor employee behaviour post-training.

“If you get sent a phishing email and you click it, your score goes down, and if you don’t click it, your score goes up.”

AI in cyber security: predicting and quantifying the threat

Jonathan Pope, CEO and co-founder at UK cyber security company, Corax, explains how AI in cyber security can predict and quantify the threat

He added: “A lot of the training that’s done today is just an annual thing; one shot, that’s it, which again is not very engaging or effective. With a score-based system what you do is continuously engage people.”

Evening the playing field

Security scores come with another benefit, they allow companies to vet the accuracy of an assessment made by other organisations who might be trying to determine partner risk.

This also has benefits in the emerging area of cyber liability insurance where businesses are often feeling left in the dark when it comes to having their premiums determined.

Martin added: “If a company shares data from its security score with an insurance company, then that insurance company can take it into account for their underwriting practices, and then potentially reduce their policy premium.”

DynaRisk is part of Tech Nation Cyber — the UK’s first national scaleup programme for the cyber security sector. It is aimed at ambitious tech companies ready for growth.

Latest news

divider
Government & Public Sector
Prime Minister Lee Hsien Loong looking to the digital future: “We’ve plucked all the low-hanging fruit”

Prime Minister Lee Hsien Loong looking to the digital future: “We’ve plucked all the low-hanging fruit”

27 June 2019 / Prime Minister Lee Hsien Loong is optimistic about Singapore and the rest of South East [...]

divider
Automation
Andrew Yang, technofear and why we can’t wait years and years for an answer

Andrew Yang, technofear and why we can’t wait years and years for an answer

26 June 2019 / Another day another report, this time it is from Oxford Economics predicting that 20m manufacturing [...]

divider
Cloud & Edge Computing
Public cloud failing to meet expectations due to mass data fragmentation

Public cloud failing to meet expectations due to mass data fragmentation

26 June 2019 / Cohesity has released new research revealing 95% of UK organisations believe the promise of the [...]

divider
Digital Transformation
Digital transformation across sectors: driven by consumer demands — Smart Nation Summit

Digital transformation across sectors: driven by consumer demands — Smart Nation Summit

26 June 2019 / Digital transformation across different sectors varies. But, at its core, why businesses need to transform [...]

divider
Cyber Innovation
Tech Nation’s cyber security cohort: Novastone’s company profile

Tech Nation’s cyber security cohort: Novastone’s company profile

26 June 2019 / Information Age has partnered with Tech Nation to help explore 20 of the UK’s leading cyber security [...]

divider
Tech and society
Helping traditional industry SMEs to go digital

Helping traditional industry SMEs to go digital

26 June 2019 / How can governments encourage their traditional industry SMEs to go digital? Well, it’s a significant [...]

divider
Government & Public Sector
The IMDA: two years on — “trust and innovation are two sides of the same coin”

The IMDA: two years on — “trust and innovation are two sides of the same coin”

25 June 2019 / The IMDA — Singapore’s Infocomm Media Development Authority — has been driving it’s digital agenda for [...]

divider
Software and Applications
Learning to love technical debt

Learning to love technical debt

25 June 2019 / Technical debt gets a bad rap. Engineers and technologists tend to speak of it as [...]

divider
News
Jobs and automation: no need to fear finds The Economist Intelligence Unit

Jobs and automation: no need to fear finds The Economist Intelligence Unit

25 June 2019 / The Economist Intelligence Unit (EIU) has published a report sponsored by RPA company UiPath, that [...]

Do NOT follow this link or you will be banned from the site!

Pin It on Pinterest